Setup Android App Pen-testing environment on Mac-book M1
Hey folks, I hope anyone who is reading this blog post are doing great. A month ago I just switched from Mac-book Intel to M1 chip and I actually bought two M1 machines. I had to pen-test an android Application and m1 machines doesn’t support virtual box or genymotion. I took me quite a lot of time to properly setup a android app testing environment on m1 machines. So here’s the step by step guide :)
Download Android Studio:
First, you need to download android studio https://developer.android.com/studio#downloads. Download Mac (64-bit, ARM)
Once it’s downloaded, install android studio.
Now you need to download emulator to run the android studio AVD image. for that go here and download it.
Once you have downloaded the above emulator, then go to ~/Library/Android/sdk/emulator and replace emulator and emulator-check with the ones you downloaded from zip file emulator-darwin-aarch64–0.2-engine-only.zip
Yayy! now let’s run our emulator
Before we run our emulator, first open your android studio and go to the AVD manager.
Just copy the AVD name, and from the advance settings you can change the RAM, space settings etc too.
Now let’s run our emulator:
cd /Users/your_username/Library/Android/sdk/emulator && ./emulator -avd Pixel_3a_API_32_arm64-v8a -writable-system
I have used -writable-system in order to make this image write-able, this will allow us adb remount and for later you will be needing to install system level burp certificate too :)
Known Errors ( I faced )
- Black screen issue:
- Fix: make sure you run the android studio as well before launching the emulator.
- adb remount dev:/dev/block/dm-1 mnt:/system_ext: Read-only file system
- Fix: Use flag -writable-system with emulator binary
- if you get error Failure [INSTALL_FAILED_INSUFFICIENT_STORAGE]:
- Open android studio
- AVD Settings
- Wipe data
- adb install apk
- Error AndroidWifi not connected:
Fix1: Reboot machine
Fix2: Make sure it’s on NAT
Fix3: Use correct IP while configuring with burp lol xD
Fix4: If nothing works above connect to the Mobile data in emulator)
(Not Required): Google APIs System Image:
Alternatively you can also install android-emulator-m1-preview.dmg but I couldn’t find anyway to make it write able like we did for android studio AVD image.
I you guys find any way to make it write-able please let me know :)
Other tools the you need to get going:
- frida: pip3 install frida-tools
- objection: pip3 install objection
- apktool: https://ibotpeaches.github.io/Apktool/install/
- apk signer: https://github.com/patrickfav/uber-apk-signer/releases
How to configure Burp Suite with Android Studio Emulator:
First get your machine IP from the burp suite, in my case in 192.168.8.102:8085
You have two options for that:
- WiFi with manual proxy
> To configure that, go to the WiFi settings in your android emulator phone
> Open manual proxy settings
> Add IP and port in the manual settings.
- Mobile data with Emulator proxy
> To configure that, open proxy settings of your android emulator.
> Select manual proxy and add your IP and Port number accordingly
> Now just turn on mobile data in your emulator and you are good to go with capturing the requests.
Install Burp Certificate as a system level trusted CA:
For the Apps that require minimum API Level 24, you need to install Burp Certificate as system certificate, then follow the guidelines: https://blog.ropnop.com/configuring-burp-suite-with-android-nougat/
Setup is completed you are good to go with your android App Penetration Testing :)