Android - adeptex/CTF GitHub Wiki
https://www.xda-developers.com/quickly-install-adb/
First, you’ll need to enable the secret Developer Options. Skip this step if you already enabled Developer Options.
- Open Settings
- Scroll down to System (skip to step 3 on pre-Android Oreo devices)
- Select About phone
- Tap Build number 7 times in quick succession (some phones will bury this under Software info)
- You will see a message appear that says Developer Options are enabled
- Now go back and you’ll see Developer Options listed
With that out of the way, we can enable USB debugging.
- Open Settings
- Go to System > Developer options or just Developer options
- Scroll until you find USB debugging
- Toggle the switch on
sudo adb kill-server
sudo adb start-server
adb devices
https://medium.com/inbughunters/basic-android-security-testing-lab-part-1-a2b87e667533
- Add Burp config to WIFI proxy settings
- Install Burp cert to device: http://burp:8080/cert
https://stackoverflow.com/questions/25509296/trusting-all-certificates-with-okhttp
- Modify code to disable validation
https://developer.android.com/studio/build/building-cmdline
./gradlew tasks # see what's available
./gradlew assembleDebug
adb shell 'pm list packages -f' | egrep -i app
adb install app-debug.apk
adb uninstall com.app.name
https://medium.com/@margaretmz/how-to-access-private-data-on-android-a0841a11b487
adb pull /data/data/<your package-name>/databases/<db-name>
sqlite3 <db-name>
https://dzone.com/articles/how-to-capture-heap-dump-from-android-app
adb shell ps | grep <APP-NAME>
adb shell am dumpheap <PID> /data/local/tmp/memory.raw
adb pull /data/local/tmp/memory.raw
strings memory.raw | grep ...
https://3xpl01tc0d3r.blogspot.com/2018/06/android-root-detection-bypass.html
- Decompile APK
apktool d -r android.apk
- Modify Smali code as needed
- Build APK
apktool b folder_name
- Sign APK
java -jar sign.jar android.apk
(https://github.com/appium/sign) - Install APK
adb install android.apk
- Go to Settings --> Developer options
- Enable Bluetooth HCI snoop log
- Perform Bluetooth actions
adb shell cat /etc/bluetooth/bt_stack.conf
adb pull /sdcard/Android/data/btsnoop_hci.log