Categories
Cyber Security Mobile App Testing

Installing Genymotion and Getting an Android .APK File

How to Extract an Android .apk with Genymotion:

**If you already have an .apk file you want to test –> check out our Mobile Security Framework or Drozer tutorials.

Why would I want to extract an .apk file when I can download one online??

Well there are a number of security reasons involved, starting with the fact that you should not trust and click on every download link that says it contains the file you want.  Then there is being a systematic, consistent, and thorough penetration tester.  This tutorial will prepare your environment to not only Dynamically Test a mobile application (Usiong the Burp Proxy with Genymotion) but also to statically test the SAME .Apk file through other means.

First things first you will need and .ipa or .apk file.  Basically for those of you who are new to Mobile Application testing these are just the files that store applications.

For the most part:

.ipa –> Apple iOS

.apk –> Android/Play Store

When testing iOS devices and extracting the application .ipa file it is required that you jailbreak a device in order to get the version of the application that has been installed onto your ipad/iphone that you are trying to test, I will update this article for a link once a newer jailbreak is released and I have a few minutes to demonstrate that process.

For today we will do a quick run through of how to extract an android .apk with the Genymotion Virtual Device Emulator.

*****Update on Genymotion 2.10.0+*****

Genymotion 2.10.0+ just became Geny 2.0 in my opinion.  All you do is download Genymotion, Add a new virtual machine, and then in the top right hand corner you will see a GApps icon. (This tutorial used to be 3x as long!)

Screen Shot 2017-11-06 at 2.38.00 PM.png

Click the Icon, accept the agreement, and install. Once the install is complete, power down the device, exit out of it and then start it all the way back up and Pachow, the Play store will be sitting right there ready to use.

**Having issues with your specific application working on Geny?**

Now it has come to my attention that at times some applications do not appear to function correctly on the Android Emulators (will not download from play store due to compatibility issues). This is where application side loading comes into play.  What side loading means is that you will:

  • Go to a site like apkmirror.com (They are run by Android Police, and are my go to trusted source for .apk files) and get your application.  The cool part is that you will be able to Drag-and-Drop this .apk file into Genymotion
  • First you must Download the ARM-Translation Package, by dragging the downloaded zip file into your Virtual Android Device (reboot afterwards). Then click and Drag your .APK package into your Genymotion Device.
  • Restart it manually or by typing adb reboot (to learn how to install ADB, see our Drozer Setup Tutorial.)

********************************************************************************

First things first when going to get your Android .apk file.  Hop on your mobile device or Genymotion Android Device and download ES File Explorer and the application in which you will be testing from the Google Play Store.

Once you pull up ES explorer as shown above, click on APPs find the application you want the .apk file for, press and hold the application and click back-up.

etar

As you can see right above us ^^^ the backed up application was saved at /sdcard/backups/apps/ as we traverse ES explorer to that location we can see that we have successfully created an .apk file for the desired application.

apk success.PNG

Throw this file into your Google Drive/Dropbox account and do what you wish with it!  What I personally recommend is that you:

  • Use a proxy like burp and manually test this Mobile Application in Genymotion.
  • Take a look into Mobile Security Framework to get  a better idea of how this application is built and its functionality while analyzing its source code,
  • Digging into the specific attack surfaces available by using Drozer.
  • Setup a dynamic analysis environment using Burp Suite.

Have fun, learn lots, and hack on.

Cyber Incision Out.

Categories
Cyber Security Mobile App Testing

Android App Hacking with Drozer – The Setup

 

Why Drozer?

 

MWR Labs has done an excellent job putting together this attack framework for Android Applications, Drozer Rocks.  They even have an excellent tutorial to help you get everything setup, what I found myself doing when I first learned how to use this tool was still needing other resources in order to complete my setup and get things working, here we bring it all together and get you up and running.

This tool helps analyze attack surfaces and display any attack surfaces in which Android applications have, and allow you to then use public exploits against the applications to make sure that your application has been tested and Validated!

This tool can also be used for Remote Exploits, when a shell is obtained, install the shellcode that Drozer generates, and now you have a remote administration tool on your target device.

You should need no other convincing than this that this tool needs to be in your suite of Android testing Tools right next to Mobile Security Framework (MobSF), Burp, and AndroidStudio.

Setup and Install~

 

First boot up Genymotion (instructions to load this tool are in the MobSF article posted here)  Pick an android device to emulate which is running anything after Android 2.1 and have your application downloaded from the Google Play Store (or sideloaded).

 

To begin head over to Team androids Page and Download the latest Google Drivers available and unzip them into your Mobile Web App Folder (or one that you will remember) Then right click your command console and run as an administrator.  We need to set our path to this folders location in order to use ADB at the command line.

chdir "C:\Desktop\FOLDER\Platform-Tools\"  Replace the words within the quotes to the files location on your workstation when running.

adb devices

In order to run the ADB command in the console you must be in the platform tools folder, this is important to note as the next thing we need to do is install the Drozer agent onto your genymotion device.

Side Note*** If using a physical android device please continue installing to Google USB Drivers onto your computer shown in the Team Android Post then connect the device to your workstation with a USB cable.

Then type adb devices as shown above in the screen capture.

this will pop up a list of the android devices which you have connected either via USB cable or via Genymotion Android Emulator

Building for Windows

NOTE: Windows Defender and other Antivirus software will flag drozer as malware (an exploitation tool without exploit code wouldn’t be much fun!). In order to run drozer you would have to add an exception to Windows Defender and any antivirus software.

We must also have python on our device as it is one of the dependencies of being able to use the Drozer toolset.

git clone https://github.com/mwrlabs/drozer/
cd drozer
python.exe setup.py bdist_msi

Installing .msi (Windows)

Run dist/drozer-2.x.x.win-x.msi 

**As you download this file, Windows Defender should catch it, back click on the alert and add the entire Folder as an exception to Windows Defender and Firewall in order to proceed.

Agent.APK Setup

Now download the Drozer agent.apk file here (this will be installed on your Android device so it can communicate back to the Drozer program on your workstation).

Stay in your platform tools folder so you can run this adb command and install it onto your Android device using the following command:

adb install "C:\Desktop\FOLDER\Drozer\agent.apk" Once again please replace with Your download location of the agent.apk file.

adb install agent.apk

You should then see the orange Drozer agent application symbol on your device.  finally forward your ports to the ports that Drozer uses with the following adb command:

adb forward tcp:31415 tcp:31415

drozer setup

Here you can see the setup I am using.  In Genymotion I have been using Google Nexus 9 – 5.1.0 API 22 devices with a screen size of 1536×1048.

I  find that I like the bigger screen size when working in Geny and it fills exactly half of my UHD display.

drozer agent on

 

Now, click your Drozer agent icon, and in the bottom right hand corner click the “off” button to turn it on.

 

Boom congratulations, you have now setup Drozer and are read to begin testing your Android Application.  Install it off of the Google Play store or sideload it into your Genymotion device, then head back to your command line.

You will navigate over to your Drozer folder which has all of the program files within it and run:

drozer console connect

***On a real(not an emulator) android device the ip of the device must be specified drozer.bat console connect --server 192.168.0.9

drozer running

If you are already knowledgeable on the inner workings of Android Testing Tool Drozer, hack on.  If not follow me on over to my next post.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In this article we jumped between three main articles, none of these will get you completely setup by themselves unfortunately which is why I am here to put all the steps together into this one article and be your one stop shop here at Cyber Incision.

  • The first being from Team Android who is going to get you up and running with fastboot, ADB (<—gotta have it), and Fastboot onto Windows 10
    • This set of drivers is also known as the Android SDK Tools (Follow this link to set this up) which is an advanced command line tool which will allow you to run operations on your Android Device and Emulator that would not have been possible before.
  • The Second Article worth reading is from the INFOSEC Institute which has provided an excellent introduction to Drozer, and can be used as a reference for many of the commands you will see here in this article
  • Finally is the MWR Drozer instructions manual which is an excellent reference point especially once you get past the introductory learning curve and begin using the Drozer modules.