Yes, hacking your app is THAT easy! - Part 3 (Android Network Analysis)
In Part 1 we looked at Android File System Analysis. We saw how to backup an app using adb, unpack it using abe, then I left it to you to analyze the file system. We also saw how to repack and restore to your device.
In part 2, we looked at iOS File System Analysis. Using a tool, we essentially did the same as in part 1, by pulling out the files from the file system and analyzing them.
In part 5 we looked at parsing through the Android source code for apps to determine if the permissions they are requesting are being used maliciously or for other purposes.
In part 5 we looked at parsing through the Android source code for apps to determine if the permissions they are requesting are being used maliciously or for other purposes.
- Yes, hacking your app is THAT easy! - Part 4 (iOS Network Analysis)
- Yes, hacking your app is THAT easy! - Part 6 (iOS Source Code Analysis)
I am happy to announce that we are back on track and Part 3 will look at network analysis on Android. The analysis on Android and iOS are pretty similar, but how we intercept the traffic is a little different between the two. This being said, part 4 will likely come pretty quickly after part 3 so, you're welcome.
To start, we first need to see the network traffic coming to/from our device. On iOS and Android we can setup a proxy and all communication will then go through that proxy. The analysis part is essentially the same though. Part 4 will show much of the same content but will show you how to setup your proxy settings on iOS.
On Android, it somewhat depends on the device you have, but you first go to settings > WiFi > edit your wireless settings by long pressing the access point you are connected to and click the advanced check box. Set proxy to manual and put in the proxy information. You need to enter the password for the WiFi to save the settings.
At this point most of the traffic should be going through your proxy. We will next check to make sure.
You can use any proxy you want, but I will be using Burp Suite by Portswigger. There is a free version that is limited and a paid version. The paid version is inexpensive and I recommend it highly. For basic interception you can use the free version and be fine with it. For more advanced analysis and testing, the professional edition would be better.
Fire up your proxy and set your proxy settings. You want to make sure that the proxy is listening on an interface you can connect to. By default Burp listens on the loopback adapter only so you will need to change that. To do so, go to options, click the port you are listening on, click edit and select the interface you want to listen on. Then click OK.
By default your proxy will intercept all traffic and let you decide to forward or drop. I suggest Turning that off and running through the app is probably the best way to start then you can analyze the traffic. Once you determine how the traffic is being used, you can intercept, modify and see what happens. You may be surprised what you see.
I am not going to walk you through anything specific, but take a look. You may find some interesting things in the traffic. For more advanced fun, try modifying the traffic and see what happens! Happy hacking!
