How To Test Android Application Security Using Drozer & InsecureBankv2?

Let’s Begin!

First of all, we need to forward the connection so type this command using the Android Debug Bridge (ADB)

adb forward tcp:31415 tcp:31415

Funny, 31415 is the start of the mathematical constant PI.

Now connect to drozer.

drozer console connect

Image result for drozer

How to Bypass the Login Screen?

To bypass the login screen we first need to get the activity info.

run -a

Now lets bypass!

run app.activity.start --component

bypass login drozer

Success!! it now should log you in.

How to Reset the Password Through SMS?

If you want to reset the password through SMS, type in this command here.

adb shell am broadcast -n --es phonenumber --es newpass

drozer sms

Awesome!, it should send you an SMS with the new password.

How to Reveal Sensitive Information From Backup?

First, we need to perform a backup so type in this command here.

adb backup -f backup.ab

Now, we need to extract this backfile using Android Backup Extractor tool.

java -jar abe.jar unpack

unpack backup drozer

When we unzip, there should be some juicy information.

Hope you enjoyed this information,

Remember practice is the key to success.


Let’s first decode the APK  and retrieve the Manifest file.

apktool decode AndroidManifest.xml

Open the AndroidManifest.xml in a text editor and you will see that, the majority of the Activities and the BroadcastCastReciever has “exported” set to true, this is what causes the Application to be vulnerable.


exported=”true” android:name=””>

Make sure  that “exported” is set to false

Manifest File.PNG


Leave a Reply