Beginner Guide for Android Application Penetration Testing (Part 1)

The cyber security Enthusiasts or anyone who is willing to start android application penetration testing should know about android platform, its architecture and the application structure so that he/she can understand how to proceed further. The same will be explained in this blog Post.

Android Platform Overview:

This section introduces the Android platform from an architecture point of view. The following two areas are discussed:

1. Android security architecture

2. Android application structure

1. Android Security Architecture:

Android is a Linux-based open source platform developed by Google, which serves as a mobile operating system (OS). Today the platform is the foundation for a wide variety of modern technology, such as mobile phones, tablets, wearable, TVs, and other “smart” devices.

Android’s software stack is composed of several different layers. Each layer defines interfaces and offers specific services.The following diagram shows the major components of the Android platform.

Linux Kernel:

The foundation of the Android platform is the Linux kernel which is at the lowest level as you can see in the image.

Hardware Abstraction Layer (HAL):

The HAL Defines a Interface for interacting with Built-in hardware components such as Audio, Bluetooth etc. Also this Layer Exposes the capability of the hardware with Java API Framework.The HAL Consists of Library modules which implements and interface for a Hardware such as Audio, Bluetooth.When a framework API makes a call to access device hardware, the Android system loads the library module for that hardware component.

Android Runtime (ART):

For devices running Android version 5.0 (API level 21) or higher, each app runs in its own process and with its own instance of the ART. ART is written to run multiple virtual machines on low-memory devices by executing DEX files.

Prior to Android version 5.0 (API level 21), Dalvik was the Android runtime.

The key difference between Dalvik and ART is the way the bytecode is executed.

In Dalvik, bytecode is translated into machine code at execution time, this process is known as Just-in-time (JIT) compilation, which means the compilation must be peformed every time the app is executed, which decreases the performance.

In ART, apps are precompiled before they are executed for the first time, this process is known as Ahead-of-time (AOT) compilation, which also uses precompiled machine code for all subsequent executions, which increases the performance.

Native C/C++ Libraries:

Many core Android system components and services, such as ART and HAL, are built from native code that require native libraries written in C and C++.

Java API Framework:

The entire feature-set of the Android OS is available to you through APIs written in the Java language. These APIs form the building blocks you need to create Android apps by simplifying the reuse of core, modular system components and services which includes the following:

Resource Manager: Provides access to non-code resources such as localized strings, graphics, and layout files.

Notification Manager: Enables all apps to display custom alerts in the status bar.

Activity Manager: Manages the lifecycle of apps and provides a common navigation back stack.

Content Providers: Enable apps to access data from other apps, such as the Contacts app, or to share their own data.

System Apps:

Android comes with a set of core apps for email, SMS messaging, calendars, internet browsing, contacts, and more.

2. Android APP Structure:

Manifest file:

Every app has an Android Manifest file, which embeds content in binary XML format. The Default name of this file is AndroidManifest.xml. It is located in the root directory of the app’s Android Package Kit (APK) file.

The manifest file describes the app structure, its components (activities, services, content providers, and intent receivers), and requested permissions.

The XML below is a simple example AndroidManifest.xml that declares two activities for the app.

<?xml version="1.0" encoding="utf-8"?>
    <!-- Beware that these values are overridden by the build.gradle file -->
    <uses-sdk android:minSdkVersion="15" android:targetSdkVersion="26" ></uses-sdk>
        <!-- This name is resolved to com.example.myapp.MainActivity
             based upon the package attribute -->
        <activity android:name=".MainActivity">
                <action android:name="android.intent.action.MAIN" ></action>
                <category android:name="android.intent.category.LAUNCHER" ></category>
            android:parentActivityName=".MainActivity" ></activity>

An Android application consists of various components, which together create the working application. These components are Activities, Services, Broadcast Receivers, Content providers, and Shared Preferences. Now, let’s have a quick walkthrough of what these different components are all about:

Activities: These are the visual screens which a user could interact with. These may include buttons, images, TextView, or any other visual component.

Services: These are the Android components which run in the background and carry out specific tasks specified by the developer. These tasks may include anything from downloading a file over HTTP to playing music in the background.

Broadcast Receivers: These are the receivers in the Android application that listen to the incoming broadcast messages by the Android system, or by other applications present in the device. Once they receive a broadcast message, a particular action could be triggered depending on the predefined conditions. The conditions could range from receiving an SMS, an incoming phone call, a change in the power supply, and so on.

Shared Preferences: These are used by an application in order to save small sets of data for the application. This data is stored inside a folder named shared_prefs. These small datasets may include name value pairs such as the user’s score in a game and login credentials. Storing sensitive information in shared preferences is not recommended, as they may fall vulnerable to data stealing and leakage.

Intents: These are the components which are used to bind two or more different Android components together. Intents could be used to perform a variety of tasks, such as starting an action, switching activities, and starting services.

Content Providers: These are used to provide access to a structured set of data to be used by the application. An application can access and query its own data or the data stored in the phone using the Content Providers.

Thank you!!

Spread the love

Related Posts

root Detection Bypass

Android App Root Detection Bypass by Reverse Engineering

In this Article we will learn about one of the ways to bypass Root Detection

Beginner Guide for Android Application Penetration Testing (Part 2)

In our Previous post we had learnt about android platform and it's security architecture, if

6 thoughts on “Beginner Guide for Android Application Penetration Testing (Part 1)”

  1. Great blog the way of delivering the content and way of representing it is clear and helpful for beginner hoping for part 2

  2. I love what you guys tend to be up too. Such clever work and exposure!
    Keep up the terrific works guys I’ve added you guys to my own blogroll.
    I have been browsing on-line more than three hours as of
    late, but I never found any attention-grabbing article like yours.
    It’s lovely value sufficient for me. In my view, if all website owners and bloggers made excellent
    content material as you probably did, the net shall be a
    lot more useful than ever before. Ahaa, its pleasant
    discussion concerning this paragraph here at this web
    site, I have read all that, so now me also commenting here.

    Feel free to visit my web-site: Amy

  3. I was curious if you ever considered changing the page layout of your website?
    Its very well written; I love what youve got to say.
    But maybe you could a little more in the way of content so people
    could connect with it better. Youve got an awful lot of text for only having
    one or two pictures. Maybe you could space
    it out better?

Leave a Reply to Bikash Rouniyar Cancel reply

Your email address will not be published.