Android component security and Drozer use

Android has four components: Activity, Service, Content Provider, broadcast Receiver, The four components are registered in the configuration file Androidmanifest.xml, and the configuration file information is read through the anti-compilation tools such as Apktool. Activity, service, and broadcast receiver The three components do not have the Intent-filter property configured exported default to False, The Intent-filter property is configured exported the default is true. Content provider differs from the other three components, unaffected by Intent-filter , for Android:minsdkversion or Android: Targetsdkversion is not greater than 17 o'clock exported default is True, the default value is False for both property values above 17, and the declaration needs to be displayed exported true. By using Drozer to test the four components of the app, the following steps are outlined:

1. Install the JDK and Android SDK to ensure that Java and ADB are already in the system environment variable path

2, download Drozer Direct installation can: https://www.mwrinfosecurity.com/products/drozer/

3, install agent.apk to the mobile phone, adb install agent.apk, open the app, select Enbeded Server, select Enable to open the agent server

4. Download sieve for practice using Drozer

https://www.mwrinfosecurity.com/system/assets/380/original/sieve.apk

5, Drozer start mode ①②③

① Normal mode, turn on USB debugging, connect PC with Data cable, enter Drozer installation directory, establish port forwarding under CMD, use 31415 port by default

adb forward tcp:31415 tcp:31415 //forwards all data on PC side 31415 to 31415 ports on the phone

Drozer Console connect//Use Drozer console to connect to the agent server

② using WiFi forward connection mode, do not need to turn on USB debugging:

drozer Console Connect--server phone ip:port

③Infrastructure mode (reverse connection), suitable for the network environment more complex circumstances and multiple Android devices, do not need to know the IP of the device, do not need to turn on USB debugging, device installation Agent, interoperability with the server, Server and console interoperability (use the same computer here), on the agent click on the new Endpoint,host server IP, port default 31415, under CMD input drozer server start

Create a new CMD window on the console view device:Drozer console devices (device ID can be modified on the agent)

Connecting a device: drozer console Connect Mate7

Note: If the server is a different computer from the console, connect a device:

Drozer Console connect DeviceID--server serverip:port

6. Get all installed app package names on your phone:run app.package.list plus "-f [app keyword]" to find an app, such as Run App.package.list-f sieve

Get Sieve's package named Com.mwr.example.sieve

7. Get the basic information of sieve run App.package.info-a com.mwr.example.sieve

Android component security and Drozer use