CanSecWest 2023

Magnetic Resonance Imaging (MRI), a medical device, allows tomographic imaging of human organs and measurement of blood flow. Using these features, modern doctors can easily detect diseases without having to perform open surgery as in the past. If it were possible to perform tomography on the app's code through a simple procedure, such as taking a picture like an MRI without invasion the app's process, and trace the flow of data used within the code, it would be an effective way to find vulnerabilities. Therefore, this paper proposes a new OS (interpreter, runtime, kernel) that performs MRI functions based on Android 12. On this new Interpreter, the Android app takes a picture of the dalvik instruction and register value at runtime when the target (data or function) is used, generating a Control Flow Graph (CFG) that traces the target's forward and backward execution, providing an effective environment for analyzing the app and finding vulnerabilities. Furthermore, I will explain the vulnerabilities discovered in mobile apps using the developed OS.