ORP – The Open Research Project

Posted: April 3rd, 2021 | Author: | Filed under: Uncategorized | Tags: | Comments Off on ORP – The Open Research Project

We created the Exploitee.rs (formerly GTVHacker) over 10 years ago as a research group with the sole purpose of unlocking embedded devices for the public good. At that time, we were targeting GoogleTV devices but after the death of the platform, we migrated our research into general embedded devices. While each target provided a unique attack surface, we’ve historically relied on custom built tools that we’ve created to assist us in our research. These tools included items such as disassembler plugins which provided insight into interesting places within binaries to analyze or fuzzing harnesses which allowed for continuous background testing while performing our own manual analysis. While these tools have allowed us to focus our time on other areas, as each of us have evolved as researchers, we’ve embraced automation and added more to our internal tooling. This methodology has unfortunately provided more data output than we’ve been able to analyze and in some cases, we believe it has prevented vulnerabilities from being disclosed as quickly as could have been possible otherwise. While we’ve also looked at open sourcing our tooling, we prefer to keep the code private as we consider it valuable to our own future research.

Therefore, today we would like to introduce you to what we’ve been internally calling The Exploiteer’s Open Research Project (ORP). ORP will consist of a number of chat bots conducting automated research on different items including fuzzing open source projects, auditing APKs, and performing IOT firmware analysis. These bots would then output all results to our Discord chat server for analysis by the Exploitee.rs security community within designated channels. The project will start with the addition of our APK scanning bot which enumerates a list of top APKs within the Google Play store, then proceeds to search the APK and associated libraries for leaked credentials, databases, and private keys. After each round of APK downloading and analysis, the bot will restart allowing for constant testing of the newest top android mobile apps. We plan to evolve this bot to perform a deeper analysis of the APKs at a later point but will use the bots current output as a proof of concept for the general idea of crowdsourcing security analysis.

Example finding from ORP APK bot

We encourage researchers to comb through the results of the data and privately disclose the findings to the APK creators and while we appreciate credit, the goal of the project is to provide a safer environment for users by providing a form of independent checking of the mobile application ecosystem. We’re also hoping to improve the ORP projects output by collaborating with other researchers, so if you have an idea for an improvement or suggestion, please don’t hesitate to let us know.

If you’re interested in ORP, learning from other researchers, or Exploitee.rs in general, come chat with us on our Discord chat server.  We have a great community, we’re friendly and most of us don’t bite.