Androwarn is one of the most popular static code analyzer for malicious android applications whose main aim is to detect and warn the user about potential malicious behaviours.
Features of Androwarn –
Structural and data flow analysis of the bytecode targeting different malicious behaviors categories:
- Telephony identifiers exfiltration: IMEI, IMSI, MCC, MNC, LAC, CID, operator’s name…
- Device settings exfiltration: software version, usage statistics, system settings, logs…
- Geolocation information leakage: GPS/WiFi geolocation…
- Connection interfaces information exfiltration: WiFi credentials, Bluetooth MAC adress…
- Telephony services abuse: premium SMS sending, phone call composition…
- Audio/video flow interception: call recording, video capture…
- Remote connection establishment: socket open call, Bluetooth pairing, APN settings edit…
- PIM data leakage: contacts, calendar, SMS, mails…
- External memory operations: file access on SD card…
- PIM data modification: add/delete contacts, calendar events…
- Arbitrary code execution: native code using JNI, UNIX command, privilege escalation…
- Denial of Service: event notification deactivation, file deletion, process killing, virtual keyboard disable, terminal shutdown/reboot…
Androwarn works on mainly 3 modes i.e.
- Essential Mode (-v 1)
- Advanced Mode (-v 2)
- Expert Mode (-v 3)
You can easily save your report in either plaintext or formatted HTML format.
Installation of Androwarn in Kali Linux –
To install Androwarn with Github, type “git clone https://github.com/maaaaz/androwarn.git” in your terminal.
Androwarn tool has some dependencies and to install these dependencies, follow below steps:
Install python, jinja2, git and mercurial development packages on your host:
Next download the latest Chilkat module on https://www.chilkatsoft.com/python.asp, according to your architecture (32 or 64 bits) and your python version (2.5, 2.6, 2.7, 3.0, 3.1, 3.2)
To install chilkat in your Kali Linux machine, follow below steps:
First step is to extract the chilkat package with the help of tar command: “tar xvf chilkat-9.5.0-python-2.7-x86_64-linux.tar.gz“.
To install chilkat package, type “python installchilkat.py” in same terminal.
To run Androwarn, type “python androwarn.py -i <yourapplication.apk> -r html -v 3”
Here you can, we used -v 3, means expert mode, -i stands for input your apk file and -r stands for your report format which is HTML in this case and all the reports will be saved in “Report” folder.
To save your report in text format, type “python androwarn.py -i <yourapplication.apk> -r txt -v 3“.
Here is the sample for text format.
To view more about Androwarn tool, type “python androwarn.py -h“.
You may also like:- Most Common DNS Record Types and Their Roles
- Top Skills Needed to Become a Cybersecurity Analyst
- Mastering Windows Management with WMIC Commands – Top 20 Examples
- Edit and Compile Code with the Best 5 Code Editors
- 50+ Top DevSecOps Tools You Need To Know
- Learn How to Add Proxy and Multiple Accounts in MoreLogin
- Some Useful PowerShell Cmdlets
- Create Free SSL Certificate – ZEROSSL.COM [2020 Tutorial]
- Generate Self-Signed SSL Certificate with OPENSSL in Kali Linux
- RDP – CredSSP Encryption Oracle Remediation Solution 2020