hacktricks/mobile-apps-pentesting/android-app-pentesting/inspeckage-tutorial.md

97 lines
5 KiB
Markdown
Raw Normal View History

2022-04-28 16:01:33 +00:00
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>
Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
**Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**
**Share your hacking tricks submitting PRs to the** [**hacktricks github repo**](https://github.com/carlospolop/hacktricks)**.**
</details>
2022-04-05 22:24:52 +00:00
**Tutorial copied from** [**https://infosecwriteups.com/genymotion-xposed-inspeckage-89f0c8decba7**](https://infosecwriteups.com/genymotion-xposed-inspeckage-89f0c8decba7)
2021-07-20 10:40:58 +00:00
2022-05-01 12:41:36 +00:00
## Install Xposed Framework <a href="#ef45" id="ef45"></a>
2021-07-20 10:40:58 +00:00
1. Download Xposed Installer APK from [here](https://forum.xda-developers.com/attachments/xposedinstaller\_3-1-5-apk.4393082/)
2021-07-20 10:40:58 +00:00
2. Download Xposed Framework zip from [here](https://dl-xda.xposed.info/framework/sdk25/x86/xposed-v89-sdk25-x86.zip)
3. Download Inspeckage v2.4 APK from the github repo [here](https://github.com/ac-pm/Inspeckage/releases)
Start the Virtual Device from the menu
![](https://miro.medium.com/max/1000/1\*7fprdQrerabZFKpDJSbHuA.png)
2021-07-20 10:40:58 +00:00
Make sure the device is online for adb
![](https://miro.medium.com/max/700/1\*Pt3zh1Od9ufQuo66rCge3g.png)
2021-07-20 10:40:58 +00:00
Drag and drop the Xposed framework zip file (`xposed-vXX-sdkXX-x86.zip`) to your virtual device display to flash the device.
2021-07-20 10:40:58 +00:00
2021-11-30 16:46:07 +00:00
Drag and drop Xposed Installer APK (`XposedInstaller_*.apk`). This should install and launch _Xposed Installer_ application. At this stage, it will display that the Xposed framework is installed but disabled:![](https://miro.medium.com/max/30/0\*0ddJI69QvpxC8rXq.png?q=20)
2021-07-20 10:40:58 +00:00
![](https://miro.medium.com/max/700/0\*0ddJI69QvpxC8rXq.png)
2021-07-20 10:40:58 +00:00
Reboot the device with `adb reboot` command. **Do not reboot from **_**Xposed Installer**_** as this will freeze the device.**
2021-07-20 10:40:58 +00:00
2021-11-30 16:46:07 +00:00
![](https://miro.medium.com/max/657/1\*V\_jl42vdOcJLXvS0riI7Gg.png)
2021-07-20 10:40:58 +00:00
Launch _Xposed installer_. It should display “Xposed Framework version XX is active”
![](https://miro.medium.com/max/700/0\*QUDB2ryUyIWz3nmZ.png)
2021-07-20 10:40:58 +00:00
Drag and drop the Inspeackage APK (app-release.apk) to your virtual device display to install the app.
2021-07-20 10:40:58 +00:00
After installing, Go to Xposed Installer → Modules→ Activate the Module → reboot via adb
![](https://miro.medium.com/max/623/1\*7sO6IX46hciTBUtWoyLEFQ.png)
2021-07-20 10:40:58 +00:00
2022-05-01 12:41:36 +00:00
## Dynamic Analysis with Inspeckage <a href="#7856" id="7856"></a>
2021-07-20 10:40:58 +00:00
After, Successful installing of Inspeckage and Xposed Installer. Now we can hook any application with Inspeackage. To do this follow the below steps
1. Launch the Inspeckage Application from the application drawer
2. Click on the “Choose target” text and select the target application
2021-11-30 16:46:07 +00:00
![](https://miro.medium.com/max/700/1\*J5J\_rCHOC0ga0YJ5kbwqbQ.png)
2021-07-20 10:40:58 +00:00
3\. Then forward VD local-host port to main machine using adb
2021-07-20 10:40:58 +00:00
```
2021-07-20 10:40:58 +00:00
adb forward tcp:8008 tcp:8008
```
![](https://miro.medium.com/max/1000/1\*4lEvYQBILsyr3DqTdiOzig.png)
2021-07-20 10:40:58 +00:00
4\. Now click on the “**LAUNCH APP**” Button and then visit [`http://127.0.0.1:8008`](http://127.0.0.1:8008)
2021-07-20 10:40:58 +00:00
5\. Now click Turn On the button to Inspect the app. (make sure `App is running:` status should be **True** before you “Turn On”
2021-07-20 10:40:58 +00:00
![](https://miro.medium.com/max/1000/1\*jCs1Qo4vlgKyb6yIGvIl4w.png)
2022-04-28 16:01:33 +00:00
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>
Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
**Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**
**Share your hacking tricks submitting PRs to the** [**hacktricks github repo**](https://github.com/carlospolop/hacktricks)**.**
</details>