Android

Why Android Challenges

  • Gain a better understanding of secure Android app development.
  • Understand the steps and tools required to reverse engineer Android applications.
  • Learn how to perform the security evaluation of Android applications and detect vulnerabilities.
  • Obtain familiarity with the Android file system and the location of forensic artefacts.
  • Conduct Android pentesting – find and exploit vulnerabilities.

Android Application Structure

An Android application is a software designed to run on an Android device or emulator. The source code and user interface elements are spread across various files and folders. Understanding the Android application structure is an important first step to solve Android-related CTF challenges. Below is an example of files and folders of an Android application.

  •  AndroidManifest.xml: contains the structure and metadata of the application. Usually, all permissions, API keys, etc. are stored inside this file.
  •  java/: contains the source code files.
  •  drawable/: the folder holds images, videos, gifs, etc.
  •  layout/: defines the visual structure for the app UI (XML format).
  •  mipmap/: the folder for the different sized icons.
  •  colors.xml: color resource file of the Android application.
  •  strings.xml: string resource file of the Android application.
  •  styles.xml: styles resource file of the Android application.
  •  Gradle Scripts: lists various dependencies, targeted SDK, obfuscation, etc.

Android Application Components

  • Activities: manage the creation of the user interface (UI) and handles user interaction. A good starting point in challenges is to look for the Main Activity, as well as any hidden activities.
  • Broadcast receivers: handles alerts that occur between the application and the operating system.
  • Services: provides background or remote processes, not visible via the user interface.
  • Content providers: manages data and database interaction.

Android Application Data Storage

  • Internal File Storage: store private application files in the device’s file system.
  • External File Storage: store files in the external (public) shared file system.
  • Shared Preferences: store private data in key/value pairs.
  • Databases: store structured data in a private database (SQLite).

Android APK Structure

  • AndroidManifest.xml: key information elements about the app.
  • META-INF/: contains SHA-256 hashes of all files and signature of APK.
  • classes.dex: compiled application code in Dalvik executable (dex) format.
  • lib/: compiled native libraries used by your app.
  • res/: holds resource files such as pictures, XML files, etc. and contains some additional folders such as Drawable, Layout, and Values.
  • assets/: application assets.
  • resources.arsc: compiled resources in a binary format; may include images, strings, or other data used by the application.
  • kotlin/: Kotlin specific data if written using the Kotlin language.

Android CTF tools

  • Android Studio: development environment, Android SDK, setup emulators.
  • Android Debug Bridge (ADB): used to communicate, interact, or perform debug operations with a physical device or emulator.
  • apktool: decompile an existing Android application.
  • dex2jar: convert the dex code to jar format.
  • JD-GUI: a tool that allows you to view the java source code of an APK file directly.
  • MobSF: perform automatic static analysis of an APK.
  • drozer: find and exploit vulnerabilities.
  • Frida: dynamic instrumentation tool, inject code.
  • apksigner: used to sign modified APKs.

Practice

The following TryHackMe rooms offer practical exercises to grasp the topics discussed above.