Skip to main content

Android Application Penetration testing Part 3

RED SECURIUM provides BEST Ethical Hacking Training in Noida based on current industry standards that helps attendees to secure placements in their dream jobs at MNCs. RED SECURIUM provides Ethical Hacking Certified Courses in NoidaRED SECURIUM is standout amongst the most valid Ethical Hacking preparing organizations in Noida offering hands on practical knowledge and full job assistance with basic as well as advanced level Ethical Hacking training courses. At RED SECURIUM Ethical Hacking Training in Noida is conducted by subject specialist corporate professionals with 10+ years of experience in managing real-time Ethical Hacking projects.

Android Application Penetration testing Part 3


With my last article(Android Application Penetration testing Part 1), (Android Application Penetration testing Part 2)we had look at basic architecture and penetration testing tools. Now Let’s dig deeper with ADB.

Android Debug Bridge

Android Debug Bridge (ADB) is a versatile command-line tool that lets you communicate with a device
Adb install – It is used to install an apk file into an Emulated/Connected Device
Adb pull – It is used to fetch some data from an Emulated device (remote) to local host (local).
Adb push – It is used to push some data from localhost (local) to Emulated Device (remote).
Adb forward – Forwards socket connections from a specified local port to a specified remote port on the emulator/device instance.
Adb shell – Adb provides a UNIX shell that you can use to run a variety of commands on an emulator or connected device. In the terminal, you can use all adb commands
  • We can install applications via ADB shell or directly by using app use dashboard


Some Important notes

  • UID– Every time a new application is initiated in the Android device, it is assigned a unique User ID
  • PID– As every application has its own process id
  • GID– group IDs of the application that owns that process
Dumpsys meminfo – All process details
Android Application Penetration testing Part 3
Dumpsys meminfo name of .apk

Android Application Penetration testing Part 3


Android Package (APK) is the default extension for the Android applications, which is just an archive file that contains all the necessary files and folders of the application.
All data of the application in the device can be found in /data/data directory.
All applications (apk files) in device can be found in /data/app directory
Android Application Penetration testing Part 3
Standard permissions granted to the shell can be found in /system/etc/permissions # cat platform.xml
Android Application Penetration testing Part 3
Android Application Penetration testing Part 3

Hacks via ADB:

We usually open our android device by unlocking various gesture pattern or password key
Android Application Penetration testing Part 3
If you remove gesture. Key or password. The key which located at data/system, you can bypass that lock.
Android Application Penetration testing Part 3

Another method

Try with ADB shell
Cd /data/data/com.android.providers.settings/databases

sqlite3 settings.db

Update system set value=0 where name='lock_pattern_autolock';

Update system set value=0 where name='lockscreen.lockedoutpermanently'; .quit


Reset your phone. Don’t worry try a random pattern or pin or Password, you will bypass.

If you’re interested in online certification for hackers, check out Red Securium

For more information, visit our website.


Contact us:

Red Securium Pvt Limited Company
Address: Block A, A-25, Second Floor, Sector 3, Noida, Uttar Pradesh 201301
Telephone number: +91-120 429 1672
Website : redsecurium.org
Email: info@redsecurium.org
Mobile number: +91-931 991 8771
Blog: https://redsecurium.com/blog
Google+ Profile: Red Securium
Facebook profile: Red Securium
Twitter Profile: Red Securium
Instagram Profile: Red Securium

Comments

Popular posts from this blog

Phishing Campaigns Targeting Google and Yahoo Accounts To Bypassing Two-Factor Authentication Several phishing campaigns targeting hundreds of individuals across the Middle East and North Africa. The attacker targers HRDs, journalists, political actors. Amnesty International published a report on multiple campaigns that traget self-described “secure email” services, such as Tutanota and ProtonMail and another campaign that aimed in bypassing two-factor authentication. Crafted Phishing Sites – Secure Email Providers The phishing campaign primarily targeted popular secure email service providers such as Tutanota and ProtonMail. Threat actors used a well-crafted phishing page – by obtaining the domain tutanota[.]org, whereas the original domain of the service provider is tutanota[.]com. A phishing attack is one of the dangerous social engineering attacks that leads to capture a victim’s username and password that will get store it to an attacker machine and reuse it l...

software development services in noida

Red Securium Company Provide Software Development  Service In Noida Combining technological competency with domain expertise, Red Securium offers full spectrum of custom software design, development and deployment services for enterprises and SMEs to achieve exceptional business results.            Leveraging on its cross-functional width of expertise in application software development , Red Securium has developed the capabilities to build and run resilient applications at scale that seamlessly infuse your innovative ideas. Whether you are in need of the rapid development of a crucial business application or require the deployment and support for an entire suite of applications, we offer full software lifecycle coverage services. We adopt best practices and put highest levels of expertise to drive your technological assets deliver you business excellence and improved ROI. Custom Software Development Services in Noida Enterpri...

Tr0ll 1.0 – Vulnhub CTF Challenge Walkthrough

  Tr0ll 1.0 is an intentionally vulnerable machine, which is more of a   CTF  like type than real world scenario. Nevertheless, this machine has its own difficulties and you can learn some new stuff from it. So, let’s start. Enumeration Phase Let’s first run  netdiscover  to find the IP of our machine. netdiscover -r 192.168.1.1/24 After that, we run our typical  nmap  scan to see the open ports in the machine. nmap -A -sS -Pn -vv [target] Great we see many interesting stuff here. First of all, there is an open  FTP  port and we can connect to it with  anonymous access .  Also there is an open  http  port, we will run a nikto scan for it. The  ssh  port will be valuable later. From the nikto scan we got an interesting  /secret/  folder. When we get inside, we can understand why the machine got this name. Nothing interesting here, as you can see. we got trolled Let’s connect ...