![]() well, I don’t understand this framework at all but I’ll try my best to give a brief introduction to this framework. it is complex because to use this, you have to understand Javascript, Java (App development) and Python (Not necessary). this is an android debugging framework ` Frida`. One more thing is left and this is quite complex. Then you do what you do while debugging any other program in vscode or in pycharm. then you will press `launch app` to start the process of the app that you want to debug then double-click on that newly created process. To start debugging, click on it, and start the ADB server if you haven’t already then you should see the devices and processes on the devices. but it requires the ADB service to have one or more devices to run the application on that. you can use it to start debugging the application. There is a button (green bug icon) on the top bar of jadx-gui. for example the activity we found in the AndroidManifeast.xml file (sg.). We can read the source code for an activity. you can view the permissions and activities available in the apk. The first thing we do is see the AndroidManifeast.xml file in Resources because this file gives you the brief of the apk. you can download this or even use another apk file. for demonstration, I am using uncrackable2 apk. You can decompile `apk, dex, class, aar, jadx etc` files. Starting a Gradle Daemon (subsequent builds will be faster) Improved diagnostics for dependency resolution Picked up _JAVA_OPTIONS: eSystemAAFontSettings=on -Dswing.aatext=true you can download it from GitHub and build it. I am using jadx-gui which I like more than the CLI version. we should move on to a debugger & decompiler JADX. Now that we know little basics of android emulator and ADB. you will do this using the ADB shell and the activity will show up on the actual android emulator. There is a command which you can use to start an activity. So for example, I have this app installed `UnCrackable-Level2.apk` and the starting activity I have found is ` sg.`. Launchable-activity: name='sg.' label='' icon='' 08:22:59 level_2 → aapt dump badging UnCrackable-Level2.apk | grep -i activity Then you can run a dump on an apk to extract the activities. you can install it using apt package manager in Kali Linux. there are many ways to enumerate actions but the one I find simple is with the command ` aapt`. I have already told you the way to find packages in android using ADB. To do so you will need to know the package name and the activity (intent) in that package. You can even run an application from the ADB shell. To know the path of a package, you can use the following command: vbox86p:/ # pm path I can list out the packages installed on my device. Now that you are connected to the ADB service, you can get the shell of the system and literally do whatever you want. by the way, you won’t even need to run this command, I am using a Windows system to run Genymotion and the main system to run Linux That’s what made me use this netsh command.Īfter that, you can easily connect with the adb service. and keep one thing in mind, we are only doing this for IPv4 which means the socket address we are forming with port 5555 is for IPv4. Just make sure you type the correct IP in listenaddress. the default port for ADB service is always 5555. netsh interface portproxy add v4tov4 listenaddress= listenport=5555 connectaddress=0.0.0.0.0 connectport=5555 I have downloaded it on another windows system and I have forwarded port 5555 (ADB port) using netsh command. ![]() You can download this from here and install it on your system. The best thing I found about this is that you can run any android version with customization. you must have heard about it because almost all bug hunters use this to find bugs in android applications. The best emulator for testing purposes is Genymotion. The first and obvious thing would be an android system so that we may run our applications. basically, this article is a mix-up of setting up an android emulator, reverse engineering APKs and android debugging. we are going to do some basic of Frida, Jadx and Genymotion. Every time I see this image, I am always amazed to see how fast the android works even though there are so many layers.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |