Hello everyone, welcome back to a new article. Today, we'll be recapping our recent learnings. In our previous sessions, we set up a lab environment for Android Mobile Penetration Testing and Reverse Engineering.
Inside this Article:
We covered the installation of Android Studio and setting up an Android Virtual Device (AVD). We also introduced tools like APKTool, Dex2jar, JD-GUI, and Dozer, which are valuable for future Android Penetration Testing and Reverse Engineering endeavors.
Setting Up a Lab for Penetration Testing
This guide provides instructions on how to set up a lab environment for penetration testing. A well-structured lab is essential for safely practicing and honing penetration testing skills on various systems and applications.
In those
previous articles, I haven't covered the process of setting them up in a Linux
environment, and I've also not discussed the common challenges that arise with
Android Virtual Devices (AVDs)
.
Android Studio demands a dedicated graphics card for smooth AVD operation,
implying the need for high-end hardware to ensure seamless performance.
However,
the main emphasis of this article is directed toward crafting a lab environment
that caters to the capabilities of low-end devices. This configuration holds
significant importance for engaging in Android app penetration testing and reverse engineering activities.
To begin, we'll initiate the process of setting up an Android Virtual Device within a Virtual Machine.
Setting up an Android Virtual Device within a Virtual Machine
While there are various Android ISO images available for
manual installation, you won't need to follow those steps. You can conveniently
download the required files from the link I've provided in my blog.
Click Here to Download:
Here, on my screen, you'll notice an " Android.ova " file.
This particular file can be directly configured and launched without encountering any complications. Once you've got it, fire up VirtualBox.
Click " File," and select " Import Appliance ."
Import the downloaded OVA file. Locate the file on your computer, then click " Next ."
Review the settings or customize them as needed. Hit " Finish " to begin the import process.
After the import is done, you'll spot the "Android" virtual machine in the VirtualBox Manager.
Choose it, click on "Settings,"
And switch the network adapter to " Host-only adapter ."
With that done, we're ready to kick-start the VM. Android is up and running!
You can now
use the Android VM just like you would on an actual Android phone. It's a great
alternative to the Android Emulator.
Access Android VM from Kali Linux
To access the Android VM, we'll be using
Kali Linux. If
you're not familiar with Kali Linux, take a look at my article on the blog.
Kali Linux Hands-On: Choosing the Right Version
This guide provides hands-on information on how to choose the right version of Kali Linux for your needs. Kali Linux is a powerful penetration testing platform, and selecting the appropriate version is crucial for effective security testing.
Alright, Kali Linux is good to go. First, we need the IP address of the Android VM. Run the following command:
The result
will show the IP address, such as 192.168.95.118.
Now that we have the IP address, we need the Port ID to connect via adb. Let's scan the network using Nmap.
Upon scanning, we'll spot an open Port that we need. This
running server is adb, which facilitates communication between different
network services over a network.
If you've read this article, you have a basic understanding of ADB installation on Windows. If not, make sure to catch up.
ADB: Android Debugging Bridge
This guide provides information about ADB (Android Debugging Bridge), a versatile command-line tool that facilitates communication with Android devices for debugging, installing apps, and other tasks. ADB is essential for Android developers and enthusiasts.
ADB doesn't come pre-installed on Kali Linux, so we have to install it. To install it, run the following command:
With the installation
completed, we're all set to establish a connection with the Android Virtual
Machine.
To connect to the Android Virtual Machine, employ the following command, making sure to input the IP of the Android VM, followed by specifying the open Port.
Once connected, run adb devices, to list the devices connected to the workstation.
For a list of basic adb commands and their usage,
check out my blog.
Installing Scrcpy on Kali Linux
For showcasing the
Android VM, we'll utilize
Scrcpy. If you've
followed along with this article, you're already familiar with how we've set up
Scrcpy on Windows
.
Scrcpy: Display and Control of Android Devices
This guide provides information about Scrcpy, a tool that allows you to display and control your Android device from your computer. Scrcpy offers a convenient way to interact with your Android device's screen for various purposes.
Similar to ADB, Scrcpy isn't included by default in Kali Linux. After conducting a Google search, I came across the official documentation provided by Genymotion. As I scrolled down, I discovered the installation steps tailored for Linux.
Scrcpy Linux Documentation
This link directs you to the Linux documentation of Scrcpy, a tool that allows you to display and control your Android device from your computer. The documentation provides information about using Scrcpy on Linux operating systems.
Scrcpy is packaged in several distributions and package managers:
I attempted to execute the provided command but encountered an " unable to locate package " error, indicating that it didn't work as intended.
To overcome this, I decided to proceed with the manual installation steps .
Referring to the installation instructions on Scrcpy's GitHub repository , I started by installing the necessary packages. Copy and paste it into the terminal, following which I responded with "y" to proceed.
Once the necessary packages are installed, copy the second command and paste it on the terminal.
This command will clone the repository and execute the installation script automatically. This phase required some time to complete.
Upon a successful installation, we are now prepared to run Scrcpy, enabling to display and control of an Android virtual machine on the computer screen. To verify its functionality, execute the Scrcpy command and observe its behavior.
Installing Android SDK Toolkit on Kali Linux
Certain essential applications are missing from the Kali Linux distribution, such as the Android SDK tools, which encompass the Android build tools.
While
adb
is
often associated with Platform tools,
SDK tools
play a crucial role in
manual Android applications and DEX file creation.
To install the Android SDK on Kali Linux, first, we have to update the repository using the command sudo apt-get update.
After this, proceed to install the SDK manager. You can achieve this by running sudo apt-get install sdkmanager.
Once the SDK manager is successfully installed, the next step involves downloading Platform-tools and Build Tools onto Kali Linux. Execute the following command:
This will facilitate the automatic download of platform tools and build tools, with the target platform set to version 30.
You have the flexibility to adjust the targeted platform value according to your preferences. Once the installation is complete, you can easily identify the storage location of the build tools.
To verify the successful installation of these build tools, simply check the designated installation directory.
Within
this directory, you'll discover a comprehensive assortment of invaluable tools
that play a pivotal role throughout the entire Android APK building process.
Downgrade the Java to JDK-8
An important point to keep in mind is that Java plays a significant role in Android app reverse engineering.
While Kali Linux does come with Java pre-installed, it's worth noting that the latest version of Java might not function optimally with various Android build applications. As a result, it becomes necessary to downgrade Java to an earlier version.
In my case, I've chosen to work with JDK-8 for this purpose. During my attempt to install JDK-8 using the command, sudo apt-install openjdk-8-jdk, I encountered an error stating " Unable to locate package ."
To address
this issue, I'll guide you through the manual installation of
JDK-8. You can
apply similar steps to install other versions as well.
Open your preferred web browser, and navigate to this URL.
Oracle Java 8 - Download
This link provides access to download Oracle Java 8. Java 8 is a widely used version of the Java programming language, known for its stability and compatibility with many applications.
This webpage will offer access to the installation and archive files for JDK-8.
We'll specifically target the Linux version for installation. However, you'll notice various architecture options available. To determine your system's architecture, execute the command " uname -a " in your terminal.
Upon checking the result, I discovered that my system employs the x86_64 architecture. Consequently, I will download the x64 archive file. After completing the download, the next step is to prepare for the installation of JDK-8.
Navigate to the directory where the download is located.
Once there, extract the downloaded file.
After extraction, rename the folder to, " jdk-8 ."
To proceed, move this renamed folder to the /usr/lib/jvm directory. Open a new terminal, and navigate to the download directory and Execute the "mv" command to relocate the folder to its new destination.
Now, let's execute the following command:
This command instructs the system to add a new alternative for the Java executable. It designates the new alternative's location as ` /usr/lib/jvm/jdk-8/bin/java ` and assigns it a priority of 1. This means that if other alternatives for the `java` command exist, the system will give preference to the one specified in this command with a priority value of 1. This approach proves valuable for managing multiple versions of a program and seamlessly switching between them.
Similarly, we proceed to add new alternatives for other executables. Replace the word "java" with " javac " to add a new alternative for the Java compiler.
And then repeat the process for the "jar" command.
Having successfully installed Java 8, the next step is to configure it as the default Java runtime environment (JRE) interactively. This configuration is especially handy when dealing with multiple installed Java versions, and you wish to designate one as the default.
To achieve this, enter the command ` sudo update-alternatives --config java ` in the terminal.
This command prompts the system to present you with two alternative options for Java. You'll need to choose the number corresponding to the location of jdk-8 and press "Enter."
By following this step, you'll effectively update Kali Linux to use Java 8. In case you wish to revert to the previous Java version, simply execute a similar command and select the desired alternative.
These steps provide a robust mechanism for managing different Java versions of your system.
However, the Java compiler has not yet been updated to version 8. To achieve this, run the same command as before, but replace "java" with "javac." Then select the alternative "javac" option when prompted.
Likewise, proceed to update the path for the jar file.
Once these changes are made, you can verify them by checking the version:
There is some additional information that I have provided you in this video that can prove valuable for testing Android applications during Penetration Testing and Reverse Engineering. If you have any uncertainties or questions, please feel free to leave them in the comment section below.