Professional Documents
Culture Documents
NetPI Blog
Applications With
Debuggers
Eric Gruber
Januar 19th, 2015
1 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
Requirements
Below is a list of requirements for performing the
attacks covered in this blog.
GET IN TOUCH
2 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
3 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
4 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
adb devices
5 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
Determining Debuggabilit
When debugging Android applications, we �rst
have to check whether or not the application is set
to be debugged. We can check this in a few
di�erent was.
6 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
adb shell
pm list packages -f
7 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
8 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
Modifing the
9 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
AndroidManifest.xml to
Enable Debugging
The nice thing about apktool and APK tudio is that
we can edit an of the decompiled Android �les
and recompile them. That’s what we’re going to do
here. We are going to make the application
debuggable b adding in the android:debuggable
�ag. Edit the AndroidManifest.xml so that the
application node contains
android:debuggable=”true”.
10 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
11 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
You can also uninstall and reinstall the APK with the
following command:
12 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
13 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
14 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
15 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
16 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
17 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
18 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
19 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
20 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
Conclusion
From here we can not onl read data from the
application, but also insert our own. This can be
useful if we wanted to interrupt the �ow of the
program and possibl bpass application logic. B
21 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
Leave a Repl
gdogg
Guest pm uninstall
Eric Gruber
22 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
Bill Maca
Bill Maca
Eric Gruber
Otto
23 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
Otto
Jack
Valdik
Guest
REPLY 3 ears 9 das ago
MIlanG
https://www.viris.si/2015/01/analsing-android-
24 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
applications-or-just-cheating-in-games/
Eric Gruber
Author
REPLY 3 ears 4 das ago
Richard
Guest
REPLY 3 ears 1 da ago
vladimir gotman
mikel ravizza
25 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
KevMo
sugih liawan
cott
utherland
Glad ou found it useful
Editor
ouma Lahiri
palm
26 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
Benjamin
Dawkins
Thank ou ver much, this
helped me alot to get The Zipcrpto password of
Guest
An APk’s data,
Eric Gruber
Guest
REPLY 11 months 11 das ago
David Feinzeig
27 di 28 02/02/18, 14:56
Attacking Android Applications With Debuggers https://blog.netspi.com/attacking-android-applic...
28 di 28 02/02/18, 14:56