# AVD - Kifaa cha Android Virtual
Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na htARTE (HackTricks AWS Red Team Expert)! Njia nyingine za kusaidia HackTricks: * Ikiwa unataka kuona **kampuni yako inatangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)! * Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com) * Gundua [**The PEASS Family**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee * **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.** * **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
Asante sana kwa [**@offsecjay**](https://twitter.com/offsecjay) kwa msaada wake wakati wa kuunda maudhui haya. ## Ni nini Android Studio inaruhusu **kuendesha mashine za kawaida za Android ambazo unaweza kutumia kwa kujaribu APKs**. Ili kuzitumia, utahitaji: * **Zana za Android SDK** - [Pakua hapa](https://developer.android.com/studio/releases/sdk-tools). * Au **Android Studio** (pamoja na Zana za Android SDK) - [Pakua hapa](https://developer.android.com/studio). Katika Windows (katika kesi yangu) **baada ya kusakinisha Android Studio** nilikuwa na **Zana za SDK zilizosakinishwa katika**: `C:\Users\\AppData\Local\Android\Sdk\tools` Katika mac unaweza **kupakua zana za SDK** na kuziweka kwenye PATH kwa kukimbia: ```bash brew tap homebrew/cask brew install --cask android-sdk ``` Au kutoka **Android Studio GUI** kama ilivyoelezwa katika [https://stackoverflow.com/questions/46402772/failed-to-install-android-sdk-java-lang-noclassdeffounderror-javax-xml-bind-a](https://stackoverflow.com/questions/46402772/failed-to-install-android-sdk-java-lang-noclassdeffounderror-javax-xml-bind-a) ambayo itawasakinisha katika `~/Library/Android/sdk/cmdline-tools/latest/bin/` na `~/Library/Android/sdk/platform-tools/` na `~/Library/Android/sdk/emulator/` Kwa matatizo ya Java: ```java export JAVA_HOME=/Applications/Android\ Studio.app/Contents/jbr/Contents/Home ``` ## GUI ### Tengeneza Mashine ya Virtual Ikiwa umeweka Android Studio, unaweza tu kufungua tazama mradi kuu na kufikia: _**Zana**_ --> _**Msimamizi wa AVD.**_
Kisha, bonyeza _**Tengeneza Kifaa cha Virtual**_
_**chagua** simu unayotaka kutumia_ na bonyeza _**Next.**_ {% hint style="warning" %} Ikiwa unahitaji simu iliyo na Duka la Kucheza iliyowekwa, chagua moja na alama ya Duka la Kucheza! ![](<../../.gitbook/assets/image (672).png>) {% endhint %} Katika tazama ya sasa utaweza **kuchagua na kupakua picha ya Android** ambayo simu itatumia:
Basi, ichague na ikiwa haijapakuliwa bonyeza ishara ya _**Pakua**_ kando ya jina (**sasa subiri hadi picha ipakuliwe).**\ Baada ya picha kupakuliwa, tu chagua **`Next`** na **`Finish`**. Mashine ya virtual itatengenezwa. Sasa **kila wakati unapoingia kwenye msimamizi wa AVD itakuwepo**. ### Anza Mashine ya Virtual Ili **kuianza**, bonyeza tu kitufe cha _**Anza**_. ![](<../../.gitbook/assets/image (334).png>) ## Zana ya Mstari wa Amri Kwanza kabisa, unahitaji **kuamua simu unayotaka kutumia**, ili kuona orodha ya simu zinazowezekana tekeleza: ``` C:\Users\\AppData\Local\Android\Sdk\tools\bin\avdmanager.bat list device d: 0 or "automotive_1024p_landscape" Name: Automotive (1024p landscape) OEM : Google Tag : android-automotive-playstore --------- id: 1 or "Galaxy Nexus" Name: Galaxy Nexus OEM : Google --------- id: 2 or "desktop_large" Name: Large Desktop OEM : Google Tag : android-desktop --------- id: 3 or "desktop_medium" Name: Medium Desktop OEM : Google Tag : android-desktop --------- id: 4 or "Nexus 10" Name: Nexus 10 OEM : Google [...] ``` Baada ya kuamua jina la kifaa unachotaka kutumia, unahitaji **kuamua ni picha ya Android ipi unayotaka kuendesha kwenye kifaa hiki.**\ Unaweza kuorodhesha chaguo zote kwa kutumia `sdkmanager`: ```bash C:\Users\\AppData\Local\Android\Sdk\tools\bin\sdkmanager.bat --list ``` Na **pakua** moja (au zote) unayotaka kutumia na: {% code overflow="wrap" %} ```bash C:\Users\\AppData\Local\Android\Sdk\tools\bin\sdkmanager.bat "platforms;android-28" "system-images;android-28;google_apis;x86_64" ``` {% endcode %} Baada ya kupakua picha ya Android unayotaka kutumia, unaweza **kuorodhesha picha zote za Android zilizopakuliwa** kwa kutumia: ``` C:\Users\\AppData\Local\Android\Sdk\tools\bin\avdmanager.bat list target ---------- id: 1 or "android-28" Name: Android API 28 Type: Platform API level: 28 Revision: 6 ---------- id: 2 or "android-29" Name: Android API 29 Type: Platform API level: 29 Revision: 4 ``` Wakati huu umekuwa umefanya uamuzi wa kifaa unachotaka kutumia na umeshusha picha ya Android, hivyo **unaweza kuunda mashine ya kawaida kwa kutumia**: {% code overflow="wrap" %} ```bash C:\Users\\AppData\Local\Android\Sdk\tools\bin\avdmanager.bat -v create avd -k "system-images;android-28;google_apis;x86_64" -n "AVD9" -d "Nexus 5X" ``` {% endcode %} Katika amri ya mwisho **Nimeunda VM iliyoitwa** "_AVD9_" kwa kutumia **kifaa** "_Nexus 5X_" na **picha ya Android** "_system-images;android-28;google\_apis;x86\_64_".\ Sasa unaweza **kuorodhesha mashine za kawaida** ulizounda kwa kutumia: ```bash C:\Users\\AppData\Local\Android\Sdk\tools\bin\avdmanager.bat list avd Name: AVD9 Device: Nexus 5X (Google) Path: C:\Users\cpolo\.android\avd\AVD9.avd Target: Google APIs (Google Inc.) Based on: Android API 28 Tag/ABI: google_apis/x86_64 The following Android Virtual Devices could not be loaded: Name: Pixel_2_API_27 Path: C:\Users\cpolo\.android\avd\Pixel_2_API_27_1.avd Error: Google pixel_2 no longer exists as a device ``` ### Kukimbia Mashine ya Virtual Tayari tumeshajifunza jinsi unavyoweza kuorodhesha mashine za virtual zilizoundwa, lakini **pia unaweza kuziorodhesha kwa kutumia**: ```bash C:\Users\\AppData\Local\Android\Sdk\tools\emulator.exe -list-avds AVD9 Pixel_2_API_27 ``` Unaweza kwa urahisi **kuendesha mashine halisi iliyoundwa** kwa kutumia: {% code overflow="wrap" %} ```bash C:\Users\\AppData\Local\Android\Sdk\tools\emulator.exe -avd "VirtualMachineName" C:\Users\\AppData\Local\Android\Sdk\tools\emulator.exe -avd "AVD9" ``` {% endcode %} Au kutumia chaguo za juu zaidi unaweza kuendesha mashine ya kawaida kama: {% code overflow="wrap" %} ```bash C:\Users\\AppData\Local\Android\Sdk\tools\emulator.exe -avd "AVD9" -http-proxy 192.168.1.12:8080 -writable-system ``` {% endcode %} ### Chaguo za amri ya mstari Hata hivyo, kuna **chaguo nyingi tofauti za amri ya mstari** ambazo unaweza kutumia kuanzisha mashine ya kawaida. Hapa chini unaweza kupata chaguo kadhaa za kuvutia lakini unaweza [**kupata orodha kamili hapa**](https://developer.android.com/studio/run/emulator-commandline) **Kuanza** * `-snapshot name` : Anza picha ya VM * `-snapshot-list -snapstorage ~/.android/avd/Nexus_5X_API_23.avd/snapshots-test.img` : Onyesha orodha ya picha zote zilizorekodiwa **Mtandao** * `-dns-server 192.0.2.0, 192.0.2.255` : Ruhusu kuonyesha seva za DNS zilizotenganishwa kwa kutumia koma. * **`-http-proxy 192.168.1.12:8080`** : Ruhusu kuonyesha wakala wa HTTP unaotumiwa (muhimu sana kwa kukamata trafiki kwa kutumia Burp) * `-port 5556` : Weka nambari ya bandari ya TCP inayotumiwa kwa konsoli na adb. * `-ports 5556,5559` : Weka bandari za TCP zinazotumiwa kwa konsoli na adb. * **`-tcpdump /path/dumpfile.cap`** : Kamata trafiki yote kwenye faili **Mfumo** * `-selinux {disabled|permissive}` : Weka moduli ya usalama ya Linux iliyoimarishwa kwa hali ya kuzimwa au ya kibali kwenye mfumo wa uendeshaji wa Linux. * `-timezone Europe/Paris` : Weka muda wa eneo kwa kifaa cha kawaida * `-screen {touch(default)|multi-touch|o-touch}` : Weka hali ya skrini ya kugusa iliyosanidiwa. * **`-writable-system`** : Tumia chaguo hili kuwa na picha ya mfumo inayoweza kuandikwa wakati wa kikao chako cha uigaji. Utahitaji pia kukimbia `adb root; adb remount`. Hii ni muhimu sana kwa kusakinisha cheti kipya kwenye mfumo. ## Kupata mizizi kwenye kifaa cha Duka la Kucheza Ikiwa umepakua kifaa na Duka la Kucheza, hautaweza kupata mizizi moja kwa moja, na utapata ujumbe wa kosa hili ``` $ adb root adbd cannot run as root in production builds ``` Kwa kutumia [rootAVD](https://github.com/newbit1/rootAVD) na [Magisk](https://github.com/topjohnwu/Magisk) niliweza kuiruhusu (fuata mfano kama [**video hii**](https://www.youtube.com/watch?v=Wk0ixxmkzAI) **au** [**hii nyingine**](https://www.youtube.com/watch?v=qQicUW0svB8)). ## Sakinisha Cheti cha Burp Angalia ukurasa ufuatao ili kujifunza jinsi ya kusakinisha cheti cha CA cha desturi: {% content-ref url="install-burp-certificate.md" %} [install-burp-certificate.md](install-burp-certificate.md) {% endcontent-ref %} ## Chaguzi Nzuri za AVD ### Chukua Picha ya Snapshot Unaweza **kutumia GUI** kuchukua picha ya snapshot ya VM wakati wowote: ![](<../../.gitbook/assets/image (336).png>)
Jifunze kuhusu kudukua AWS kutoka mwanzo hadi mtaalamu na htARTE (HackTricks AWS Red Team Expert)! Njia nyingine za kusaidia HackTricks: * Ikiwa unataka kuona **kampuni yako inatangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)! * Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com) * Gundua [**The PEASS Family**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee * **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.** * **Shiriki mbinu zako za kudukua kwa kuwasilisha PR kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.