Skip to content

Instantly share code, notes, and snippets.

@MrVaughan

MrVaughan/Tool Setup for Mobile Android Application Assessment.md

Last active July 10, 2018 13:49
Show Gist options
  • Save MrVaughan/58c138c1642db4e95844 to your computer and use it in GitHub Desktop.
Save MrVaughan/58c138c1642db4e95844 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Tool Setup for Mobile Android Application Assessment.md

##About I do android application assessments often. This is the list of tools and setup I use to perform my testing. It's a reminder for me for when I have to wipe/reload my computer.

###Enable Developer Mode on Test Device

  1. Go to the settings menu, and select "About phone."
  2. Scroll down to "Build number."
  3. Tap it seven (7) times.

###OpenJDK sudo apt-get install openjdk-7-jdk

####Select jdk-7 as default java environment sudo update-alternatives --config java

###android sdk http://developer.android.com/sdk/index.html#Other

###drozer Installs a rogue app you can communicate with through an interactive python environment. Let's you scan other installed apps, packages, services, and intents. A quick and easy way to fiew permissions and send IPC calls. Most of this stuff you can do with adb directly but this is a little more straight forward, and speeds up the process.

  1. https://www.mwrinfosecurity.com/products/drozer/#downloads

  2. Install the .deb package and push the .apk to the test device

    adb install drozer-agent-2.3.4.apk

  3. Enable the listening service in app on device and settup adb port forwarding

    adb forward tcp:31415 tcp:31415

###dex2jar After you unpackage/unzip an apk file you will want to reverse engineer the classes.dex file and bring it into a java decompiler like jd-gui. This tool will get you almost original source most of the time. Sometimes it will loose classes and headers so it is not great for recompiling and rebuilding the apk but it does give you the best readable format of the source.

https://github.com/pxb1988/dex2jar

###apktool If you are going to modify the application and repackage it you are best off using apktool. This will unpack the app to smali code (an intermediate langauge), which you can then modify and repackage/rebuild and sign a new apk with. Note: When you reinstall the apk overtop of the original (adb install) you will loose all user data as they don't have the same signature. http://ibotpeaches.github.io/Apktool/install/

###backup tool You can manually backup and extract applicaiton specific data using adb but this script can spead up the process. https://github.com/ChrisJohnRiley/Random_Code/tree/master/android%20backup

###adb backup Manual backup

adb backup packagename

One liner to decompress the backup.ab file

( printf "\x1f\x8b\x08\x00\x00\x00\x00\x00" ; tail -c +25 backup.ab ) | tar xfvz -

###jdgui For decompiling .jar files (after you run dex2jar) https://github.com/java-decompiler/jd-gui

###sqlite viewer Lots of files you pull off of an android app are sqlite files. sudo apt-get install sqlitebrowser

###Quark I'm new to this tool but it does automated scanning of android apps. Most of its checks can probably done manually with adb or drozer but this works pretty quickly at finding a whole range of issues. https://github.com/linkedin/qark

###Rooting tools

###Dynamic Memory Analysis Will add later

###Cert Pinning Bypass Android-SSL-TrustKiller (root required) https://github.com/iSECPartners/Android-SSL-TrustKiller

###Handy Apps to Have Installed on Device

@MrVaughan
Copy link
Author

thanks @aatifs, previously if I run into cert pinning I will reverse the app with apktool, patch the cert pinning check to alwasy pass in smali and rebuild but this would be much faster I am sure.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment