In this post, I would like to introduce an awesome tool named Drozer.
Drozer is a framework for Android security assessments developed by MWR Labs. Drozer helps to provide confidence that Android apps and devices being developed by, or deployed across, your organisation do not pose an unacceptable level of risk. By allowing you to interact with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.
A workstation (in my case Windows) with the following:
– JRE or JDK
– Android SDK
– An Android device or emulator running Android 2.1 or later.(in my case Android 4.4)
Please choose the appropriate download for your platform:
drozer (Debian/Ubuntu Archive)
drozer (Python .egg)
drozer (Agent .apk only)
drozer (Windows Installer) – Updated 2015-08-24
In Windows, we unzip file download and run file setup.exe.
Turn on Android emulator.
Check devices with adb command:
Install agent.apk on emulator:
adb install agent.apk
To start working with Drozer for your assessments, we need to connect the Drozer console we have on the workstation and agent sitting on the emulator. To do this, start the agent on your emulator and run the following command to port forward. Make sure you are running the embedded server when launching the agent.
adb forward tcp:31415 tcp:31415
We can simply run the following command to connect to the agent from the workstation.
drozer console connect
Listing out all the modules
Shows the list of all Drozer modules that can be executed in the current session.
Retrieving package information
To list out all the packages installed on the emulator, run the following command:
dz> run app.package.list
And more command you can view in here.