/AndroidPentesting

Android pentesting is the process of evaluating the security of an Android application by identifying its vulnerabilities and weaknesses. It involves analyzing the application's source code, binary files, and network traffic to find security flaws. There are mainly 2 parts Static and Dynamic analysis.

MIT LicenseMIT

Android Application Penetration Testing

Dynamic Analysis

How to setup proxy

Configure the Burp Proxy Listener

To configure the proxy settings for - BurpSuiteProfessional

  1. Open Burp Suite Professional and click Settings to open the Settings dialog.

  2. Go to Tools > Proxy.

  3. In Proxy Listeners, click Add.

  4. In the Binding tab, set Bind to port to 8083 (or another port that is not in use).

  5. Select All interfaces and click OK.

  6. At the prompt, click Yes.

image

Configure your device to use the proxy

In your Android device, go to Settings > Network & internet.

  1. Select Internet and long-press the name of your Wi-Fi network.
  2. Select Modify.
  3. From the Advanced options menu, select Proxy > Manual.
  4. Set Proxy hostname to the IP of the computer running Burp Suite Professional.
  5. Set Proxy port to the port value that you configured for the Burp Proxy listener, in this example 8083.
  6. Touch Save

Screenshot from 2023-12-09 22-18-04

Install a CA certificate on your Android device

In order to interact with HTTPS traffic, you need to install a CA certificate from Burp Suite Professional on your Android device.

To download the CA certificate

  1. In your Android device, Open any browser and Enter http://burp
  2. Click on the CA certificate
  3. cacert.der is available for download
  4. rename the file as cacert.cer
  5. Click on Download

Screenshot from 2023-12-09 22-18-04

To install the CA certificate

  1. In your Android device, go to Settings > Network & internet.
  2. Click on the 3 dots in the upper right corner and select Advanced
  3. Select Install Certificates from Advanced Wi-Fi
  4. Select the downloaded cacert.cer file
  5. Enter a name to the certificate and click on OK
  6. Certificate installed successfully.

Screenshot from 2023-12-09 22-18-04

Depending upon the android version and device version there are multiple methods to install the CA certificate. Please refer the below links if this method not worked for your version.

  1. Setting up Burp for android application testing

https://github.com/HackWithSumit/Config-BurpSuite-With-AndroidEmulator

Test the configuration/ Intercepting the request

To test the configuration:

  1. Open Burp Suite Professional.
  2. Go to Proxy > Intercept and click Intercept is off to switch intercept on.
  3. Open the browser on your Android device and go to an HTTPS web page.
  4. The page should load without any security warnings. You should see the corresponding requests within Burp Suite Professional.

image

Local Data Storage Enumeration

In order to enumerate the file structure of an installed application, we need to have access to a real or emulated device. This could be achieved by using the Android Debug Bridge (ADB), a command-line tool that lets you communicate directly with the device. Using ADB, we can install and debug applications, while the Unix shell it provides can be used to run commands on the device.

Connecting via ADB

Enable the USB Debugging option on the device

Settings, then About Device or About Phone, depending on the device, and then we scroll down and tap on the Build Number seven times until the message “You are now a developer!” pops up.

Next, tap the back button one time and navigate to Developer Options.