Android penetration tools walkthrough series: AndroBugs framework
Android apps are arguably the most commonly used features of smartphones on the market today. Our lives are made more organized, faster, and more streamlined as a result of them. However, with all of these Android apps in use and thousands more coming every year, debugging Android apps is becoming all the more important.
To this end, AndroBugs Framework presents a solution to this ever-present need. AndroBugs Framework is an Android app security vulnerability scanner that Android developers and hackers can use to easily scan an Android app for security vulnerabilities, possible exploits and even whether the code satisfies best practices.
FREE role-guided training plans
Yu Cheng-Lin is an Android Security Researcher based out of Taiwan and the creator of the AndroBugs Framework. His career led him to the discovery of countless security flaws in Android applications of some of the biggest tech companies in the world, including Facebook and Twitter. Yu Cheng-Lin had previously built an Android app scanner as part of his master's degree in 2014 and decided to open-source his personal Android vulnerability scanner to the public. Yu Cheng-Lin currently hosts the application on Github at https://github.com/AndroBugs/AndroBugs_Framework.
What does AndroBugs framework have to offer?
AndroBugs Framework is capable of scanning Android applications and uncovering various types of security-related vulnerabilities. AndroBugs Framework has what has been described by as "the most efficient" and most accurate Android vulnerability analysis system. What does this translate to regarding vulnerability analysis performance? Speed and simplicity of design. This translates into Android app scans of less than two minutes per scan. This valuable time-saving feature will likely be appreciated by the Android developers worldwide.
AndroBugs framework features
- Find security vulnerabilities in an Android app, including vulnerabilities susceptible to exploitation by hackers
- Check if the code is missing best practices
- Check dangerous shell commands. For example – "su"
- Collect Information from millions of apps
- Check the app's security protection (marked as <Hacker>, designed for app repackaging hacking techniques)
What else does AndroBugs have to offer?
Although stripped down regarding its GUI, AndroBugs Framework still has a lot to offer its users aside from fast Android vulnerability analysis performance. The AndroBugs Framework team corresponds with users regarding the Android vulnerability analysis performed on their respective Android app. If the AndroBugs Framework team finds any vulnerabilities, they will give the user a complete and detailed description to help solve any potential security issues. If necessary, they will give the end developer the Proof of Concept code to show the vulnerabilities found in the Android app. AndroBugs Framework is currently on version 1.0.0.
AndroBugs framework setup for Microsoft Windows systems
AndroBugs Framework Setup on Microsoft Windows is easy:
- There is no need to install Python 2.7 if setup is performed on a Microsoft Windows system
- There is no need to install any 3rd-party library
- There is no need to install AndroBugs Framework on the Microsoft Windows system itself
- All you need to do is point AndroBugs Framework to the .apk file that you want to test
Follow the steps below to Setup AndroBugs Framework on a Microsoft Windows System:
- mkdir C:AndroBugs_Framework
- cd C:AndroBugs_Framework
- Unzip the latest Windows version of AndroBugs Framework from Windows releases
- Go to Computer->System Properties->Advanced->Environment Variables. Add "C:AndroBugs_Framework" to the "Path" variable
- androbugs.exe -h
- androbugs.exe -f [APK file]
Massive analysis tool setup for Microsoft Windows
Follow the steps detailed below to setup AndroBugs Framework Massive Analysis Tool on a Microsoft Windows System:
- Complete the AndroBugs Framework Setup for Microsoft Windows Systems first
- Install the Windows version of MongoDB, which can be found at https://www.mongodb.org/downloads
- Install PyMongo library
- Configure your own MongoDB settings: C:AndroBugs_Frameworkandrobugs-db.cfg
- Choose your preferred MongoDB management tool which can be found at http://mongodb-tools.com/
- AndroBugs_MassiveAnalysis.exe -h
- Example: AndroBugs_MassiveAnalysis.exe -b 20151112 -t BlackHat -d .All_Your_Apps -o .Massive_Analysis_Reports
- AndroBugs_ReportByVectorKey.exe -h
- Example: AndroBugs_ReportByVectorKey.exe -v WEBVIEW_RCE -l Critical -b 20151112 -t BlackHat
AndroBugs framework usage steps for Unix/Linux systems
Microsoft Windows is not the only option for developers and hackers to setup AndroBugs Framework on. Developers and hackers can also setup AndroBugs Framework on Unix/Linux based systems.
- How to run AndroBugs Framework on Unix/Linux Systems
python androbugs.py -f [APK file]
- How to check AndroBugs Framework usage on Unix/Linux Systems
python androbugs.py -h
AndroBugs framework massive analysis tools usage steps for Unix/Linux
Just like setup on Microsoft Windows systems, developers and hackers who want to setup AndroBugs Framework must setup MongoDB and configure their own MongoDB settings. These settings can be found in "androbugs-db.cfg."
- To run the AndroBugs Framework Massive Analysis Tool:
python AndroBugs_MassiveAnalysis.py -b [Your_Analysis_Number] -t [Your_Analysis_Tag] -d [APKs input directory] -o [Report output directory]
Example: python AndroBugs_MassiveAnalysis.py -b 20151112 -t BlackHat -d ~/All_Your_Apps/ -o ~/Massive_Analysis_Reports
- To get the summary report and all the vectors of massive analysis:
python AndroBugs_ReportSummary.py -m massive -b [Your_Analysis_Number] -t [Your_Analysis_Tag]
Example: python AndroBugs_ReportSummary.py -m massive -b 20151112 -t BlackHat
- To list the potentially vulnerable apps by Vector ID and Severity Level (Log Level):
python AndroBugs_ReportByVectorKey.py -v [Vector ID] -l [Log Level] -b [Your_Analysis_Number] -t [Your_Analysis_Tag]
Example: python AndroBugs_ReportByVectorKey.py -v WEBVIEW_RCE -l Critical -b 20151112 -t BlackHat
Unix/Linux AndroBugs framework requirements
- Python 2.7.x (DO NOT USE Python 3.X)
- PyMongo library (If you want to use the massive analysis tool)
- AndroBugs Framework is under the license of GNU GPL v3.0
Become a Certified Ethical Hacker, guaranteed!
Get training from anywhere to earn your Certified Ethical Hacker (CEH) Certification — backed with an Exam Pass Guarantee.
Sources
- Cimpanu, C. (2015, November 20). AndroBugs Framework is an Android Vulnerability Analysis System
- (2015, November 11). AndroBugs/AndroBugs_Framework
- AndroBugs.com
In this Series
- Android penetration tools walkthrough series: AndroBugs framework
- Intelligence-led pentesting and the evolution of Red Team operations
- Red Teaming: Taking advantage of Certify to attack AD networks
- How ethical hacking and pentesting is changing in 2022
- Ransomware penetration testing: Verifying your ransomware readiness
- Red Teaming: Main tools for wireless penetration tests
- Fundamentals of IoT firmware reverse engineering
- Red Teaming: Top tools and gadgets for physical assessments
- Red teaming: Initial access and foothold
- Top tools for red teaming
- What is penetration testing, anyway?
- Red Teaming: Persistence Techniques
- Red Teaming: Credential dumping techniques
- Top 6 bug bounty programs for cybersecurity professionals
- Tunneling and port forwarding tools used during red teaming assessments
- SigintOS: Signal Intelligence via a single graphical interface
- Top tools for mobile android assessments
- Top tools for mobile iOS assessments
- Red Team: C2 frameworks for pentesting
- Inside 1,602 pentests: Common vulnerabilities, findings and fixes
- Red teaming tutorial: Active directory pentesting approach and tools
- Red Team tutorial: A walkthrough on memory injection techniques
- Python for active defense: Monitoring
- Python for active defense: Network
- Python for active defense: Decoys
- How to write a port scanner in Python in 5 minutes: Example and walkthrough
- Using Python for MITRE ATT&CK and data encrypted for impact
- Explore Python for MITRE ATT&CK exfiltration and non-application layer protocol
- Explore Python for MITRE ATT&CK command-and-control
- Explore Python for MITRE ATT&CK email collection and clipboard data
- Explore Python for MITRE ATT&CK lateral movement and remote services
- Explore Python for MITRE ATT&CK account and directory discovery
- Explore Python for MITRE ATT&CK credential access and network sniffing
- Top 10 security tools for bug bounty hunters
- Kali Linux: Top 5 tools for password attacks
- Kali Linux: Top 5 tools for post exploitation
- Kali Linux: Top 5 tools for database security assessments
- Kali Linux: Top 5 tools for information gathering
- Kali Linux: Top 5 tools for sniffing and spoofing
- Kali Linux: Top 8 tools for wireless attacks
- Kali Linux: Top 5 tools for penetration testing reporting
- Kali Linux overview: 14 uses for digital forensics and pentesting
- Top 19 Kali Linux tools for vulnerability assessments
- Explore Python for MITRE ATT&CK persistence
- Explore Python for MITRE ATT&CK defense evasion
- Explore Python for MITRE ATT&CK privilege escalation
- Explore Python for MITRE ATT&CK initial access
- Top 18 tools for vulnerability exploitation in Kali Linux
- Explore Python for MITRE PRE-ATT&CK, network scanning and Scapy
- Kali Linux: Top 5 tools for social engineering
- Basic snort rules syntax and usage [updated 2021]
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Penetration testing
Intelligence-led pentesting and the evolution of Red Team operations
Penetration testing
Red Teaming: Taking advantage of Certify to attack AD networks
Penetration testing
Penetration testing
Ransomware penetration testing: Verifying your ransomware readiness