Android安全[测试环境vuln-demopwn]
System : ubuntu 14.04 LTS
python3.0--scikit-learn安装:
# lapack是跟线性代数有关的工具包,安装相关库
sudo apt-get -y install python3-dev python3 python3-pip liblapack-dev libblas-dev python3-scipy python3-numpy python3-numpy-dev libatlas-dev g++ python3-pandas python3-matplotlib cmake gcc-multilib
sudo pip3 install -U scikit-learn安装pwn
python3.0--pwntools版本:
sudo apt-get update
sudo apt-get -y install python3 python3-pip python3-dev git libssl-dev libffi-dev build-essential
sudo pip3 install --upgrade pip
sudo pip3 install --upgrade pwntools --ignore-installed pyparsing如果出现以下报错:
bing@Xstorm:~$ python3
Python 3.4.3 (default, Nov 28 2017, 16:41:13)
[GCC 4.8.4] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from pwn import *
Traceback (most recent call last):File "<stdin>", line 1, in <module>File "/usr/local/lib/python3.4/dist-packages/pwn/__init__.py", line 4, in <module>from pwn.toplevel import *File "/usr/local/lib/python3.4/dist-packages/pwn/toplevel.py", line 20, in <module>import pwnlibFile "/usr/local/lib/python3.4/dist-packages/pwnlib/__init__.py", line 43, in <module>importlib.import_module('.%s' % module, 'pwnlib')File "/usr/lib/python3.4/importlib/__init__.py", line 109, in import_modulereturn _bootstrap._gcd_import(name[level:], package, level)File "/usr/local/lib/python3.4/dist-packages/pwnlib/args.py", line 61, in <module>from pwnlib import termFile "/usr/local/lib/python3.4/dist-packages/pwnlib/term/__init__.py", line 5, in <module>from pwnlib.term import completerFile "/usr/local/lib/python3.4/dist-packages/pwnlib/term/completer.py", line 6, in <module>from pwnlib.term import readlineFile "/usr/local/lib/python3.4/dist-packages/pwnlib/term/readline.py", line 7, in <module>from pwnlib.term import termFile "/usr/local/lib/python3.4/dist-packages/pwnlib/term/term.py", line 167def goto((r, c)):^
SyntaxError: invalid syntax
>>> exit()解决方法:
pip3 install git+https://github.com/arthaud/python3-pwntools.gitpython2.7--pwntools版本:
sudo apt-get update
sudo apt-get install python2.7 python-pip python-dev git libssl-dev libffi-dev build-essential
sudo pip install --upgrade pip
sudo pip install --upgrade pwntools
sudo pip install --upgrade pip
sudo pip install --upgrade pwntoolsgdb--peda插件:
git clone https://github.com/longld/peda.git ~/peda
echo "source ~/peda/peda.py" >> ~/.gdbinit
echo "DONE! debug your program with gdb and enjoy"gdb--pwndbg插件:
git clone https://github.com/pwndbg/pwndbg
cd pwndbg
./setup.shjava&wine安装:
sudo add-apt-repository ppa:webupd8team/java
sudo add-apt-repository ppa:wine/wine-builds
sudo apt-get update
sudo apt-get -y install --install-recommends wine-staging
sudo apt-get -y install wine
sudo apt-get -y install oracle-java8-installer oracle-java8-set-default
sudo update-alternatives --config java
sudo vim /etc/environmentJAVA_HOME="/usr/lib/jvm/java-8-oracle"
source /etc/environment
echo $JAVA_HOMEdocker安装:
sudo apt-get -y install apt-transport-https
curl -sSL https://get.docker.com/ | sh
sudo /etc/init.d/docker startvim--YouCompleteMe插件安装:
sudo apt-get install -y vim-youcompleteme
sudo apt-get install -y vim-addon-manager
vam install youcompeleteme1.接着再次打开 .vimrc 配置YCM,添加内容如下:
filetype off " required!
set rtp+=~/.vim/bundle/vundle/
call vundle#rc()
Plugin 'Valloric/YouCompleteMe'
filetype plugin indent on " required!
let g:ycm_global_ycm_extra_conf='~/.vim/bundle/YouCompleteMe/third_party/ycmd/cpp/ycm/.ycm_extra_conf.py'2.为了补全,我们还需要在 .ycm_extra_conf.py 文件中进行配置,vim ~/.vim/bundle/YouCompleteMe/third_party/ycmd/cpp/ycm/.ycm_extra_conf.py;添加信息如下:
'-isystem',
'/usr/include',
'-isystem',
'/usr/include/c++/4.8.4',
'-isystem',
'/usr/include/c++/4.9.2',
'-isystem',
'/usr/include',
'/usr/include/x86_64-linux-gnu/c++',
实际上以上是vim自动补全时搜索路径,如果自动补全的内容位于/usr/local/include里面,则添加以下信息:
'-isystem',
'/usr/local/include',
根据实际的/usr/include/c++/中的文件夹名称(即C++版本号)修改:
'-isystem',
'/usr/include/c++/4.8.4',
'-isystem',
'/usr/include/c++/4.9.2',https://www.aliyun.com/jiaocheng/780711.html
https://github.com/Valloric/YouCompleteMe
安卓逆向工具:
IDA可直接复制到ubuntu系统
apktool等签名工具也可以复制进去
测试工具集
– 代码反编译:apktool,JEB,jadx-gui,luyten;IDA
– 动态调试:apktool v2 + netbeans,jdb/droidDebugger;IDA, gdb
– 网络抓包:burp/fiddler2;tcpdump
– 利用模拟器:emulator,bluestacks,genymotion
通信分析
Mallory TCP and UDP proxy,it sees all traffic and allows you to manipulate and fuzz it
BurpSuit
Charles
ADVsock2pipe capture network data with tcpdump on Linux or iPhone/iPad to see the capture in (almost) real-time in Wireshark on windows
Paros
Fiddler windows
webscarab
tcpdump
wireshark
PonyDebugger remote network and data debugging for your native iOS app using Chrome Developer Tools
WAPT web application load, stress and performance testing
逆向分析
反汇编
smali/baksmali disassembler(smali mode)
Dedexer disassembler(ddx mode)
apktool
radare the reverse engineering framework
smiasm reverse engineering framework
REDEXER This tool is able to parse a DEX file into an in-memory data structure; to infer with which parameters the app uses certain permissions (we name this feature RefineDroid); to modify and unparse that data structure to produce an output DEX file (we name these features Dr. Android, which stands for Dalvik Rewriting for Android)
Virtuous Ten Studio modification of android application windows
AppInspect commercial software
反编译
dex2jar
JD-GUI java decompiler
JAD java decompiler
ded
soot java optimization framework
Dava a tool-independent compiler for java
apk-extractor 反编译工具 windows平台(用来查看java源码)
JEB the interactive Android Decompiler commercial software
AndroChef java Decompiler Information commercial software
签名
keytool/jarsigner (Sun java 签名)
openssl
signapk(Android签名)
Auto-sign(Android签名)
keytool-importkeypair
AXMLPrinter2 AXML converter
axml2xml AXML converter
IDA Pro windows
资源编辑工具
AndroidResEdit windows
apk-recovery recover main resources from apk file
权限分析
STOWAWAY A static analysis tool and permission map for identifying permission use in Android applications
manitree AndroidManifest.xml security auditor
动态分析
Droidbox an Android system image, which can log and output behaviors of applications running in it.
APIMonitor a tool which can automatically modify APK file and add log codes for sensitive APIS
apk-view-tracer apk automated testing interface and event trigger tool for apk dynamic analysis (open-API for developer)
静态分析
APKInspector 重要
androwam 检测Android APP中潜在的恶意行为
otertool swiss army knife of android hacking
apkanalyser 重要(用来查看smali)
ART Android reverse tools
FindBugs find bugs in java program
Fortify SCA
Agnitio 源码审查 windows
PWD(Java source code analyzer. It finds unused variables, empty catch blocks, unnecessary object creation, and so forth)
安全审计
Androguard 重要,很多工具的基础
mercury a framework for exploring the Android platform to find vulnerabilities and share proof-of-content exploits
ASEF android security evaluation framework
AntiLVL subvert Android License Verification Library, Amazon Appstore DRM and Verizon DRM, also disables many anti-cracking and anti-tampering protection methods
调试
AndBug
agdb an android cross platform gdb wrapper
Phone to Phone Android Debug Bridge
Android保护
APKFuscator a generic DEX file obfuscator and munger
DexGuard obfuscator
de4dot .NET deobfuscator and unpacker written in C#
sec-distros
Santoku
1.reverse engineering
(1)Androguard
(2)AntiLvL
(3)APK Tool
(4)smali/baksmali
(5)Dex2jar/JD-GUI
(6)Jasmin
(7)Mercury
(8)Radare2
(9)Bulb Security SPF
2.wireless analyzers
(1)Wireshark
(2)TCPDUMP
(3)DSniff
(4)mitmproxy
(5)dnschef
(6)Chaaosreader
3.penetration
(1)BurpSuite
(2)NMAP (zenmap)
(3)SSL strip
(4)w3af
(5)ettercap
AppUse Android Pentest Platform Unified standalone environment
OSAF Open source Android Forensics Toolkit (推荐)
MobiSec(Slides)
ARE android reverse engineering
Android Tamer
BackTrack Linux
Android Data Extractor Lite
在线分析
Anubis analyzing Unknown binaries(windows executable,android APK, suspicious URL)
SandDroid an APK analysis sandbox 西安交通大学
Mobile Sandbox malicious behaviour analyze
ComDroid a staic analysis tool for identifying application communication-based vulnerabilities (Intent: inter-application)
Bytecode scanner scan Android APP and report bytecode misusage which can cause your device to stuck in a boot loop
Mobile Sandbox
dexter
VirusTotal analyzes suspicious files and URLs
取证分析
AF Logical
Sleuthkit
BitPim
DFF digital forensics framework
LIME forensics linux memory extractor
安全框架
OWASP Mobile Security Project
SEAndroid
其他
APK Downloader Downloader APK files from Android Market to PC
Real APK Leecher Downloader APK files from Android Market to PC windows
ExploitMe mobile android Labs APK漏洞演示
Pandemobium collection of intentionally-vulnerable mobile applications
TaintDroid realtime privacy monitoring on Smartphones
AndroidXRef android源码查看
OWASP GoatDroid training environment for educating developers and testers on Android security
smartphonesdumbapps analyze Android and iPhone applications as well as to run Fortify SCA scans on Android Java application source code
cloring for smali files: emacs vim editplus
dexInspector windows
smart phones dumb apps tools from denim group for analyzing the security of smartphone applications
seek for android SmartCard API
Android scripting
APK
Android security list
root tools
Root Explorer 文件管理
Busybox Pro
su授权管理
GameKiller, GameCIH, GameGuardian 内存修改
Lucky Patcher
ProxyDroid
QuickSSHd
DroidVPN
X-Ray Android vulnererabilities scanner
c-ray Android application security scanner
dSploit an android network penetration suite (需要root与busybox)
FaceNiff Facebook session hijacking
DroidSheep session hijacking
Arpspoof.apk
netspoof
wifi file transfer pro
in-appstore.com google play 免费内购
Fing 网络工具包
Network Discovery
Network Info II
Shark for root
DroidCAT finding all ethical hacking / information security related application published in android domain
SMSSpoofer
以下是来自iSECPartner
Android SSL Bypass
AndroidPinning
Intent Fuzzer
Intent Sniffer
Package Play
Manifest Explorer
取证apk AndroidForensics.apk ForenDroid.apk
Anti android Network toolkit
anmap Android Network Mapper
Android安全[测试环境vuln-demopwn]相关推荐
- 如何搭建基于C#和 Appium 的 Android自动测试环境
转载请注明出处:葡萄城官网,葡萄城为开发者提供专业的开发工具.解决方案和服务,赋能开发者. 如果想做手机端的自动化测试,Appium是首选的测试框架,因为网上使用的人多,资料丰富,支持语言多 Jave ...
- 搭建基于C#和 Appium 的 Android自动测试环境
移动端的自动化测试框架主要就是UiAutomator,Espresso,Robotium和功能最强大,也是比较热门的框架Appium 如果想做手机端的自动化测试,Appium是首选的测试框架,因为网上 ...
- Android Camera 测试环境搭建:编译Android模拟器
在 Ubuntu 下面我编译 android 12 已经尝试过很多次,都失败了. 都是执行下面这步的时候,编译了几个小时以后报错 make sdk sdk_repo -j12 一开始给虚拟机分配了 8 ...
- Android 渗透测试学习手册 第二章 准备实验环境
第二章 准备实验环境 作者:Aditya Gupta 译者:飞龙 协议:CC BY-NC-SA 4.0 在上一章中,我们了解了 Android 安全性及其体系结构的基础知识. 在本章中,我们将了解如何 ...
- 开始实际搭建App测试环境-Appium
一晃2016年结束,真是感慨万千.总结2016猴年的教训,就是整个心理状态不佳:做的事情杂乱不在个人擅长领域,做得不踏实. 2017鸡年的目标: 踏踏实实地搞定一两个技术,包括1)移动App测试,实际 ...
- Android测试环境配置
测试是软件开发中非常重要的一部分,Android中是使用junit测试框架,本文使用的是junit4和Android Studio.Android测试主要分两类本地测试和Instrumented测试, ...
- 【转】Android兼容性测试CTS --环境搭建、测试执行、结果分析
原文网址:http://www.cnblogs.com/zh-ya-jing/p/4396918.html 为了确保Android应用能够在所有兼容Android的设备上正确运行,并且保持相似的用户体 ...
- android 支付宝沙箱测试环境,Android支付宝沙箱环境使用教程
Android支付宝沙箱环境使用教程 网上好多支付宝教程,但是好像没看到支付宝沙箱环境的使用教程,尤其是在做Android支付宝测试的时候,沙箱拿来测试挺好的,正式使用的时候更换里面的个别数据就可以了 ...
- Android官方开发文档Training系列课程中文版:Activity测试之测试环境配置
原文地址:http://android.xsoftlab.net/training/activity-testing/index.html 引言 开发者应当将测试作为应用开发周期的一部分.良好的测试用 ...
最新文章
- 目标检测 - Tensorflow Object Detection API
- visualize_object_model_3d算子说明
- jQuery的end()方法使用详解
- python按章节分割txt_python爬虫,爬取小说
- MVC4.0网站发布和部署到IIS7.0上的方法
- 机器学习进阶-优化的近邻算法
- 杀毒软件对Platform Builder编译的影响
- 使用一下SQL Server 2008中的新日期函数
- 计算机组成原理闭卷,《计算机组成原理》试卷A (闭卷)
- gnome2 恢复默认 panel
- FireFox 32不支持64位的NPAPI dll插件
- iOS开发 在图片上添加文字,图片合成文字,图片上添加富文本,美图秀秀,美颜相机文字编辑
- 创作焦虑之下,红人大V怎么看微博?
- 音视频开发(四十四):M3U8边缓存边播放
- js 公众号 获取code_微信公众号开发之网页授权登录及code been used 解决!
- 区块链开发(五)区块链ICO:互联网进化的驱动力
- TI RTOS BLE CC2642 看门狗 Watcdog
- 波浪过程下载Loading动画
- 支付宝钱包系统架构内部剖析
- ARM嵌入式开发总结