Android Vulnerability Assessment and Penetration Testing — Part 1

Well above gif is only for entertainment purpose, this not actually happens in Android VAPT 😛

What Is Android?

Have you installed the software in windows with .exe and Linux with .deb? Android is also equivalent to windows with .exe and Linux with .deb, which uses .apk and installs the application in Android-based mobile phones.

What do we do in Android VAPT?

In Android VAPT we perform

1. Static Analysis
2. Dynamic Analysis

Tools Required

1. apktool
2. dex2jar
3. vscode
4. Train your brain to develop an interest in Android VAPT ****

Statis Analysis

First, we will check the structure inside the apk.

After Extracting the apk you will get the following structure mentioned below :
1. AndroidManifest.xml
2. Classes.dex
3. resource.arsc
4. res
5. META-INF

Let’s Jump to points one by one

AndroidManifest.xml

The AndroidManifest.xml file contains information on your package, including components of the application such as activities, services, broadcast receivers, content providers, etc.
It also protects the application to block the access permission of sensitive information or function.

Below are the points that are components of the AndroidManifest.xml file:-
(Try to define in a very simple manner)

1. Activities: Changing the UI experience from starting the application to login into the application this process is known as Activities.
2. Services: Remember task manager in Windows, consider services as same. It continuously runs required services in the background.
3. Broadcast Receivers: This component responsible for register the event that going to occur.
4. Content Providers: Basically it provides the local or remote storage of data through which our application plays with.
5. Intent: It’s a communication channel between two activities to the application.
   a. Implicit:
   If a media file is requesting to open in a third-party application then it considers being implicit.
   b. Explicit:
   If the media file is opening into the application itself then it considers being explicit.

Classes.dex

It is commonly known as Dalvik Exchange and this is nothing but a compiled version of the java class.
We need a dextojar tool to decompiled the classes.dex file to make the file human-readable format.

resources.arsc

This file contains some binary format files and also includes the media data that may be required by the application.

res

This folder contains the device configuration and layouts.

META-INF

This folder contains the manifest information such as the java runtime environment when loading the jar file, version package, build number creating, security policies, and permissions

Now, let’s do some practical stuff to know more about those files and folder

We are using apktool to extract the files from the apk

After Performing the above operations you’ll get the list of files and directory that we have mentioned at the top.

Do CLAP if you find this blog useful. Will publish the second part soon with dynamic analysis👍

Contact me :

LinkedIn 😄:https://www.linkedin.com/in/raja-nagori/

Twitter 😄: https://twitter.com/RajaNagori7