How do I automate the enviroment setup for android pentesting using simple bash scripts

Link to full Blog

Hello Friends This is my first blog post, In this blog, I am am going to explain How do I automate the environment setup for android pentesting using the bash scripts. Before Following the blog please make sure the you have the following setup

  • *nix based operating system(For this tutorial I m using ubuntu-18.04)
  • Genymotion
  • Burp
  • Admin previlage to the system

Starting the emulator

Everyone does the mobile testing surely uses the emulator to test the mobile apps. But to start the emulator you have to open the Genymotion and click the device and device to start But the below bash function will start the device from the emulator

function  phone()
{

cd /path/to/where/you/downloaded/genymotion;
./player --vm-name "Google Nexus 5" > /dev/null 2>&1 || true & disown ; 

}

Copy and paste the above script the .bashrc file and do source .bashrc to activate it

But before using the script make sure to do the following changes

  • Change the location in the bash function to the location where you have genymotion installed

  • Update the vm-name to the device name you installed to find the name use the below command in the terminal

    $ VBoxManage list vms
    

location

Installing the certificate

Another Thing you would surely do was Installing the burp script in the emulator Sure you can install the certificate manually by sending the certificate in the device and installing but sadly From android nougat doesnt support user supplied certificates You have to install the certificates at the os level Below is the script that install the certificate

The script assumes that the devices was rooted and already in running stage This script take burp certificate as the input

#!/bin/bash

file=$1

openssl x509 -inform DER -in $1 -out cacert.pem

mv cacert.pem 9a5ba575.0
  
adb root

adb remount

adb push 9a5ba575.0 /sdcard/  

adb shell "mv /sdcard/9a5ba575.0 /system/etc/security/cacerts/ "

adb shell "chmod 644 /system/etc/security/cacerts/9a5ba575.0"

adb reboot  
  • Copy and paste the above script in the text editor of your choice and save it as the .sh extenstion

  • Make it executable by running the below commmand

    chmod +x <filename>.sh
    
  • Run the above script

screnn

Starting and stopping the proxy

Starting and stopping the proxy in the emulator is not as easy as for desktop browser we have to go to the settings and manually enter the ip-address and enter the port below the script automatically starts and stops the proxy

  • Start the burp

  • Go to the proxy-> option and click add and enter the port you want to listen and click ok

burp

Save the below function in the .bashrc file and activate it

function start() {
port=$1
ip=$(ip addr show wlo1 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1)
if [[ -n "$port" ]]; then
  adb shell settings put global http_proxy $ip:$port
else
    echo "Please enter the port no name"
    
fi
}

Give the port no as argument and run the script

start

To stop the proxy

function stop()
{
adb shell settings delete global http_proxy
adb shell settings delete global global_http_proxy_host
adb shell settings delete global global_http_proxy_port
adb reboot
}

Save the above function in the .bashrc file and activate it

stop

But be cautious while running the above script it will reboot the device if you have any data unsaved it may get lost

Thanks for the reading my first blogpost If you feel it was useful share it with your friends If you face any issue feel free to reach me Thank you

Nifty tech tag lists fromĀ Wouter Beeftink