๐ŸŒš
W3LC0M3
  • ๐Ÿ‘จโ€๐ŸณWelcome
  • ๐Ÿ–ฒ๏ธHacker Boy
    • ๐Ÿดโ€โ˜ ๏ธCTF's (challenges)
      • Crypto
        • Links
      • Pwn
        • Concepts
        • Links
        • Tryhackme: Intro to pwntools notes
      • Forensics
        • Volatitily
    • ๐ŸTryhackMe
      • Boxes
        • ๐Ÿ‘„biteme
    • ๐Ÿ“ฆHackTheBox
      • Challenges
        • Templated
        • Phonebook
        • Weather App
        • LoveTok
        • Toxic
      • Boxes
    • ๐Ÿค–Android Hacking
      • Hacking Android Notes
      • Android Hacking 101 - Tryhackme Notes
      • Tools
      • Useful Commands
      • Android Books
      • Hack the box - Mobile Challenges Notes
        • Don't Overreact Challenge Notes
      • Hacker101 Android Challenges notes
      • Crackme Challenge Notes
      • Android Application Basics Notes
      • Other References
    • ๐ŸชŸWindows PenTest Notes
    • ๐Ÿฆนโ€โ™‚๏ธServices Pentest Notes
    • ๐Ÿ““Vuln notes
    • ๐ŸงฐMy Pentest Tools
  • ๐Ÿ™‰Learny Boy
    • ๐Ÿ‘จโ€๐ŸซMy Projects
      • โ›๏ธMinero
        • Links
      • ๐ŸšRice
        • Debian Ricing
        • Shell
    • ๐Ÿง‘โ€๐Ÿš€Learning Stuff...
      • ๐ŸงLinux Fundamentals
      • ๐ŸŽ‡Network Enumeration with nmap
      • ๐Ÿ’พBinary Reverse Engineering
        • ๐Ÿ‡ฌ๐Ÿ‡ฎReverse Engineering with Ghidra
          • ๐Ÿฆ†Evil Duck Hunt
Powered by GitBook
On this page
  • Commands
  • Extract APK to Java sourcecode
  1. Hacker Boy
  2. Android Hacking

Useful Commands

PreviousToolsNextAndroid Books

Last updated 2 years ago

Commands

  • List packages inside the device: adb shell cmd package list packages

  • Get APK from package:

    • adb shell pm list packages
adb shell pm path com.example.someapp
adb pull /data/app/com.example.someapp-2.apk path/to/desired/destination

  • Set Proxy: adb shell settings put global http_proxy 192.168.0.15:5555

  • Disable Proxy: adb shell settings put global http_proxy :0

  • See shared Preferenses: adb shell run-as com.moofwd.mooestrouaveiro cat /data/data/com.moofwd.mooestrouaveiro/shared_prefs/com.moofwd.mooestrouaveiro.xml

  • See logs(If enabled): adb logcat --pid=$(adb shell pidof com.moofwd.mooestrouaveiro)

  • Setup app to accept burp certificate:

    • create a file: ~/app/res/xml/network_security_config.xml

    • add the following info to the file: 

      • <network-security-config> 
    <base-config> 
        <trust-anchors> 
            <!-- Trust preinstalled CAs --> 
            <certificates src="system" /> 
            <!-- Additionally trust user added CAs --> 
            <certificates src="user" /> 
        </trust-anchors> 
    </base-config> 
</network-security-config>

    • Add android:networkSecurityConfig="@xml/network_security_config" to AndroidManifest.xml.

  • Unpack apk: apktool d -s name.apk -o target_dir

  • Repack apk: 

    • apktool b extracted_apk -o app-release-mod.apk --use-aapt2 
java -jar uber-apk-signer.jar --apks app-name.apk

  • Backup(If package not debuggable we can try):

    • adb backup -f <name>.ab -noapk <package>

    • java -jar abe.jar unpack ~/backup.ab ~/backup.tar ()

Extract APK to Java sourcecode

  • Unpack apk: apktool d -s name.apk -o target_dir

๐Ÿ–ฒ๏ธ
๐Ÿค–
uber-apk-signer.jar
https://github.com/nelenkov/android-backup-extractor/releases/tag/master-20220517081023-33a2f6c