i EXPLOITME MOBILE ANDROID – Capture Sensitive Information – All things in moderation

EXPLOITME MOBILE ANDROID – Capture Sensitive Information

Hi guys, I think you have installed our environment for Labs Series.
In this post, we will exploit the mobile android in environment – Lab 1.
This is a simple lab, but it demonstrates a key point that we forgot sometimes, which is that mobile device traffic can still be sniffed.

Let’s learn how to see the traffic in clear-text using the android emulator.
The Android emulator has a built in setting to capture network traffic which makes it much easier for us to sniff data from android applications. Let’s go!
In folder contain emulator.exe we will command:

emulator.exe -avd name_emulator -tcpdump path/file_name.cap

Lab_1
Folder contain emulator.exe

Lab 1
My Android virtual divice(emulator)

Lab 1
My command

Lab 1
If you success you will see as above

this will perform a dump of the network traffic into the demo.cap file.

Our labs consist of two components ,the lab and the server so make sure the server is running! Again, you can do this by:

python app.py

Capture

Now, we will install file APK on emulator. We use file Base.apk(remotes/origin/Base)
You could also run through the Android Studio debugger as shown below:

Lab 1

The first lab is about network encryption, so clearly we’ll have to look at the network TCP dump to see how the application is performing authentication.

Let’s login using:
– username: jdoe
– pw: password

Lab 1

Lab 1

If you login success you will see something like this screen.

After turning off Android emulator, we will obtain demo.cap file. Open this file with WireShark or program could read file .cap.
In this post, i open demo.cap with WireShark.
Find the HTTP stream where the application logs in within the packet history.

Lab 1

Once you click on it, observe the contents of the HTTP packet and you’ll be able to notice something about how the applicatoin authenticates:

Lab 1

You can see authentication is performed in clear-text.

LAB 1 shows us how danger is when transmitting sensitive information in clear-text format. In the next post, I’m going to show you how to manipulte the user input and get their sensitve storage information. 🙂

Leave a Reply