PwnSec Notes
  • AppSec
    • General Notes
    • Payloads
    • Fuzzing
    • Code Review
    • ReDos
    • SSTI
    • LFI-RFI
    • PHP Tricks
    • Javascript
    • Serialization
    • SQL Injection
    • JWT
    • GraphQL
    • Side Channel
    • Command Execution
    • WebSockets
    • Ruby
    • 0Auth
    • Latex Injection
    • NoSQL
    • JS Analysis
    • Apache Lucene
  • Forensics
    • Basics
    • Network Captures
    • Windows Logs
    • Memory
    • Browser
    • Threat Intelligence
    • Disk
  • Binary-Exploitation
    • Concepts
    • Binary Analysis
    • Debugging
    • Shellcodes
  • Malware-Analysis
    • Memory Mapping
    • Macros
    • Unpacking
    • Analysis
    • Resources
  • Reverse-Engineering
    • GDB basics
    • MASM Basics
    • Decompilers
    • Useful Codes
  • Services
    • SNMP
    • Grafana
    • Consul
  • Network Pentesting
    • C2 Servers
    • Pivoting
    • CrackMapExec
    • Kubernetes
    • Docker
  • MISC
    • Slack
    • Git
    • Pyjails
    • Privilege Escalation
    • Python LOL Code
  • Cloud Hacking
    • AWS S3
    • AWS Cognito
  • Mobile Pentesting
    • Frida
    • ADB
    • Drozer
    • Smali
    • Static Analysis
    • Dynamic Analysis
    • Bypass SSL Pinning
    • APK Labs
    • Android Malwares
    • Abusing Firebase
    • Root Detection
Powered by GitBook
On this page
  1. Mobile Pentesting

Drozer

PreviousADBNextSmali

Last updated 2 years ago

info about packages:
		
		run app.package.list -f  <name of the app>

		run app.package.info -a <name of the package>
		
read manifest:
		run app.package.manifest <name of the package>
		
attack surface of the package:
	
		run app.package.attacksurface <name od the package>
		example res:
			Attack Surface:
 			3 activities exported
 			0 broadcast receivers exported
 			2 content providers exported
 			2 services exported
 			is debuggable
			Activities: Maybe you can start an activity and bypass some kind of authorization that should be prevent you from launching it.
			Content providers: Maybe you can access private data or exploit some vulnerability (SQL Injection or Path Traversal)

Activities:
	
		run app.activity.info -a <name of the package>
	
		run app.activity.start --component <package name> <activity name>
		
Services:
	
		run app.service.info -a <package name>
		run app.service.send 	#to send messages to a service
		run app.service.start 	#to start a service
		run app.service.stop	#to stop a service 

	
Broadcast Receivers:

		run app.broadcast.info -a <package name>

		run app.broadcast.send --action <action of the reciver> --component <package name of the reciver> <name of the class that start the broadcast> --extra string <parameter in the broadcast> <the data you want to enter in the parameter>
LogoGitHub - WithSecureLabs/drozer: The Leading Security Assessment Framework for Android.GitHub