Android app security detection drozer Tool installation Tutorial

Source: Internet
Author: User
Tags simple sql injection sql injection what sql

Recently received the task, lets understand several Android security test related software, first is the Drozer. Drozer is a comprehensive security assessment and attack of the Android framework, according to the product introduction, Drozer can fully assess the security of the app, and help the team to keep the security risks of the app within the controllable range.
How to use

1, in the mwrinfosecurity company of this webpage, provided the community version of the download (yes, and the premium version of the fee), download and install it. and to ensure that the Android ADB environment has been configured, that is, cmd input adb devices will not complain. and the agent.apk package in the download package is installed on the handset side.

2, on the PC side to open forwarding

ADB forward tcp:31415 tcp:31415

ADB forward tcp:31415 tcp:31415

3, on the mobile phone to open the installation of a good APK program.

4, on the PC to open Drozer console

Drozer Console Connect

Drozer Console Connect

This allows you to enter the console interface of the dz>, followed by a step-by-step test of the reference manual.
function Introduction

Dz> Run app.package.list-f Example

Dz> Run app.package.list-f Example


The list command lists all the package names installed on the phone that contain "example" and remembers the full name of the target application.

Dz> Run App.package.info-a com.example

Dz> Run App.package.info-a com.example

The info command uses the full name to get the details of the package, such as the data path, APK path, declared permissions, and so on.

Dz> Run App.package.attacksurface com.example

Dz> Run App.package.attacksurface com.example

Attacksurface is an attack surface analysis that analyzes the permissions of Activity/broadcast Receiver/content Provider/service, that is, whether it can be invoked by other applications. The number is listed as the following example:

Attack Surface:
3 Activities Exported
0 Broadcast receivers exported
2 content providers exported
2 Services Exported
Is debuggable

Dz> Run App.provider.info-a com.example

Dz> Run App.provider.info-a com.example


Get provider information, such as whether you need additional permissions to read and write the app's database, and so on. If the vulnerability is found, you can pass

Dz> Run Scanner.provider.finduris-a com.example

Dz> Run Scanner.provider.finduris-a com.example


To scan some of the available URIs, such as username, password, IDs, and so on, or even modify values (such as what SQL injects):

Dz> run app.provider.query content://xxxxxx--preinjection "xxx"

Dz> run app.provider.query content://xxxxxx--preinjection "xxx"


Dz> Run Scanner.provider.injection-a com.example

Dz> Run Scanner.provider.injection-a com.example

Perform simple SQL injection checks, file traversal checks, and so on.

Other:

Service related

Query Service

Dz> Run App.service.info-a com.example

Dz> Run App.service.info-a com.example

Shell.start

To start an interactive Linux shell on the device

Tools.file.upload/tools.file.download

Uploading/downloading files on Android devices

Tools.setup.busybox/tools.setup.minimalsu

Install BusyBox and MINIMALSU on the device

Other features

In the billing version, Drozer also provides a visual interface to the attack surface, and probes into the multiple device support and analog sensor input, but it is in charge and does not continue to look.

Summarize

Drozer does play a role in testing the security of the app, but the key issue is to understand the Android app's overall structure and security strategy in order to be able to navigate, not to recruit, and passively.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.