Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

How to use drozer for unauthorized access to APP

2025-01-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)05/31 Report--

Today, I will talk to you about how to use drozer for ultra vires access to APP. Many people may not know much about it. In order to make you understand better, the editor has summarized the following for you. I hope you can get something according to this article.

The content used is adb, drozer Night God Simulator, and testing app (sieve.apk) Android Debug Bridge (adb) is a versatile command line tool that allows you to communicate with your device. The adb command facilitates various device operations, such as installing and debugging applications, and provides access to Unix shell, which can be used to run various commands on the device. It is a client-server program that includes the following three components: client: for sending commands. The client runs on the development computer. You can invoke the client from the command line terminal by issuing the adb command. Daemon (adbd): runs commands on the device. The daemon runs as a background process on each device. Server: manages communication between the client and the daemon. The server runs as a background process on the development computer. Adb is included in the Android SDK platform tools package. Drozer is the leading security testing framework for Android. Drozer allows you to search for security vulnerabilities in applications and devices by assuming the role of one application and interacting with Dalvik virtual machines, IPC endpoints of other applications, and the underlying operating system. The drozer agent is designed to run on behalf of any unprivileged application on an Android device, which is why only a single permission is required: INTERNET permission. This permission is required because the agent needs to open a socket connection to interact with the console or server. Drozer tries to avoid external tools, such as ADB and AAPT, because these will only make the device work through a USB connection. Drozer functions are fully modular, that is, using the agent's reflection and loading functions to perform their tests. Allows the system to expand without updating the agent too frequently. First use adb for port forwarding: adb.exe connect 127.0.0.1 adb.exe devices 62001 to see if a connection has been established: adb.exe devices

Start the drozer of the Night God Simulator

Use drozer to connect: when the drozer.bat console connect connection is successful, it will prompt:

Use the list command to view all currently available modules:

List all installed app package names (among them, there is no good solution to the Chinese garbled problem under Windows, Linux can display normally, there are clear bosses kneeling for guidance):

Then find the app registration for the test: com.android.mms.service can also use: run app.package.list-f (app name) to find

View the details of app (app path, data directory, etc.): run app.package.info-a (app package name)

Next, check to see if app has exposed components and can be debugged: run app.package.attacksurface (app package name)

Looking at the returned results, it is found that two components are exposed and can be debugged to attack the exposed Activity component: run app.activity.info-a package name

The returned result lists the Activity exposed in app where: com.mwr.example.sieve.FileSelectActivity-- guess is file path com.mwr.example.sieve.MainLoginActivity-- guess is app login main interface com.mwr.example.sieve.PWList-- guess is password list and then start the corresponding module respectively to see what result will be returned: run app.activity.start-- component package name corresponds to module name com.mwr.example.sieve.FileSelectActivity

Com.mwr.example.sieve.MainLoginActivity

Com.mwr.example.sieve.PWList

It is found that the results are consistent with the guess, in which the com.mwr.example.sieve.FileSelectActivity and com.mwr.example.sieve.PWList modules also directly bypass the login and log into the interface. After reading the above, do you have any further understanding of how to use drozer for unauthorized access to APP? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report