Step By Step Procedure for Android Pen testing Setup

step1:

For only x64 bit os add support of x86 libraries by executing below commands

sudo dpkg –add-architecture i386

sudo apt-get update

sudo apt-get install ia32-libs

For 32bit os nothing to just : sudo apt-get update

step2: Download the android ADT Bundle from google site.extract that zip file to any location then goto adt bulndle folder to the path /sdk/platform-tools and execute the commands below

link: http://developer.android.com/sdk/index.html

./adb

./adb start-server

step3: starting a android emulator or connecting an android mobile

To create a new virtual android emulator : goto adt-bundle folder to /eclipse and execute the eclipse

./eclipse

in Eclipse window , goto Menu–>Window–>Android Virtual Device manager , this will open a new window to create new android emulator

then click on the NEW button –> create a new android emulator to test and select the emulator

emulator settings

start

and click on start button , now the emulator works as new android mobile device to test the application

emulator

(OR)

To add android mobile device to adt tools:

connect the device through USB cable , make sure that debugging enabled in the mobile

step4: Checking wheather the device/emulator connected to adb shell

goto the path /sdk/platform-tools and type below

./adb

./adb devices

*above command will show the available devices , here we created one virtual android emulator that will show here or connected mobile device will appear here

step5:

To install new apk file to test , type the below command

./adb install test-app.apk

step6: Connecting to Proxy

To test the app’s we need one proxy tool to test , burpsuite or paros etc . start the proxy (eg., ip 127.0.0.1, port 8080) , then configure the same setting in the emulator/mobile . For this goto settings –>more –>Mobile networks–>Access Point Names –>GPRS —>give the proxy ip and port(eg., ip 127.0.0.1, port 8080)

proxy

step7: open the android app , try operating that app , each request will go through the Proxy . Test the app like the normal web application

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *