How to set up a mobile pen testing environment

Picture of Murilo Oliveria
Murilo Oliveria
All Posts
Hey there, this tutorial will guide you in setting up an android virtual device (AVD) in your machine to pen test mobile applications. I will also provide some useful commands to help you in a couple of additional commands at the end that you will probably come across when doing your tests, and you can follow this tutorial on your Mac or Windows devices. At the end of the post, we will achieve:
  • Android R (11) AVD
  • Rooted/Jailbreak AVD
  • Global System certificate installed in the AVD
  • Frida Server installed in the AVD
  • Https traffic captured through OWASP ZAP
Necessary files & applications:
Notes: 1. If you are having problems with your environment, I strongly recommend you uninstall Android Studio and remove all AVD images files, as our first step will cover. 2. By the date of that tutorial, the Postman proxy was not working with my environment. 3. My environment was tested with the highlighted versions above, so please use the same version if you have any problems. 4. Download the zip option on the Magisk Trust User Certs page.

Step 1 (optional) – Uninstall Android Studio & Remove AVD Images

I recommend that you at least remove all the AVD images from your system because only clean images will work with the rootAVD code. Android Studio can also create configuration files that occasionally cause issues in your deployment, but it is rarer than the device images.

The AVD images are located in C:\Users%USERNAME%\AppData\Local\Android\Sdk\system-image. Delete all the images that you will use. In our case, we are working with the Android API 30.

Step 2 – Install Android Studio

  • Install Android Studio on your device, which will be used to configure and emulate our AVDs.

Step 3 – Install SDK Platform Tools (ADB)

  • Unzip the file you have downloaded from the link above and rename it to “adb”.
  • Move the “adb” folder to the “C:/”
  • Search for “This PC” in your windows search and click on “Properties”. On the left menu, access “Advanced system settings” and then select the “Path” row in the “Users variables for %USERNAME%”. Click on “Edit…” above the “Users variables for %USERNAME%” section and then hit “New” to add a path. In the new window, type “C:\adb” and save it.

Step 4 – Prepare rootAVD

  • Unzip the rootAVD file.

Step 5 – Create an AVD

  • Open Android Studio and click on “AVD Manager” .
  • Click on “+ Create Virtual Device…”.
  • Create a Google Pixel 3 XL with Android R (API 30).
    • You can change the name of the device.
    • Do not change any further configuration.

Step 6 – root/Jailbreak the AVD

  • Open a CMD prompt terminal in your device.
  • Access the rootAVD folder (if it is in your downloads folder, follow the command below).
				
					cd C:\Users\%USERNAME%\Downloads\root-AVD-master
  • Run the rootAVD script as below.
    • The command will automatically turn your AVD off, so no panic.
				
					rootAVD.bat C:\Users\%USERNAME%\AppData\Local\Android\Sdk\system-images\android-30\google_apis\x86\ramdisk.img
  • Turn on the AVD once the command finishes.

Step 7 – Install Frida Server & Always Trust User Certs In the AVD, open the Magisk app and go to the plugin section.

  • In the AVD, open the Magisk app and go to the plugin section.
  • Search for MagiskFrida plugin and follow the prompts to install it.
  • Send the Magisk Trust User Certs zip file to the AVD as per the command below.
				
					cd C:/Users/%USERNAME%/Downloads
adb push .\AlwaysTrustUserCerts.zip /sdcard/Download
adb push is used to send files to your connected Android devices.
  • In the AVD open the Magisk app and go to the plugin section, and select install from local files.
  • Follow the prompt window to select and install Always Trust User Certs.

Step 8 – Install proxy certificates

  • Send the certificate to the Android device
				
					adb push .\owasp.cer /sdcard/Download
  • Install the certificate in the AVD in Security>Encryption & credentials>Install a certificate.
  • Follow the prompt window to select the certificate and complete the installation.

Step 9 – Configure AVD proxy

  • In the AVD point the proxy to OWASP ZAP.

Step 10 – All done! & Extra commands

Now you have an environment to pent test mobile applications on your computer, and here are some useful commands for you:

  • If you want to know which devices are connected to your machine, use:
				
					adb devices
  • If your devices do not show up in the list, try:
				
					adb reload
Thank you, and see you in my next post.
Share the Post:
Related Articals
All posts
March 28, 2024
Cyber Security Management: Best Practices for Australian Organisations
Picture of Ashwin Sharma
Ashwin Sharma
January 11, 2024
Zero Trust Framework in Australian Cyber Security
Picture of Ashwin Sharma
Ashwin Sharma
January 11, 2024
Security by Design Principles: How They Shape Australian Cyber Security
Picture of Ashwin Sharma
Ashwin Sharma

© All rights reserved

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below. The cookies that are categorized as “Necessary” are stored on your browser as they are essential for enabling the basic functionalities of the site.

We also use third-party cookies that help us analyze how you use this website, store your preferences, and provide the content and advertisements that are relevant to you. These cookies will only be stored in your browser with your prior consent.

 

You can choose to enable or disable some or all of these cookies but disabling some of them may affect your browsing experience.

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.
No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.
Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.
No cookies to display.
Reject All
Save my preference
Accept All