Android Mobile App Security Testing – Part 1

I am currently performing security testing of Android Mobile Apps. I am documenting the whole process, tools and configuration steps necessary for security testing, so this may help someone who starts fresh. 

Step 1: Download Oracle VirtualBox

 

Step 2: Download and Install Kali Linux

 

Step 3: Download Genymotion Personal Use and Google Nexus Simulator

You need to register and login with an email address to use Genymotion.

 

In the Genymotion console, download Google Nexus 6 Android API 5.1. Before starting Google Nexus simulator, click on the 3 dots (…) and choose Edit.

Install and Configure Genymotion Simulator

 

In the Network mode, choose the same network that Kali Linux is connected. Because in the later stage, we use ADB tool to connect to Android simulator from Kali Linux. This is possible only if both are connected to same network. 

Genymotion Bridge mode

 

Step 4: Install ADB and Start Google Nexus

Android Debug Bridge (adb) is a versatile command-line tool that lets you communicate with a device (in our case, Google Nexus). The adb command facilitates a variety of device actions, such as installing and debugging apps.

In Kali Linux, execute following command to install ADB.

# apt-get install adb

At this stage, you also start Google Nexus simulator by clicking Start on 3 dots (…) in Genymotion.

Install and Configure Genymotion Simulator

You need to find the IP address of your Android device, in Google Nexus 6, navigate to Settings on the phone and find Wi-Fi IP Address. 

IP Address of Genymotion Android

 

Step 5: Connect to Android Google Nexus

In the Kali Linux, issue following command to connect to the device by its IP address.. You need to change IP address matching your’s.

# adb connect 192.168.100.14

If ADB server process is not already running, it starts server and binds to local port TCP 5037. The server then sets up connection to device on scanning random port 5555 to 5585.

Issue following command to confirm that your host computer is connected to the target device:

# adb devices

genymotion ADB Connect

You’re now good to go!

If the adb connection is ever problem, make sure that your Kali Linux and Genymotion arel connected to the same Wi-Fi network.

Issue following command if in case you want to reset your adb host:

adb kill-server

Then start over from the beginning of Step 5.

See you in Part 2 of this article.

Leave a Reply