Drozer
Jump to navigation
Jump to search
Description
Drozer is a powerful security assessment framework for the Android platform.
A more complete documentation is available here: https://labs.mwrinfosecurity.com/system/assets/502/original/mwri_drozer-users-guide_2013-07-25.pdf
Installation
Install drozer
$ wget https://www.mwrinfosecurity.com/system/assets/933/original/drozer-2.3.4.tar.gz $ tar xzvf drozer-2.3.4.tar.gz $ sudo easy_install drozer-2.3.4-py2.7.egg
Install the drozer agent (android device)
drozer comes with a drozer agent. All you need to do is to install it on the android device and run it:
mobisec@ubuntu:/data$ adb install agent.apk 1289 KB/s (633111 bytes in 0.479s) pkg: /data/local/tmp/agent.apk
Usage
Start drozer agent
Once drozer agnet has been installed on the Android device, you can start it by clicking on the drozer icon and by clicking on the OFF/ON switch:
port forwarding
$ adb forward tcp:31415 tcp:31415
Open connection
mobisec@ubuntu:/opt/mobisec/Android/sdk/tools$ sudo drozer console connect Selecting d080e076f68a03e5 (unknown sdk 4.4.4) .. ..:. ..o.. .r.. ..a.. . ....... . ..nd ro..idsnemesisand..pr .otectorandroidsneme. .,sisandprotectorandroids+. ..nemesisandprotectorandroidsn:. .emesisandprotectorandroidsnemes.. ..isandp,..,rotectorandro,..,idsnem. .isisandp..rotectorandroid..snemisis. ,andprotectorandroidsnemisisandprotec. .torandroidsnemesisandprotectorandroid. .snemisisandprotectorandroidsnemesisan: .dprotectorandroidsnemesisandprotector. drozer Console (v2.3.4) dz> help drozer: Android Security Assessment Framework Type `help COMMAND` for more information on a particular command, or `help MODULE` for a particular module. Commands: cd contributors env help load permissions set unset clean echo exit list module run shell Miscellaneous help topics: intents