Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-24 21:53:54 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [master] one page and 4 assets modified

Browse source
This commit is contained in:
CPol 2020-09-09 20:40:34 +00:00 committed by gitbook-bot
parent d91cab5466
commit b6294455cf
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
5 changed files with 30 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
.gitbook/assets/image (364).png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 7.1 KiB

After

Width:  |  Height:  |  Size: 24 KiB

BIN
.gitbook/assets/image (365).png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 56 KiB

After

Width:  |  Height:  |  Size: 7.1 KiB

BIN
.gitbook/assets/image (366).png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 24 KiB

BIN
.gitbook/assets/image (367).png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 56 KiB

32
mobile-apps-pentesting/android-app-pentesting/avd-android-virtual-device.md
View file

@ -15,12 +15,12 @@ In Windows \(in my case\) **after installing Android Studio** I had the **SDK To
If you installed Android Studio, you can just open the main project view and access: _**Tools**_ --> _**AVD Manager.**_
![](../../.gitbook/assets/image%20%28364%29.png)
![](../../.gitbook/assets/image%20%28365%29.png)
Then, click on _**Create Virtual Device**_, _**select** the phone you want to use_ and click on _**Next.**_
In the current view you are going to be able to **select and download the Android image** that the phone is going to run:
![](../../.gitbook/assets/image%20%28365%29.png)
![](../../.gitbook/assets/image%20%28367%29.png)
So, select it and click on _**Download**_ **\(**now wait until the image is downloaded\).
Once the image is downloaded, just select _**Next**_ and _**Finish**_.
@ -180,3 +180,31 @@ However there are **a lot of different command line useful options** that you ca
* `-screen {touch(default)|multi-touch|o-touch}` : Set emulated touch screen mode.
* **`-writable-system`** : Use this option to have a writable system image during your emulation session. You will need also to run `adb root; adb remount`. This is very useful to install a new certificate in the system.
## Install Burp certificate on a Virtual Machine
First of all you need to download the Der certificate from Burp. You can do this in _**Proxy**_ --> _**Options**_ --> _**Import / Export CA certificate**_
![](../../.gitbook/assets/image%20%28366%29.png)
**Export the certificate in Der format** and lets **transform** it to a form that **Android** is going to be able to **understand.** Note that **in order to configure the burp certificate on the Android machine in AVD** you need to **run** this machine **with** the **`-writable-system`** option.
For example you can run it like:
```bash
C:\Users\<UserName>\AppData\Local\Android\Sdk\tools\emulator.exe -avd "AVD9" -http-proxy 192.168.1.12:8080 -writable-system
```
Then, to **configure burps certificate do**:
```bash
openssl x509 -inform DER -in burp_cacert.der -out burp_cacert.pem
CERTHASHNAME="`openssl x509 -inform PEM -subject_hash_old -in burp_cacert.pem | head -1`.0"
mv burp_cacert.pem $CERTHASHNAME #Correct name
adb root && adb remount #Allow to write on /syste
adb push $CERTHASHNAME /sdcard/ #Upload certificate
adb shell mv /sdcard/$CERTHASHNAME /system/etc/security/cacerts/ #Move to correct location
adb shell chmod 644 /system/etc/security/cacerts/$CERTHASHNAME #Assign privileges
adb reboot #Now, reboot the machine
```
Once the **machine finish rebooting** the burp certificate will be in use by it!