3. Sniffing HTTPS API Traffic on Nougat 7.0 & newer OS bypassing default OS TLS security

With Android 7.0 i.e. Nougat onward OS introduced a new security feature where O.S. doesn’t trusts user installed certificate anymore. So our conventional way of Adding HTTPS certificate to intercept API would not work. However it is possible to instruct OS to allow custom certificate for a selective application if we declare it within the […]

2. Sniffing HTTP/HTTPS Traffic on AVD (Android emulator)

Sometimes it may happen that you might need to use AVD (Android Virtual Device) / emulator to intercept App Traffic. Earlier virtual device were not having WiFi interface, so you you need to rely upon command line to use it for API Interception (Newer ones you can have WiFi so you can use it directly […]

1. Sniffing HTTP/HTTPS Traffic of Android App on Non-Rooted phone.

While performing Android pen-test, you would also need to check what data Android app is sending to back-end server. You might be interested in not just viewing, but manipulating the ongoing communication between mobile app & server or sometimes IoT device. For this you need to have HTTP Proxy running in your laptop, where you […]

5. Reversing & Recompiling .APK to Bypass Root-detection

Rooting Android phones gives any app access of super user upon granting, it becomes risk for other apps installed within that device in terms of violation in CIA triangle. To minimize this risk many Apps comes with Root Detection mechanism, which won’t allow user to run that app on rooted device. On having a rooted […]

4. Reversing & Repatching .APK to pen-testing on Non-Rooted/Rooted phone to bypass OS Security

As seen in previous post about Reverse engineering Android .apk file into Smali code, this article will explain how to 1) Decompile an .apk file – 2) Modify a part of it – 3) Recompile it again to obtain new unsigned .apk file – 4) Sign it & install on any device. In majority apps […]

3. Reverse Engineering Android .apk using ApkTool to get .Smali Files

As we saw in previous article, how can we get ClassDex-Java class files via Apktool. In current post we would see how can we get .smali files from the .apk file. Basically Smali files are easy to understand if person has basic knowledge in assembly level language. Smali files have┬ámnemonic / instruction set similar to […]

2. Reverse Engineering Android .apk using ( ApkTool – D2J – JDGui ) Combination

Previously we saw getting back source code from .apk using Jadx via Reverse engineering. Here we would see same thing but using different tool set, using combination of: 1) ApkTool (Download Link)- This can extract Manifest.xml, resources, certificates, assets, layout, classes.dex or smali source code files from any .apk 2) D2J (Dex2Jar – Download Link) […]

1. Reverse Engineering Android .apk using Jadx

Android applications are packed inside .apk files with all resources, assets, class files, certificates, layout files, config Manifest files etc. Compiling any application source code into .apk files would make Java class files into class-Dex files, which are not human readable form. If we rename this .apk to .zip then we can get resources and […]

Input Validation Failure in Native Library Files causing App Crash via Bufferoverflow – #13 DIVA Solution

By now you might be knowing that Android apk can be made using Java, Kotlin, HTML-Js(cross platform apps) as well as in Native languages using C, C++ etc (reason being they can inherit already available popular libraries in those language plus better performance). When we talk about apps using Native languages compilation using C/C++, such […]

Identifying Hard-coded sensitive values in Native Library Files – #12 DIVA Solution

You might be knowing that Android apk can be made using Java, Kotlin, HTML-Js(cross platform apps) as well as in Native languages using C, C++ etc (reason being they can inherit already available popular libraries in those language plus better performance). When we talk about apps using Native languages compilation using C/C++, such languages could […]