Description

Drozer is a powerful security assessment framework for the Android platform.

A more complete documentation is available here: https://labs.mwrinfosecurity.com/system/assets/502/original/mwri_drozer-users-guide_2013-07-25.pdf

Installation

Install drozer

$ wget https://www.mwrinfosecurity.com/system/assets/933/original/drozer-2.3.4.tar.gz
$ tar xzvf drozer-2.3.4.tar.gz
$ sudo easy_install drozer-2.3.4-py2.7.egg

Install the drozer agent (android device)

drozer comes with a drozer agent. All you need to do is to install it on the android device and run it:

mobisec@ubuntu:/data$ adb install agent.apk
1289 KB/s (633111 bytes in 0.479s)
       pkg: /data/local/tmp/agent.apk

Usage

Start drozer agent

Once drozer agnet has been installed on the Android device, you can start it by clicking on the drozer icon and by clicking on the OFF/ON switch:

port forwarding

$ adb forward tcp:31415 tcp:31415

Open connection

mobisec@ubuntu:/opt/mobisec/Android/sdk/tools$ sudo drozer console connect
Selecting d080e076f68a03e5 (unknown sdk 4.4.4)

            ..                    ..:.
           ..o..                  .r..
            ..a..  . ....... .  ..nd
              ro..idsnemesisand..pr
              .otectorandroidsneme.
           .,sisandprotectorandroids+.
         ..nemesisandprotectorandroidsn:.
        .emesisandprotectorandroidsnemes..
      ..isandp,..,rotectorandro,..,idsnem.
      .isisandp..rotectorandroid..snemisis.
      ,andprotectorandroidsnemisisandprotec.
     .torandroidsnemesisandprotectorandroid.
     .snemisisandprotectorandroidsnemesisan:
     .dprotectorandroidsnemesisandprotector.

drozer Console (v2.3.4)
dz> help

drozer: Android Security Assessment Framework

Type `help COMMAND` for more information on a particular command, or `help
MODULE` for a particular module.

Commands:
         
cd     contributors  env   help  load    permissions  set    unset
clean  echo          exit  list  module  run          shell

Miscellaneous help topics:
                          
intents