Static Analysis
- unzip the apk
- it's basically a zip file
- apktool
- MOBSF
- The Nessus of mobile applications
- dex2jar
- Turn complied code into readable java code
- jd-gui
- Read the readable java code
Workflow:
- unzip → see what's in there → d2j classes.dex → jd-gui classes-dex2jar.jar → search for hardcoded secrets, code auditing/analysis
- apktool →AndroidManifest.xml → permissions, activities, content provider → grep smali files
- Run MOBSF
Dynamic Analysis
- FRIDA
- Frida server → Phone
- Frida client → Laptop
- DROZER
- Runtime Mobile Security (RMS)
- Objection
- Burp Suite
Test Frida and Objection
$ adb push frida.server /data/local/tmp/
$ adb shell
$ su
# cd /data/local/tmp/
# chmod +x frida.server
# ./frida.server &
$ frida-ps -Uai # to get the package
$ objection --gadget com.androidpentesting.securestore explore # explore with objection
$ frida -U -n "com.androidpentesting.securestore" # don't know why it doesn't work for me