Android Exploitation Setting up the Lab

Posted on by Leave a comment

I will be demonstrating today how to setup drozer and inseucrebankv2 for android exploitation.

Prerequisites:

I’m going to assume you have Kali Linux setup in a virtual machine, and you know the basics of Kali.

Let’s Begin

Type in the following command to install drozer.

apt-get install drozer

Drozer Install.jpg

Now type in this command to install ABD (Android Debug Bridge).

apt-get install adb

ADB Install.png

Now we need to set up the insecureBankv2

https://github.com/dineshshetty/Android-InsecureBankv2

git clone https://github.com/dineshshetty/Android-InsecureBankv2.git

Let’s install all the required modules.

cd AndroLabServer/ && pip install -r requirements.txt

Installing InsecureBankv2

Now let’s run the app.

python app.py

Python APP.jpg

Now plug in your device and copy the InsecureBankV2.apk file across and install it

or type in.

adb install InsecureBankV2.apk

Drozer App.jpg

We need to forward the connection to our VM (Virtual Machine)

adb forward tcp:31415 tcp:31415

Now we need to connect to drozer so type in.

drozer console connect

Go to the preferences

Drozer Preferences.jpg

Type in the IP Address of the machine that is running the app.py

Drozer Server

Use the credentials dinesh/Dinesh@123$ or jack/Jack@123$ and start using the application.

Drozer Credentials

Demonstration



tagged with , , , ,

Leave a Reply