Setting up an Android Pentesting Environment using Genymotion

For Android Pentesting, it requires a rooted android device or we can use an emulator, here we are going to set up an emulator.

step 1 —

Installing genymotion

• Download Genymotion from here, and install it on your host computer.
• Once genymotion is installed you can install a new device by clicking on the plus icon at the top right corner and selecting your desired template and keep network mode to Bridged

If some app contains ARM native code, then Genymotion will not be able to run the app as it consists of x86 (32-bit) architecture and will throw an error. You can avoid this problem by installing ARM translation library into emulated device

Note: At this point of time this library only supports up to android version 8.0 so download right package according to your emulated device’s specifications.

Step 2 —

Setting up Burpsuite

• Open Burpsuite and navigate to Proxy -> Options. In proxy listeners section, click on add and in Binding section give the binding port and set bind to address to “all interfaces” and click ok

• On Android device, Go to Settings → Network & Internet → WiFi and then Click on the gear icon next to Android Wifi. Now, Click on the Edit button → Advanced Options → Proxy → Manual.
• Add your system IP address in the proxy hostname and bind port as port number and Save.

• To install the certificate open a web browser and open http://burp/ and download the certificate

• go to file manager and rename the file Extention from .der to .cer and save it

• now go to setting →security →Encryption & credentials and then select install from sdcard and select the certificate file
• You will now be asked to “Name the certificate”, leave the certificate name as it is and tap “OK”

• The phone will revert to the security menu and will inform you via a small pop-up that the certificate is installed.
• To capture packets of apk with SSL pinning implemented we can install two applications Xposed and SSL unpinning.

Step 3 —

Installing and setup ADB

• To install ADB in Linux type command -

sudo apt-get install adb

• To connect ADB with the emulator check the IP address of the emulator which can be seen at the top

• Then go to the terminal and type

adb connect 192.168.136.101:5555

• And check if the device is connected on not by typing command ADB devices
• And can connect to shell of android by “adb shell”

APKTool

A tool for reverse engineering 3rd party closed binary Android apps. It can decode resources to the nearly original form and rebuild them after making some modifications. It also makes working with an app easier because of the project like file structure and automation of some repetitive tasks like building apk, etc.

1. Download apktool-2
2. Rename downloaded jar to apktool.jar
3. Move file (apktool.jar to /usr/local/bin (root needed)
4. Make sure both files are executable (chmod +x)
5. Try running apktool.jar via cli

APKSigner

sudo apt install -y apksigner

Jadx

Command-line and GUI tools for producing Java source code from Android Dex and Apk files

git clone https://github.com/skylot/jadx.git
cd jadx
./gradlew dist
alias jadx-gui="~/jadx/build/jadx/bin/jadx-gui"