2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2025-02-19 23:48:31 +00:00

GITBOOK-4041: change request with no subject merged in GitBook

This commit is contained in:
CPol 2023-08-21 15:08:15 +00:00 committed by gitbook-bot
parent 036fa3c3a6
commit b32c1bbf16
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF

View file

@ -25,12 +25,19 @@ Android Studio allows to **run virtual machines of Android that you can use to t
In Windows (in my case) **after installing Android Studio** I had the **SDK Tools installed in**: `C:\Users\<UserName>\AppData\Local\Android\Sdk\tools`
## JDK
For MacOS machines I recommend you to install the following version to be able to use the CLI commands mentioned in the following sections:
In mac you can **download the SDK tools** and have them in the PATH running:
```bash
brew install openjdk@8
brew tap homebrew/cask
brew install --cask android-sdk
```
Or from **Android Studio GUI** as indicated in [https://stackoverflow.com/questions/46402772/failed-to-install-android-sdk-java-lang-noclassdeffounderror-javax-xml-bind-a](https://stackoverflow.com/questions/46402772/failed-to-install-android-sdk-java-lang-noclassdeffounderror-javax-xml-bind-a) which will install them in `~/Library/Android/sdk/cmdline-tools/latest/bin/` and `~/Library/Android/sdk/platform-tools/` and `~/Library/Android/sdk/emulator/`
For the Java problems:&#x20;
```java
export JAVA_HOME=/Applications/Android\ Studio.app/Contents/jbr/Contents/Home
```
## GUI
@ -42,12 +49,12 @@ If you installed Android Studio, you can just open the main project view and acc
![](<../../.gitbook/assets/image (330).png>)
Then, click on _**Create Virtual Device**_, _**select** the phone you want to use_ and click on _**Next.**_\
\_\_In the current view you are going to be able to **select and download the Android image** that the phone is going to run:
In the current view you are going to be able to **select and download the Android image** that the phone is going to run:
![](<../../.gitbook/assets/image (331).png>)
So, select it and click on _**Download**_\*\* (**now wait until the image is downloaded).**\
**Once the image is downloaded, just select \_**Next\*\*\_ and \_**Finish**\_.
So, select it and click on _**Download**_ (**now wait until the image is downloaded).**\
**Once the image is downloaded, just select** `Next` and `Finish`.
![](<../../.gitbook/assets/image (332).png>)
@ -61,61 +68,34 @@ In order to **run** it just press the _**Start button**_.
## Command Line tool
### Prepare Virtual Machine
{% hint style="info" %}
In **MacOS** systems the executable is located in `/Users/<username>/Library/Android/sdk/tools/bin`
{% endhint %}
First of all you need to **decide which phone you want to use**, in order to see the list of possible phones execute:
```
C:\Users\<UserName>\AppData\Local\Android\Sdk\tools\bin\avdmanager.bat list device
id: 0 or "tv_1080p"
Name: Android TV (1080p)
d: 0 or "automotive_1024p_landscape"
Name: Automotive (1024p landscape)
OEM : Google
Tag : android-tv
Tag : android-automotive-playstore
---------
id: 1 or "tv_720p"
Name: Android TV (720p)
OEM : Google
Tag : android-tv
---------
id: 2 or "wear_round"
Name: Android Wear Round
OEM : Google
Tag : android-wear
---------
id: 3 or "wear_round_chin_320_290"
Name: Android Wear Round Chin
OEM : Google
Tag : android-wear
---------
id: 4 or "wear_square"
Name: Android Wear Square
OEM : Google
Tag : android-wear
---------
id: 5 or "Galaxy Nexus"
id: 1 or "Galaxy Nexus"
Name: Galaxy Nexus
OEM : Google
---------
id: 6 or "Nexus 10"
id: 2 or "desktop_large"
Name: Large Desktop
OEM : Google
Tag : android-desktop
---------
id: 3 or "desktop_medium"
Name: Medium Desktop
OEM : Google
Tag : android-desktop
---------
id: 4 or "Nexus 10"
Name: Nexus 10
OEM : Google
---------
id: 7 or "Nexus 4"
Name: Nexus 4
OEM : Google
---------
id: 8 or "Nexus 5"
Name: Nexus 5
OEM : Google
---------
id: 9 or "Nexus 5X"
Name: Nexus 5X
OEM : Google
[...]
```
Once you have decide the name of the device you want to use, you need to **decide which Android image you want to run in this device.**\
@ -127,9 +107,11 @@ C:\Users\<UserName>\AppData\Local\Android\Sdk\tools\bin\sdkmanager.bat --list
And **download** the one (or all) you want to use with:
{% code overflow="wrap" %}
```bash
C:\Users\<UserName>\AppData\Local\Android\Sdk\tools\bin\sdkmanager.bat "platforms;android-28" "system-images;android-28;google_apis;x86_64"
```
{% endcode %}
Once you have downloaded the Android image you want to use you can **list all the downloaded Android images** with:
@ -151,9 +133,11 @@ id: 2 or "android-29"
At this moment you have decided the device you want to use and you have downloaded the Android image, so **you can create the virtual machine using**:
{% code overflow="wrap" %}
```bash
C:\Users\<UserName>\AppData\Local\Android\Sdk\tools\bin\avdmanager.bat -v create avd -k "system-images;android-28;google_apis;x86_64" -n "AVD9" -d "Nexus 5X"
```
{% endcode %}
In the last command **I created a VM named** "_AVD9_" using the **device** "_Nexus 5X_" and the **Android image** "_system-images;android-28;google\_apis;x86\_64_".\
Now you can **list the virtual machines** you have created with:
@ -185,16 +169,20 @@ Pixel_2_API_27
You can simply **run any virtual machine created** using:
{% code overflow="wrap" %}
```bash
C:\Users\<UserName>\AppData\Local\Android\Sdk\tools\emulator.exe -avd "VirtualMachineName"
C:\Users\<UserName>\AppData\Local\Android\Sdk\tools\emulator.exe -avd "AVD9"
```
{% endcode %}
Or using more advance options you can run a virtual machine like:
{% code overflow="wrap" %}
```bash
C:\Users\<UserName>\AppData\Local\Android\Sdk\tools\emulator.exe -avd "AVD9" -http-proxy 192.168.1.12:8080 -writable-system
```
{% endcode %}
### Command line options
@ -229,9 +217,11 @@ First of all you need to download the Der certificate from Burp. You can do this
**Export the certificate in Der format** and lets **transform** it to a form that **Android** is going to be able to **understand.** Note that **in order to configure the burp certificate on the Android machine in AVD** you need to **run** this machine **with** the **`-writable-system`** option.\
For example you can run it like:
{% code overflow="wrap" %}
```bash
C:\Users\<UserName>\AppData\Local\Android\Sdk\tools\emulator.exe -avd "AVD9" -http-proxy 192.168.1.12:8080 -writable-system
```
{% endcode %}
Then, to **configure burps certificate do**:
@ -239,7 +229,7 @@ Then, to **configure burps certificate do**:
openssl x509 -inform DER -in burp_cacert.der -out burp_cacert.pem
CERTHASHNAME="`openssl x509 -inform PEM -subject_hash_old -in burp_cacert.pem | head -1`.0"
mv burp_cacert.pem $CERTHASHNAME #Correct name
adb root && adb remount #Allow to write on /syste
adb root && sleep 2 && adb remount #Allow to write on /syste
adb push $CERTHASHNAME /sdcard/ #Upload certificate
adb shell mv /sdcard/$CERTHASHNAME /system/etc/security/cacerts/ #Move to correct location
adb shell chmod 644 /system/etc/security/cacerts/$CERTHASHNAME #Assign privileges