You are previewing Learning Pentesting for Android Devices.
O'Reilly logo
Learning Pentesting for Android Devices

Book Description

Android’s popularity makes it a prime target for attacks, which is why this tutorial is so essential. It takes you from security basics to forensics and penetration testing in easy, user-friendly steps.

In Detail

Android is the most popular mobile smartphone operating system at present, with over a million applications. Every day hundreds of applications are published to the PlayStore, which users from all over the world download and use. Often, these applications have serious security weaknesses in them, which could lead an attacker to exploit the application and get access to sensitive information. This is where penetration testing comes into play to check for various vulnerabilities.

Learning Pentesting for Android is a practical and hands-on guide to take you from the very basic level of Android Security gradually to pentesting and auditing Android. It is a step-by-step guide, covering a variety of techniques and methodologies that you can learn and use in order to perform real life penetration testing on Android devices and applications.

The book starts with the basics of Android Security and the permission model, which we will bypass using a custom application, written by us. Thereafter we will move to the internals of Android applications from a security point of view, and will reverse and audit them to find the security weaknesses using manual analysis as well as using automated tools.

We will then move to a dynamic analysis of Android applications, where we will learn how to capture and analyze network traffic on Android devices and extract sensitive information and files from a packet capture from an Android device. We will then learn some different ways of doing Android forensics and use tools such as Lime and Volatility. After that, we will look into SQLite databases, and learn to find and exploit the injection vulnerabilities. Also, we will look into webkit-based vulnerabilities; root exploits, and how to exploit devices to get full access along with a reverse connect shell. Finally, we will learn how to write a penetration testing report for an Android application auditing project.

What You Will Learn

  • Understand the basics of Android Security Architecture and Permission Model Bypassing
  • Use and explore Android Debug Bridge (ADB)
  • Study the internals of an Android application from a security viewpoint
  • Learn to reverse an Android application
  • Perform the Traffic Analysis on Android devices
  • Dive into the concepts of Android forensics and data acquisition
  • Acquire the knowledge of Application Level vulnerabilities and exploitation such as Webkit-Based Exploitation, Root Exploits, and Use After free vulnerabilities
  • Write a penetration testing report for an Android application auditing project
  • Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at If you purchased this book elsewhere, you can visit and register to have the files e-mailed directly to you.

    Table of Contents

    1. Learning Pentesting for Android Devices
      1. Table of Contents
      2. Learning Pentesting for Android Devices
      3. Credits
      4. Foreword
      5. About the Author
      6. Acknowledgments
      7. About the Reviewers
        1. Support files, eBooks, discount offers, and more
          1. Why subscribe?
          2. Free access for Packt account holders
      9. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Downloading the example code
          2. Downloading the color images of the book
          3. Errata
          4. Piracy
          5. Questions
      10. 1. Getting Started with Android Security
        1. Introduction to Android
        2. Digging deeper into Android
        3. Sandboxing and the permission model
        4. Application signing
        5. Android startup process
        6. Summary
      11. 2. Preparing the Battlefield
        1. Setting up the development environment
          1. Creating an Android virtual device
        2. Useful utilities for Android Pentest
          1. Android Debug Bridge
          2. Burp Suite
          3. APKTool
        3. Summary
      12. 3. Reversing and Auditing Android Apps
        1. Android application teardown
        2. Reversing an Android application
        3. Using Apktool to reverse an Android application
        4. Auditing Android applications
        5. Content provider leakage
        6. Insecure file storage
          1. Path traversal vulnerability or local file inclusion
          2. Client-side injection attacks
        7. OWASP top 10 vulnerabilities for mobiles
        8. Summary
      13. 4. Traffic Analysis for Android Devices
        1. Android traffic interception
        2. Ways to analyze Android traffic
          1. Passive analysis
          2. Active analysis
        3. HTTPS Proxy interception
          1. Other ways to intercept SSL traffic
        4. Extracting sensitive files with packet capture
        5. Summary
      14. 5. Android Forensics
        1. Types of forensics
        2. Filesystems
          1. Android filesystem partitions
        3. Using dd to extract data
          1. Using a custom recovery image
        4. Using Andriller to extract an application's data
        5. Using AFLogical to extract contacts, calls, and text messages
        6. Dumping application databases manually
        7. Logging the logcat
        8. Using backup to extract an application's data
        9. Summary
      15. 6. Playing with SQLite
        1. Understanding SQLite in depth
          1. Analyzing a simple application using SQLite
        2. Security vulnerability
        3. Summary
      16. 7. Lesser-known Android Attacks
        1. Android WebView vulnerability
          1. Using WebView in the application
          2. Identifying the vulnerability
        2. Infecting legitimate APKs
        3. Vulnerabilities in ad libraries
        4. Cross-Application Scripting in Android
        5. Summary
      17. 8. ARM Exploitation
        1. Introduction to ARM architecture
          1. Execution modes
        2. Setting up the environment
        3. Simple stack-based buffer overflow
        4. Return-oriented programming
        5. Android root exploits
        6. Summary
      18. 9. Writing the Pentest Report
        1. Basics of a penetration testing report
        2. Writing the pentest report
          1. Executive summary
          2. Vulnerabilities
          3. Scope of the work
          4. Tools used
          5. Testing methodologies followed
          6. Recommendations
          7. Conclusion
          8. Appendix
        3. Summary
        4. Security Audit of
          1. Attify's Vulnerable App
        5. Table of Contents
        6. 1. Introduction
          1. 1.1 Executive Summary
          2. 1.2 Scope of the Work
          3. 1.3 Summary of Vulnerabilities
        7. 2. Auditing and Methodology
          1. 2.1 Tools Used
          2. 2.2 Vulnerabilities
            1. Issue #1: Injection vulnerabilities in the Android application
            2. Issue #2: Vulnerability in the WebView component
            3. Issue #3: No/Weak encryption
            4. Issue #4: Vulnerable content providers
        8. 3. Conclusions
          1. 3.1 Conclusions
          2. 3.2 Recommendations
      19. Index