This issue will teach you how to how to capture and analyze network traffic on Android devices and extract sensitive information and files from a packet capture from an Android device.
The course has been refreshed, join now for more challenges: https://pentestmag.com/course/penetration-testing-with-android-devices-w18/
Table of content:
1) Try to build an Android app
- Write a small Java application that scans for open ports, in a wireless network, based on the Intercepter-ng and dSploit application operation.
- Extend the previous code, to search in the CVE database, for vulnerabilities based on the results of the previous code (open ports).
- Put your Java program to Android Studio and try to build an Android app that runs the previously written code with the opening of the app automatically, and presents the results in the device screen.
- Try the app on your Android device.
2) zANTI application
- Run a MITM attack with zANTI, and in the logged requests check if there is any known browser vulnerability. Find the way to exploit it, in a search engine, and exploit it with the given instructions.
- With the way that we installed Kali Linux distribution, install and set up BackBox Linux.
- Find the latest Windows vulnerability in Exploit DataBase and implement the exploit to Metasploit framework. Now try to exploit an unpatched target Windows machine.
- Find the exact technical aspects of ICMP and try to produce an ICMP MITM attack (doubledirect) with Ettercap.
- Install an .img custom recovery file on your device with adb, and boot to recovery to see if the procedure was successful.
3) Kali NetHunter
- Port Kali Nethunter in a device you do not own, based on the Kernel source code of this device. Upload it in XDA forums and find out if it works correctly by the replies in your thread.
- If your Kali NetHunter port doesn’t work, try to find the problem, fix it, and publish v.2 of your port.
- Try to run your favorite Linux utilities in the terminal emulator with root privileges, to see if they can run in the Kali NetHunter Rom.
- Write a RubberDucky script that takes a meterpreter session with the execution on the target machine.
- Run the HID attack with the LHOST and the LPORT fasing in an external IP address, and set up the Metasploit listener to face in the external IP address. (Hint: port forwarding)
- Change the Windows password with CMD commands, by writing them in the Windows CMD HID attack, and execute it like the Powersploit attack.
4) Java Applet Attack
- Execute the BadUSB attack and use Intercepter-ng application in the rndis0 interface, to perform extra MITM attack methods.
- Use dsnif script from Kali Menu after a BadUSB attack to sniff plain text passwords.
- Perform a Java Applet Attack with SET with the attacking machine listening to the external IP of the local network. (Hint: Port forwarding, set_config)
- Run OpenVAS from the Kali Menu to find if a target machine on your network is vulnerable.
- Based on the OpenVAS results, find the appropriate exploit and try to take a meterpreter session on the target machine by using it.
- If the target system has no known vulnerabilities, head to Exploit database, download a vulnerable application, install it on the target system and try to exploit it with metasploit on an Android device.
5) Crack the WEP protocol of your router with an external antenna connected to your Android device
- Find the interface of your internal wifi antenna and run Airodump-ng with it, in the terminal emulator.
- Crack the WEP protocol of your router with an external antenna connected to your Android device over Y-cable, and the Aircrack-ng suite running from the terminal emulator, manually.
- Set up a MANA evil access point and perform MITM actions with tools from the Kali Menu that you think they will be useful.
Visit the original course:
Taking part in the course will get you:
- More material;
- Instructor's guidance;
- Exercises and challenges;
- Open discussion with the instructor and other students;
- Certificate of Completion.