Drozer
ΠΡΠΎ Π½Π°ΠΏΠΈΡΠ°Π½ΠΈΠ΅ ΠΏΠ»Π°Π³ΠΈΠ½ΠΎΠ² ΠΏΠΎΠ΄ Π΄ΡΠΎΠ·Π΅Ρ
Π‘ΡΡΠ»ΠΊΠΈ ΠΏΠΎΠ»Π΅Π·Π½ΡΠ΅ - https://blog.attify.com/creating-your-own-drozer-module-for-android-application-testing/ - http://th3-incognito-guy.blogspot.com/2014/09/drozer-security-attack-framework-for.html - https://yashagarwal.in/posts/2018/05/writing-drozer-modules/ - https://github.com/mwrlabs/drozer/wiki/Advanced-patterns - https://github.com/mwrlabs/drozer/wiki/Using-mixins - https://github.com/mwrlabs/drozer/wiki/Using-Reflection - https://github.com/mwrlabs/drozer/wiki/Writing-a-Module - https://github.com/mwrlabs/drozer/wiki/Formulating-intents Modules: https://github.com/mwrlabs/drozer-modules https://github.com/snoopysecurity/Public/blob/master/blog%20archive/2015-10-23-six-things-you-didnt-know-Drozer-could-do.md
Intro
Drozer https://labs.mwrinfosecurity.com/tools/drozer/ https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-drozer-user-guide-2015-03-23.pdf
ΠΡΠ°ΡΠΊΠΈΠ΅ ΠΏΡΠΈΠΌΠ΅ΡΡ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΡ: 1. ΠΠ°ΠΏΡΡΠΊ: adb forward tcp:31415 tcp:31415 run agent on phone drozer console connect 2. ΠΠΎΠ΄ΡΠ»ΠΈ: Π‘ΠΏΠΈΡΠΎΠΊ Π΄ΠΎΡΡΡΠΏΠ½ΡΡ ΠΌΠΎΠ΄ΡΠ»Π΅ΠΉ: list [search query] Π‘ΠΏΠΈΡΠΎΠΊ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ: run app.package.list [-f <search>] ΠΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ ΠΎ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΈ: run app.package.info -a com.test.app Π‘ΡΠ°ΡΠΈΡΡΠΈΠΊΠ° ΠΏΠΎ Activity, Receivers, ContentProvider, Services: run app.package.attacksurface com.test.app Π‘ΠΏΠΈΡΠΎΠΊ Π·Π°ΠΏΡΡΠ΅Π½Π½ΡΡ Activity: run app.activity.info -a com.test.app
ΠΠΎΠ΄ΡΠ»Ρ scanner - ΡΠΊΠ°Π½ΠΈΡΡΠ΅Ρ ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½ΡΡ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ Π½Π° ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
ΠΠΎΠΈΡΠΊ custom schema: run scanner.activity.browsable -a com.test.app
ΠΠΈΠ»Π΄ Π΄ΡΠΎΠ·Π΅ΡΠ° Ρ Π½Π΅ΠΎΠ±Ρ ΠΎΠ΄ΠΈΠΌΡΠΌΠΈ ΠΏΡΠ°Π²Π°ΠΌΠΈ: drozer agent build --permission android.PyPermission
Last updated