mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-30 00:20:59 +00:00
6.5 KiB
6.5 KiB
Android APK Checklist
{% hint style="success" %}
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Learn Android fundamentals
- Misingi
- Dalvik & Smali
- Nukta za kuingia
- Shughuli
- Mipango ya URL
- Watoa maudhui
- Huduma
- Vipokezi vya matangazo
- Mawasiliano
- Filita ya Mawasiliano
- Vipengele vingine
- Jinsi ya kutumia ADB
- Jinsi ya kubadilisha Smali
Static Analysis
- Check for the use of obfuscation, checks for noting if the mobile was rooted, if an emulator is being used and anti-tampering checks. Read this for more info.
- Maombi nyeti (kama programu za benki) yanapaswa kuangalia kama simu imejikita na yanapaswa kuchukua hatua kwa mujibu wa hilo.
- Search for interesting strings (nywila, URL, API, usimbuaji, milango ya nyuma, tokeni, Bluetooth uuids...).
- Umakini maalum kwa firebase APIs.
- Soma hati:
- Check if the application is in debug mode and try to "exploit" it
- Check if the APK allows backups
- Shughuli zilizotolewa
- Watoa maudhui
- Huduma zilizofichuliwa
- Vipokezi vya matangazo
- Mipango ya URL
- Je, programu inasaidia kuhifadhi data kwa njia isiyo salama ndani au nje?
- Je, kuna nywila iliyowekwa kwa nguvu au kuhifadhiwa kwenye diski? Je, programu inatumia algorithimu za usimbuaji zisizo salama?
- Maktaba zote zimeundwa kwa kutumia bendera ya PIE?
- Usisahau kwamba kuna kundi la waanalyzer wa Android wa statiki ambao wanaweza kukusaidia sana katika awamu hii.
Dynamic Analysis
- Prepare the environment (online, local VM or physical)
- Je, kuna kuvuja kwa data zisizokusudiwa (kuandika, nakala/paste, kumbukumbu za ajali)?
- Taarifa za siri zinahifadhiwa katika SQLite dbs?
- Shughuli zilizofichuliwa zinazoweza kutumika?
- Watoa maudhui wanaoweza kutumika?
- Huduma zilizofichuliwa zinazoweza kutumika?
- Vipokezi vya matangazo wanaoweza kutumika?
- Je, programu inasambaza taarifa kwa maandiko wazi/ikatumia algorithimu dhaifu? Je, MitM inawezekana?
- Kagua trafiki ya HTTP/HTTPS
- Hii ni muhimu sana, kwa sababu ikiwa unaweza kukamata trafiki ya HTTP unaweza kutafuta udhaifu wa kawaida wa Mtandao (Hacktricks ina habari nyingi kuhusu udhaifu wa Mtandao).
- Check for possible Android Client Side Injections (labda uchambuzi wa msimbo wa statiki utaweza kusaidia hapa)
- Frida: Just Frida, use it to obtain interesting dynamic data from the application (maybe some passwords...)
Some obfuscation/Deobfuscation information
{% hint style="success" %}
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.