Android Application Security Assessments - Part 1: Setting Up Your Windows Testing Environment
Welcome to the exciting world of Android Application Security Assessments. You are presumably here to learn how to perform vulnerability assessments against Android applications. If you are looking for tips on growing organic produce, please head one blog over.
Let’s start by setting up our test environment, in this case, a Windows XP system. The Linux setup will be detailed in the next blog posting.
Let’s assume you already have Windows XP installed. You will need to download the Android SDK. Grab the installer and run it. During the installation, the Windows installer will check to see if the proper Java SE Development Kit (JDK) is already installed. If not, it will install it on your behalf. (Yay!)
Trust Google’s recommendations and select the defaults during the installation.
Now, you will want to run the ‘android.bat’ file (located in the ‘tools\’ directory). This will launch the Android SDK and AVD Manager.
Click on ‘Available Packages’ in the menu on the left.
In the main window, expand the Android Repository.
Select the packages you would like to download.
Check the box next to ‘Android SDK Platform-tools, revision n’
Check the box next to the Android SDK Platform you would like to emulate.
(You can always reopen the Android SDK and AVD Manager and download more Android SDK Platforms later.)
Press the ‘Install Select’ button.
Optional: I recommend adding the ‘tools/’ and ‘platform-tools/’ folders to your PATH environment variable.
Right-Click on ‘My Computer’, select ‘Properties’ and the select the ‘Advanced Tab’. Press the ‘Environment Variables’ button. A new dialog box will appear. Under ‘System Variables’, double-click on ‘Path’. Add the full path to ‘tools/’ and ‘platform-tools/’ folders to the path.
In case you missed it, the Windows installer will check to see if the proper Java SE Development Kit (JDK) is already installed. If not, it will install it on your behalf. (Yay again!)
Once your proxy finishes downloading, extract the contents to a folder of your choosing.