├── README.md └── setup.sh /README.md: -------------------------------------------------------------------------------- 1 | # Android_install 2 | # Android pentesting Setup Environment 3 | 4 | ### I creat small bash script to install and setup environment in android emulator 5 | 6 | #### tools setup with script 7 | 1. Adb 8 | 2. jadx 9 | 3. apktool 10 | 4. apkleads 11 | 5. fireBase Scanner 12 | 6. drozer 13 | 7. frida 14 | 8. burp 15 | 9. nucli 16 | 17 | #### Language install will script 18 | 1. python3 python2 19 | 2. pip3 pip2 20 | 3. go 21 | 4. java 22 | 23 | ### Installation: 24 | ``` 25 | git clone https://github.com/xenion0/Android_install.git 26 | cd Android_install 27 | chmod +x setup.sh 28 | ./setup.sh 29 | ``` 30 | -------------------------------------------------------------------------------- /setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # coded by Xenion_ 4 | # Installer - version 1.0 5 | 6 | 7 | #@> CHECK CONNECTION 8 | wget -q --spider http://google.com 9 | if [ $? -ne 0 ];then 10 | echo "Connect to internet" 11 | exit 12 | fi 13 | 14 | 15 | #Colors 16 | RED="\033[1;31m" 17 | GREEN="\033[1;32m" 18 | BLUE="\033[1;36m" 19 | YELLOW="\033[1;33m" 20 | RESET="\033[0m" 21 | BOLD="\033[1m" 22 | 23 | 24 | 25 | 26 | #@> VARIABLES 27 | ip_device= 28 | ADB_OUT= 29 | ADB_PATH= 30 | ##=======path for burp cert 31 | FILE= 32 | 33 | 34 | 35 | 36 | 37 | #@> PRINT USAGE 38 | USAGE(){ 39 | echo -e "${BLUE} 40 | \ \ / / (_) 41 | \ V / ___ _ __ _ ___ _ __ 42 | > < / _ \ | '_ \ | | / _ \ | '_ \ 43 | / . \ | __/ | | | | | | | (_) | | | | | 44 | /_/ \_\ \___| |_| |_| |_| \___/ |_| |_| 45 | ${RESET} 46 | [${YELLOW}Xenion${RESET}] == INSTALLER TOOLS FOR ANDROID PENTEST (${GREEN} @Xenion_${RESET}) 47 | 48 | " 49 | echo -e "" 50 | echo -e "Example Usage:" 51 | echo -e "./setup.sh [-i ip for android Device in network] [-f file fo CA burp] " 52 | echo -e "" 53 | echo -e "Flags:" 54 | echo -e " -i, --ip ${BK}string${RESET} Android Emulator IP Address -i 192.168.241.101" 55 | echo -e " -f, --file ${BK}string${RESET} Burp's CA certificate -f ./cacert.der" 56 | 57 | exit 0 58 | 59 | } 60 | 61 | #@> CHECK IF ARGS == 0 62 | if [[ $# -eq 0 ]]; then 63 | USAGE 64 | exit 65 | fi 66 | 67 | while [ -n "$1" ]; do 68 | case $1 in 69 | -i|--ip) 70 | ip_device=$2 71 | shift 72 | ;; 73 | 74 | -f|--file) 75 | FILE=$2 76 | shift 77 | ;; 78 | 79 | -h|--help) 80 | USAGE 81 | shift 82 | ;; 83 | 84 | *) 85 | USAGE 86 | ;; 87 | esac 88 | shift 89 | done 90 | 91 | 92 | 93 | #@> MAKE FOLDERS 94 | MAKDR(){ 95 | echo -e "${GREEN}====[ Setting things up ]====${RESET}" 96 | cd /root 97 | mkdir android-tools 98 | cd android-tools 99 | mkdir firda 100 | mkdir dorzer 101 | mkdir nucli 102 | mkdir burp 103 | mkdir FireBaseScanner 104 | } 105 | 106 | 107 | #@> INSTALL LANGUAGE 108 | LANGUAGES(){ 109 | echo -e "${RED}\n[+] update apt ${RESET}" 110 | sudo apt -y update > /dev/null 2>&1 111 | sudo apt -y upgrade > /dev/null 2>&1 112 | 113 | echo -e "${RED}\n[+] install python3 & pip3${RESET}" 114 | sudo apt-get -y install python3 python3-pip > /dev/null 2>&1 115 | 116 | echo -e "${RED}\n[+] install python2.7 & pip2.7${RESET}" 117 | sudo apt-get -y install python2.7 > /dev/null 2>&1 118 | cd /usr/lib/python2.7 119 | curl https://bootstrap.pypa.io/pip/2.7/get-pip.py — output get-pip.py > /dev/null 2>&1 120 | python2.7 get-pip.py > /dev/null 2>&1 121 | 122 | echo -e "${RED}\n[+] install JAVA JDK${RESET}" 123 | sudo apt -y install default-jdk > /dev/null 2>&1 124 | 125 | echo -e "${RED}\n[+] install go-lang${RESET}" 126 | #download compress file 127 | wget https://go.dev/dl/go1.18.1.linux-amd64.tar.gz > /dev/null 2>&1 128 | #cleaning previous installations decompressing to /usr/local 129 | rm -rf /usr/local/go && tar -C /usr/local -xzf go1.18.1.linux-amd64.tar.gz > /dev/null 2>&1 130 | #add variables to .bashrc 131 | export GOROOT=/usr/local/go 132 | export GOPATH=$HOME/go 133 | export PATH=$GOPATH/bin:$GOROOT/bin:$PATH 134 | echo 'export GOROOT=/usr/local/go' >> ~/.bashrc 135 | echo 'export GOPATH=$HOME/go' >> ~/.bashrc 136 | echo 'export PATH=$GOPATH/bin:$GOROOT/bin:$PATH' >> ~/.bashrc 137 | source ~/.bashrc 138 | 139 | } 140 | 141 | 142 | #@ >Tools 143 | TOOLS(){ 144 | echo -e "${RED}\n[+] install ADB${RESET}" 145 | sudo apt -y install adb > /dev/null 2>&1 146 | 147 | echo -e "${RED} install jadx${REST}" 148 | sudo apt install jadx > /dev/null 2>&1 149 | 150 | echo -e "${RED} install apktool${REST}" 151 | sudo apt install apktool > /dev/null 2>&1 152 | 153 | echo -e "${RED} install apkleaks${REST}" 154 | #sudo pip3 install apkleaks > /dev/null 2>&1 155 | 156 | #sudo apt-get -y install openssl 157 | 158 | #FireBase Scanner 159 | echo -e "${RED} install fireBase Scanner${REST}" 160 | 161 | cd /root/android-tools/FireBaseScanner 162 | git clone https://github.com/shivsahni/FireBaseScanner.git > /dev/null 2>&1 163 | 164 | 165 | #nculi install 166 | echo -e "${RED} install nucli${REST}" 167 | cd /root/android-tools/nucli 168 | git clone https://github.com/projectdiscovery/nuclei.git > /dev/null 2>&1 169 | cd nuclei/v2/cmd/nuclei/ 170 | go build . > /dev/null 2>&1 171 | echo -e "${RED} build nucli bin file${REST}" 172 | mv nuclei /usr/local/bin/ 173 | 174 | echo -e "${RED}Download/Update templates${REST}" 175 | nuclei -ut 176 | 177 | } 178 | 179 | #@> CONNECT TO ADB WITH IP ADRESS 180 | CONNECT_ADB(){ 181 | 182 | ADB_PATH=$(which adb) 183 | $ADB_PATH kill-server 184 | $ADB_PATH start-server > /dev/null 2>&1 185 | $ADB_PATH connect $ip_device 186 | 187 | CHECK_ADB 188 | } 189 | 190 | 191 | #@> check if android device connected 192 | CHECK_ADB(){ 193 | 194 | $ADB_PATH connect $ip_device > /dev/null 2>&1 195 | ADB_OUT=`$ADB_PATH devices | awk 'NR>1 {print $1}'` 196 | if test -n "$ADB_OUT" 197 | then 198 | echo "device connected is $ADB_OUT" 199 | else 200 | echo "device is not connected, please check and restart the script" 201 | exit $? 202 | fi 203 | } 204 | 205 | FRIDA(){ 206 | cd /root/android-tools/firda/ 207 | echo -e "${RED} ${BOLD} install frida & frida-tools ${REST} ${RESET}" 208 | pip3 install frida > /dev/null 2>&1 209 | pip3 install frida-tools > /dev/null 2>&1 210 | 211 | echo -e "${RED} ${BOLD}setup frida server & push it to android emulator${REST} ${RESET}" 212 | wget "https://github.com/frida/frida/releases/download/$(frida --version)/frida-server-$(frida --version)-android-x86_64.xz" -O frida-server.xz > /dev/null 2>&1 213 | unxz frida-server.xz > /dev/null 2>&1 214 | 215 | 216 | if test -n "$ADB_OUT" 217 | then 218 | echo -e "push frida-server to device " 219 | adb push frida-server /data/local/tmp 220 | adb shell "chmod 755 /data/local/tmp/frida-server" 221 | else 222 | echo "skip to bush frida-server to device" 223 | fi 224 | 225 | } 226 | 227 | #@> install Drozer and client apk 228 | DROZER(){ 229 | echo -e "${RED} install Requirement for drozer ${REST}" 230 | pip2.7 install twisted > /dev/null 2>&1 231 | pip2.7 install pyOpenSSL > /dev/null 2>&1 232 | pip2.7 install protobuf > /dev/null 2>&1 233 | 234 | cd /root/android-tools/dorzer 235 | echo -e "${RED} install Drozer ${REST}" 236 | wget https://github.com/FSecureLABS/drozer/releases/download/2.4.4/drozer-2.4.4-py2-none-any.whl > /dev/null 2>&1 237 | pip2.7 install drozer-2.4.4-py2-none-any.whl > /dev/null 2>&1 238 | 239 | echo -e "${RED}Get Agent${REST}" 240 | #check for connection about adb 241 | wget https://github.com/mwrlabs/drozer/releases/download/2.3.4/drozer-agent-2.3.4.apk > /dev/null 2>&1 242 | 243 | if test -n "$ADB_OUT" 244 | then 245 | echo -e "${RED} Install Agent in device ${REST}" 246 | # $ADB_PATH install drozer-agent-2.3.4.apk > /dev/null 2>&1 247 | $ADB_PATH forward tcp:31415 tcp:31415 248 | else 249 | 250 | echo -e "${RED}Check for connection adb device for now will skip install ${REST}" 251 | fi 252 | 253 | } 254 | #@> BURP 255 | #Setting up Burp Suite with Android Emulated Device 256 | 257 | #Navigate to Burp -> Proxy -> Options -> Export CA certificate -> Certificate in DER format. 258 | #@> BURP 259 | BURP(){ 260 | 261 | openssl x509 -inform DER -in $FILE -out /root/android-tools/burp/cacert.pem 262 | openssl x509 -inform PEM -subject_hash_old -in /root/android-tools/burp/cacert.pem | head -1 263 | mv /root/android-tools/burp/cacert.pem /root/android-tools/burp/9a5ba575.0 264 | 265 | 266 | if test -n "$ADB_OUT" 267 | then 268 | echo -e "${RED} Install Cert in Android Device ${REST}" 269 | cd /root/android-tools/burp 270 | $ADB_PATH remount 271 | $ADB_PATH push /root/android-tools/burp/9a5ba575.0 /system/etc/security/cacerts/ 272 | $ADB_PATH shell chmod 644 /system/etc/security/cacerts/9a5ba575.0 273 | $ADB_PATH shell reboot 274 | else 275 | 276 | echo -e "${RED}Check for connection adb device for now will skip install ${REST}" 277 | fi 278 | } 279 | 280 | 281 | #@> BANNER 282 | BANNER(){ 283 | 284 | echo -e "" 285 | echo -e "${BLUE} 286 | \ \ / / (_) 287 | \ V / ___ _ __ _ ___ _ __ 288 | > < / _ \ | '_ \ | | / _ \ | '_ \ 289 | / . \ | __/ | | | | | | | (_) | | | | | 290 | /_/ \_\ \___| |_| |_| |_| \___/ |_| |_| 291 | ${RESET} 292 | [${YELLOW}Xenion${RESET}] == INSTALLER TOOLS FOR ANDROID PENTEST (${GREEN} @Xenion_${RESET}) 293 | 294 | " 295 | CONNECT_ADB $ip_device 296 | 297 | # check extention of burp 298 | if test -f "$FILE"; then 299 | ext="${FILE##*.}" 300 | if [[ $ext == der ]]; then 301 | echo "" 302 | else 303 | echo "not der file" 304 | fi 305 | else 306 | echo "$FILE file is not exists" 307 | exit $? 308 | fi 309 | } 310 | 311 | 312 | 313 | #@ > Main Fuctions 314 | BANNER 315 | 316 | MAKDR 317 | 318 | LANGUAGES 319 | 320 | TOOLS 321 | 322 | CONNECT_ADB 323 | 324 | FRIDA 325 | 326 | DROZER 327 | 328 | BURP 329 | --------------------------------------------------------------------------------