hacktricks/mobile-pentesting/android-app-pentesting/inspeckage-tutorial.md

<details>

<summary><a href="https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology"><strong>☁️ HackTricks Cloud ☁️</strong></a> -<a href="https://twitter.com/hacktricks_live"><strong>🐦 Twitter 🐦</strong></a> - <a href="https://www.twitch.tv/hacktricks_live/schedule"><strong>🎙️ Twitch 🎙️</strong></a> - <a href="https://www.youtube.com/@hacktricks_LIVE"><strong>🎥 Youtube 🎥</strong></a></summary>

- Você trabalha em uma **empresa de segurança cibernética**? Você quer ver sua **empresa anunciada no HackTricks**? ou você quer ter acesso à **última versão do PEASS ou baixar o HackTricks em PDF**? Confira os [**PLANOS DE ASSINATURA**](https://github.com/sponsors/carlospolop)!

- Descubra [**A Família PEASS**](https://opensea.io/collection/the-peass-family), nossa coleção exclusiva de [**NFTs**](https://opensea.io/collection/the-peass-family)

- Adquira o [**swag oficial do PEASS & HackTricks**](https://peass.creator-spring.com)

- **Junte-se ao** [**💬**](https://emojipedia.org/speech-balloon/) [**grupo do Discord**](https://discord.gg/hRep4RUj7f) ou ao [**grupo do telegram**](https://t.me/peass) ou **siga-me** no **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/hacktricks_live)**.**

- **Compartilhe suas técnicas de hacking enviando PRs para o [repositório hacktricks](https://github.com/carlospolop/hacktricks) e [hacktricks-cloud repo](https://github.com/carlospolop/hacktricks-cloud)**.

</details>


**Tutorial copiado de** [**https://infosecwriteups.com/genymotion-xposed-inspeckage-89f0c8decba7**](https://infosecwriteups.com/genymotion-xposed-inspeckage-89f0c8decba7)

## Instalar o Framework Xposed <a href="#ef45" id="ef45"></a>

1. Baixe o APK do Xposed Installer [aqui](https://forum.xda-developers.com/attachments/xposedinstaller\_3-1-5-apk.4393082/)
2. Baixe o arquivo zip do Framework Xposed [aqui](https://dl-xda.xposed.info/framework/sdk25/x86/xposed-v89-sdk25-x86.zip)
3. Baixe o APK do Inspeckage v2.4 do repositório do github [aqui](https://github.com/ac-pm/Inspeckage/releases)

Inicie o Dispositivo Virtual no menu

![](https://miro.medium.com/max/1000/1\*7fprdQrerabZFKpDJSbHuA.png)

Certifique-se de que o dispositivo esteja online para adb

![](https://miro.medium.com/max/700/1\*Pt3zh1Od9ufQuo66rCge3g.png)

Arraste e solte o arquivo zip do Framework Xposed (`xposed-vXX-sdkXX-x86.zip`) para a tela do seu dispositivo virtual para instalar o dispositivo.

Arraste e solte o APK do Xposed Installer (`XposedInstaller_*.apk`). Isso deve instalar e iniciar o aplicativo _Xposed Installer_. Nesta etapa, ele exibirá que o Framework Xposed está instalado, mas desativado:![](https://miro.medium.com/max/30/0\*0ddJI69QvpxC8rXq.png?q=20)

![](https://miro.medium.com/max/700/0\*0ddJI69QvpxC8rXq.png)

Reinicie o dispositivo com o comando `adb reboot`. **Não reinicie a partir do **_**Xposed Installer**_** pois isso congelará o dispositivo.**

![](https://miro.medium.com/max/657/1\*V\_jl42vdOcJLXvS0riI7Gg.png)

Inicie o _Xposed installer_. Ele deve exibir "A versão XX do Framework Xposed está ativa"

![](https://miro.medium.com/max/700/0\*QUDB2ryUyIWz3nmZ.png)

Arraste e solte o APK do Inspeckage (app-release.apk) para a tela do seu dispositivo virtual para instalar o aplicativo.

Depois de instalar, vá para Xposed Installer → Módulos → Ative o Módulo → reinicie via adb

![](https://miro.medium.com/max/623/1\*7sO6IX46hciTBUtWoyLEFQ.png)

## Análise Dinâmica com Inspeckage <a href="#7856" id="7856"></a>

Após a instalação bem-sucedida do Inspeckage e do Xposed Installer. Agora podemos conectar qualquer aplicativo ao Inspeckage. Para fazer isso, siga as etapas abaixo

1. Inicie o aplicativo Inspeckage no menu de aplicativos
2. Clique no texto "Escolher destino" e selecione o aplicativo de destino

![](https://miro.medium.com/max/700/1\*J5J\_rCHOC0ga0YJ5kbwqbQ.png)

3\. Em seguida, encaminhe a porta local do VD para a máquina principal usando adb
```
adb forward tcp:8008 tcp:8008
```
4\. Agora clique no botão "**LAUNCH APP**" e depois visite [`http://127.0.0.1:8008`](http://127.0.0.1:8008)

5\. Agora clique no botão Turn On para inspecionar o aplicativo. (certifique-se de que o status `App is running:` deve ser **True** antes de clicar em "Turn On")

![](https://miro.medium.com/max/1000/1\*jCs1Qo4vlgKyb6yIGvIl4w.png)


<details>

<summary><a href="https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology"><strong>☁️ HackTricks Cloud ☁️</strong></a> -<a href="https://twitter.com/hacktricks_live"><strong>🐦 Twitter 🐦</strong></a> - <a href="https://www.twitch.tv/hacktricks_live/schedule"><strong>🎙️ Twitch 🎙️</strong></a> - <a href="https://www.youtube.com/@hacktricks_LIVE"><strong>🎥 Youtube 🎥</strong></a></summary>

- Você trabalha em uma **empresa de segurança cibernética**? Você quer ver sua **empresa anunciada no HackTricks**? ou quer ter acesso à **última versão do PEASS ou baixar o HackTricks em PDF**? Confira os [**PLANOS DE ASSINATURA**](https://github.com/sponsors/carlospolop)!

- Descubra [**A Família PEASS**](https://opensea.io/collection/the-peass-family), nossa coleção exclusiva de [**NFTs**](https://opensea.io/collection/the-peass-family)

- Adquira o [**swag oficial do PEASS & HackTricks**](https://peass.creator-spring.com)

- **Junte-se ao** [**💬**](https://emojipedia.org/speech-balloon/) [**grupo do Discord**](https://discord.gg/hRep4RUj7f) ou ao [**grupo do telegram**](https://t.me/peass) ou **siga-me** no **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/hacktricks_live)**.**

- **Compartilhe suas técnicas de hacking enviando PRs para o [repositório hacktricks](https://github.com/carlospolop/hacktricks) e [hacktricks-cloud repo](https://github.com/carlospolop/hacktricks-cloud)**.

</details>
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00			`<details>`

update twitter 2023-04-25 18:35:28 +00:00			`<summary><a href="https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology"><strong>☁️ HackTricks Cloud ☁️</strong></a> -<a href="https://twitter.com/hacktricks_live"><strong>🐦 Twitter 🐦</strong></a> - <a href="https://www.twitch.tv/hacktricks_live/schedule"><strong>🎙️ Twitch 🎙️</strong></a> - <a href="https://www.youtube.com/@hacktricks_LIVE"><strong>🎥 Youtube 🎥</strong></a></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Você trabalha em uma empresa de segurança cibernética? Você quer ver sua empresa anunciada no HackTricks? ou você quer ter acesso à última versão do PEASS ou baixar o HackTricks em PDF? Confira os [PLANOS DE ASSINATURA](https://github.com/sponsors/carlospolop)!`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Descubra [A Família PEASS](https://opensea.io/collection/the-peass-family), nossa coleção exclusiva de [NFTs](https://opensea.io/collection/the-peass-family)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Adquira o [swag oficial do PEASS & HackTricks](https://peass.creator-spring.com)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Junte-se ao [💬](https://emojipedia.org/speech-balloon/) [grupo do Discord](https://discord.gg/hRep4RUj7f) ou ao [grupo do telegram](https://t.me/peass) ou siga-me no Twitter [🐦](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[@carlospolopm](https://twitter.com/hacktricks_live).`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Compartilhe suas técnicas de hacking enviando PRs para o [repositório hacktricks](https://github.com/carlospolop/hacktricks) e [hacktricks-cloud repo](https://github.com/carlospolop/hacktricks-cloud).`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`


Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Tutorial copiado de [https://infosecwriteups.com/genymotion-xposed-inspeckage-89f0c8decba7](https://infosecwriteups.com/genymotion-xposed-inspeckage-89f0c8decba7)`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`## Instalar o Framework Xposed <a href="#ef45" id="ef45"></a>`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`1. Baixe o APK do Xposed Installer [aqui](https://forum.xda-developers.com/attachments/xposedinstaller\_3-1-5-apk.4393082/)`
			`2. Baixe o arquivo zip do Framework Xposed [aqui](https://dl-xda.xposed.info/framework/sdk25/x86/xposed-v89-sdk25-x86.zip)`
			`3. Baixe o APK do Inspeckage v2.4 do repositório do github [aqui](https://github.com/ac-pm/Inspeckage/releases)`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Inicie o Dispositivo Virtual no menu`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`![](https://miro.medium.com/max/1000/1\*7fprdQrerabZFKpDJSbHuA.png)`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Certifique-se de que o dispositivo esteja online para adb`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`![](https://miro.medium.com/max/700/1\*Pt3zh1Od9ufQuo66rCge3g.png)`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			Arraste e solte o arquivo zip do Framework Xposed (`xposed-vXX-sdkXX-x86.zip`) para a tela do seu dispositivo virtual para instalar o dispositivo.
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			Arraste e solte o APK do Xposed Installer (`XposedInstaller_.apk`). Isso deve instalar e iniciar o aplicativo _Xposed Installer_. Nesta etapa, ele exibirá que o Framework Xposed está instalado, mas desativado:![](https://miro.medium.com/max/30/0\0ddJI69QvpxC8rXq.png?q=20)
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`![](https://miro.medium.com/max/700/0\*0ddJI69QvpxC8rXq.png)`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			Reinicie o dispositivo com o comando `adb reboot`. Não reinicie a partir do _Xposed Installer_ pois isso congelará o dispositivo.
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
GitBook: [#2876] save 2021-11-30 16:46:07 +00:00			`![](https://miro.medium.com/max/657/1\*V\_jl42vdOcJLXvS0riI7Gg.png)`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Inicie o _Xposed installer_. Ele deve exibir "A versão XX do Framework Xposed está ativa"`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`![](https://miro.medium.com/max/700/0\*QUDB2ryUyIWz3nmZ.png)`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Arraste e solte o APK do Inspeckage (app-release.apk) para a tela do seu dispositivo virtual para instalar o aplicativo.`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Depois de instalar, vá para Xposed Installer → Módulos → Ative o Módulo → reinicie via adb`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`![](https://miro.medium.com/max/623/1\*7sO6IX46hciTBUtWoyLEFQ.png)`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`## Análise Dinâmica com Inspeckage <a href="#7856" id="7856"></a>`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Após a instalação bem-sucedida do Inspeckage e do Xposed Installer. Agora podemos conectar qualquer aplicativo ao Inspeckage. Para fazer isso, siga as etapas abaixo`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`1. Inicie o aplicativo Inspeckage no menu de aplicativos`
			`2. Clique no texto "Escolher destino" e selecione o aplicativo de destino`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
GitBook: [#2876] save 2021-11-30 16:46:07 +00:00			`![](https://miro.medium.com/max/700/1\*J5J\_rCHOC0ga0YJ5kbwqbQ.png)`
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`3\. Em seguida, encaminhe a porta local do VD para a máquina principal usando adb`
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00			`adb forward tcp:8008 tcp:8008`
			```
Translated to Portuguese 2023-06-06 18:56:34 +00:00			4\. Agora clique no botão "LAUNCH APP" e depois visite [`http://127.0.0.1:8008`](http://127.0.0.1:8008)
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			5\. Agora clique no botão Turn On para inspecionar o aplicativo. (certifique-se de que o status `App is running:` deve ser True antes de clicar em "Turn On")
GitBook: [master] 4 pages modified 2021-07-20 10:40:58 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`![](https://miro.medium.com/max/1000/1\*jCs1Qo4vlgKyb6yIGvIl4w.png)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00

			`<details>`

update twitter 2023-04-25 18:35:28 +00:00			`<summary><a href="https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology"><strong>☁️ HackTricks Cloud ☁️</strong></a> -<a href="https://twitter.com/hacktricks_live"><strong>🐦 Twitter 🐦</strong></a> - <a href="https://www.twitch.tv/hacktricks_live/schedule"><strong>🎙️ Twitch 🎙️</strong></a> - <a href="https://www.youtube.com/@hacktricks_LIVE"><strong>🎥 Youtube 🎥</strong></a></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Você trabalha em uma empresa de segurança cibernética? Você quer ver sua empresa anunciada no HackTricks? ou quer ter acesso à última versão do PEASS ou baixar o HackTricks em PDF? Confira os [PLANOS DE ASSINATURA](https://github.com/sponsors/carlospolop)!`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Descubra [A Família PEASS](https://opensea.io/collection/the-peass-family), nossa coleção exclusiva de [NFTs](https://opensea.io/collection/the-peass-family)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Adquira o [swag oficial do PEASS & HackTricks](https://peass.creator-spring.com)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Junte-se ao [💬](https://emojipedia.org/speech-balloon/) [grupo do Discord](https://discord.gg/hRep4RUj7f) ou ao [grupo do telegram](https://t.me/peass) ou siga-me no Twitter [🐦](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[@carlospolopm](https://twitter.com/hacktricks_live).`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`- Compartilhe suas técnicas de hacking enviando PRs para o [repositório hacktricks](https://github.com/carlospolop/hacktricks) e [hacktricks-cloud repo](https://github.com/carlospolop/hacktricks-cloud).`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`