Converting Android Operating System into Penetration Testing Device

Android Operating System

Converting Android Operating System into Penetration Testing Device

Android operating system developed by Google, based on a modified version of the Linux kernel and other open source software and designed primarily for touchscreen mobile devices such as smartphones and tablets.

Big corporations trying to improve the user experience by making everything around simplify, increasing performance and connections with “IoT’s”. Today with the Android operating system installed on the most robust smartphones, we have their strengths and weaknesses.

A Linux system, have their limitations and permissions. The user that makes the “Root” on the mobile device, will have full access to the system from view, edit and delete files and folders from the Android Operating System and even install tools of various features.

 

 

Android Operating System

 

 

Preparing Android Smartphone for Penetration Testing

 

Once the application installs, we will have to do the “Root” mode to have full access to the Android system. Therefore, we can install the pentest and monitoring tools.

Apt-get is a powerful package management system that is used to work with Ubuntu’s APT (Advanced Packaging Tool) library to perform the installation of new software packages, removing existing software packages, upgrading of existing software packages.

First, we will use Linux repositories distributions for pentest, in this example, I am using the Kali Linux distro. Once we do the “apt-get update” command, we will have reliable fonts tools.

Apt-get is a powerful package management system that is used to work with Ubuntu’s APT (Advanced Packaging Tool) library to perform the installation of new software packages, removing existing software packages, upgrading of existing software packages.

 

 

application

 

 

 

Tools that we Get after Updating List

  • NMAP: Security Scanner, Port Scanner, & Network Exploration Tool.
  • Bettercap: Powerful tool to perform MITM Attacks
  • Setoolkit: Allows to perform many Social Engineering Activities.

 

 

Tool

 

 

NMAP

Command # nmap 192.168.0.0/24

With NMAP installed, we have several ways to scan the network and test some services that are on servers.

At this simple lab, we performed a network scan and identified two network assets (but without any vulnerable service to attack).

 

NMAP

 

 

 

Bettercap

Insert Command # bettercap –sniffer

We got the login credentials at access router.

In addition to HTTP, we also obtain the HTTPS but will not be covered in this article.

With the weakest link of information security being the USER, he will always be subject to attacks and even without realizing that the Web Site digital certificate will be changed to that of the attacker doing the MITM attack.

 

 

Bettercap

 

 

Setoolkit

Insert Command Insert Command # service apache2 start && /usr/share/setoolkit/setoolkit

 

We validate that the apache service is working correctly. As soon as we change the test page from apache and leave the fake Google page for this test, we will insert the email and password to make sure that the attack works.

 

 

setoolkit

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore

Microsoft Azure Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Advance Python Training in Bhubaneswar

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Amazon Web Services Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Computer Forensic Training in Kolkata

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Internet Of Things Training

Data Analysis

Internet Of Things Training Hyderabad

Internet Of Things Training in Bhubaneswar

Internet Of Things Training in Bangalore

Embedded System Training

Digital Marketing Training

Machine Learning Training

Python Programming training

Android Training in Bangalore

Android Training in Hyderabad

Android Training in Bhubaneswar

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Web Penetration Testing Company in Bangalore

Network Penetration Testing – NPT

Network Penetration Testing Service in Bangalore

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad

 


Show Buttons
Hide Buttons