Drozer is a security testing framework for Android, which allows you to easily scan for vulnerabilities in Android components. Typically, this involves scanning activities, content providers, broadcast receivers, and services. In this article, you will learn how to install Drozer and connect it to a local Android emulator.
There are two components available for Drozer. The first component is the Drozer agent. This component is installed on your Android device. The Drozer agent acts as a server, running on port 31415. The Drozer client runs on any computer and it is designed to send requests to the Drozer agent. With these two components together, you can scan you Android applications for vulnerabilities. Let's get started with installing the Drozer agent!
Installing the Drozer Agent
To connect to a device, Drozer uses an agent application. This application is available on the Drozer repository. To install the agent on your device, first, download the agent APK. Once you have downloaded the apk, use adb to install the app using the following command:
adb install drozer-agent.apk
After this command completes, locate the drozer agent application on your device. Tap the app to open it. The main app screen will provide you with the ability to start the Drozer embedded server. Tap the button labelled Off to activate the server.
The Drozer server runs on port 31415 of your device. To allow this port to be reachable, you need to forward the port using the following adb command:
adb forward tcp:31415 tcp:31415
Your drozer agent is now ready to accept connections from the drozer client!
Installing the Drozer client
Drozer provides you with a variety of methods for installing the Drozer client. For this tutorial, we will use the Docker version of Drozer. To start, ensure that your have Docker installed on your computer.
You can install and run Drozer through Docker using a single command:
docker run -it --add-host host.docker.internal:host-gateway withsecurelabs/drozer console connect --server host.docker.internal
This command creates a connection between the Docker image and your local computer. With the connection created, it downloads the withsecurelabs/drozer image and runs the console connect command to connect to your local emulator. Once this is complete you will receive a shell that is connected to the Drozer agent! You are now up and running with Drozer.
Learn More About Android Penetration Testing with OliveStem
Want to learn more about Drozer and Android penetration testing? Check out our Android penetration testing course!
Top comments (0)