If you were using your Android device for testing, this could be as simple as visiting the Marketplace, searching for your app and pressing Install. But we already went through the effort of setting up our testing environment, and the Android emulator cannot download apps directly, so we are going to have to jump through a few hoops to get your target application installed.
Obtain The Android Application Package File (.apk)
In most situations, you should simply ask your project contact “Hey, can you please send me the .apk file?” Do not forget to say please!
If, for whatever reason, that is not an option for you, all hope is not lost.
- Download the target application from the marketplace to your physical Android Device.
- Download and install one of the many file manager applications from the Android Marketplace to your physical Android Device.
a) I personally prefer the ASTROFileManager. (The rest of this post will assume you are willing to trust my opinion and use ASTRO).
- Using ASTRO, select ‘Menu’ > ‘Tools’ > ‘Application Manager/Backup’. Check the box next to the target application. Then select ‘Menu’ > ‘Backup’. This will save your .apk, as ‘pkg.apk’, in the ‘/mnt/sdcard/backups/apps/’ directory.
- Mount your Android Device as a USB device, and browse to the ‘/mnt/sdcard/backups/apps/’ directory. Copy the ‘pkg.apk’ file to your local hard drive.
a) Renaming the ‘pkg.apk’ to something more specific can help save what’s left of your sanity if you have multiple android application security assessments going.
Alright, so now you have the target .apk file on your testing system. Now what?
Install The Android Application Package File (.apk)
You will need to have your Android Virtual Device (AVD) up and running in your emulator. If you are having troubles with this, see the previous post.
- Open a terminal shell (or a command prompt if you are using Windows), and run the following command.
a) Linux: $ ./platform-tools/adb install targetfile.apk
b) Windows: C:\>platform-tools/adb install targetfile.apk
SIMPLE! You should now be able to open the application drawer in emulator and see the installed app. Click your application and watch the magic happen!
“What should I do next?”
That is a great question! Your application is already installed and your proxy is capturing the application’s requests and responses. Fortunately, most Android applications operate in a manner similar to web applications. OWASP and countless other great sites have great guides for testing web applications.
Next time we will discuss reverse engineering the .apk file.