Android Application Security Assessments - Part 2: Setting Up Your Linux Testing Environment
Last time we took a look and setting up our environment for Windows users. Now let’s take a look at the setup for Ubuntu Linux users.
Java
If you need help installing Ubuntu, there are many useful sites to walk you through the process. Once your OS is ready, you will need to install Java. I personally prefer the official JDK from Oracle and I will show you how to install that. If you choose to use OpenJDK, let me know how that goes for you.
Start by determining what the currently available version of java is:
$ apt-cache search jdk | grep sun
Next, download and install java via apt-get:
$ apt-get install sun-java6-jdk sun-java6-jre
Confirm your install has completed successfully:
$ java -version
Optional: For ease of use, let’s set our JAVA_HOME environment variable.
$ sudo nano /etc/environment
Add the following line:
JAVA_HOME="/usr/lib/jvm/java-6-sun-1.6.0.26"
or whatever the path is to your Java folder.
Don’t forget to save your changes.
Android SDK
Probably not a surprise, but you will need to download the AndroidSDK. Download the .tgz file to a folder of your choosing.
Open a terminal shell and navigate to the folder you downloaded the SDK into. From there run:
$ tar xzf android-sdk_r13-linux_x86.tgz
Now, you will want to run the android file (located in the ‘tools/’ directory). This will launch the Android SDK and AVD Manager.
$ ./android
Click on ‘Available Packages’ in the menu on the left.
In the main window, expand the Android Repository.
Select the packages you would like to download.
Check the box next to ‘Android SDK Platform-tools, revision n’
Check the box next to the Android SDK Platform you would like to emulate.
(You can always repoen the Android SDK and AVD Manager and download more Android SDK Platforms later).
Press the Install ‘Select’ button.
Press ‘Install’.
Optional: I recommend adding the ‘tools/’ and ‘platform-tools/’ folders to your PATH environment variable.
$ sudo nano /etc/environment
Add the full path to ‘tools/’ and ‘platform-tools/’ folders to the PATH variable. Don’t forget to save your changes.
Proxy (BURP)
BURP is my personal proxy of choice. Others may prefer Paros, WebScarab or ZAP and their sites can show you how to setup those proxies.
Once your proxy finishes downloading, extract the contents to a folder of your choosing.
About What's@Stake
This is where you will find thought leadership in the areas of Security Strategy and Security Assessment by Symantec’s Security Business Practice. Through the acquisition of @stake in late 2004, Symantec has become the leader in third-party security assessment services such as Penetration Testing, Vulnerability Assessment, and Security Program Assessment. Now combined with a premiere team of CISO-level Security Strategists, this team offers their insights on the latest security trends, strategies to address them, and the latest research on the vulnerabilities and attack methods used in their assessments.
Frequently Used Documents
PCI Assessment Services
Penetration Testing and Vulnerability Assessment Services
Mobile Security Assessment Services
Security Program Assessment
Comments 1 Comment • Jump to latest comment
Just adding a link to the earlier blog post:
Android Application Security Assessments - Part 1: Setting Up Your Windows Testing Environment
https://www-secure.symantec.com/connect/blogs/android-application-security-assessments-part-1-setting-your-windows-testing-environment
With thanks and best regards,
Mick
Would you like to reply?
Login or Register to post your comment.