Tutorials

Androwarn – An open source APK static code analyzer

Androwarn is one of the most popular static code analyzer for malicious android applications whose main aim is to detect and warn the user about potential malicious behaviours.

Features of Androwarn –

Structural and data flow analysis of the bytecode targeting different malicious behaviors categories:

  1. Telephony identifiers exfiltration: IMEI, IMSI, MCC, MNC, LAC, CID, operator’s name…
  2. Device settings exfiltration: software version, usage statistics, system settings, logs…
  3. Geolocation information leakage: GPS/WiFi geolocation…
  4. Connection interfaces information exfiltration: WiFi credentials, Bluetooth MAC adress…
  5. Telephony services abuse: premium SMS sending, phone call composition…
  6. Audio/video flow interception: call recording, video capture…
  7. Remote connection establishment: socket open call, Bluetooth pairing, APN settings edit…
  8. PIM data leakage: contacts, calendar, SMS, mails…
  9. External memory operations: file access on SD card…
  10. PIM data modification: add/delete contacts, calendar events…
  11. Arbitrary code execution: native code using JNI, UNIX command, privilege escalation…
  12. Denial of Service: event notification deactivation, file deletion, process killing, virtual keyboard disable, terminal shutdown/reboot…

Androwarn works on mainly 3 modes i.e.

  • Essential Mode (-v 1)
  • Advanced Mode (-v 2)
  • Expert Mode (-v 3)

You can easily save your report in either plaintext or formatted HTML format.

Installation of Androwarn in Kali Linux –

To install Androwarn with Github, type “git clone https://github.com/maaaaz/androwarn.git” in your terminal.

Androwarn tool has some dependencies and to install these dependencies, follow below steps:

Install python, jinja2, git and mercurial development packages on your host:

Next download the latest Chilkat module on https://www.chilkatsoft.com/python.asp, according to your architecture (32 or 64 bits) and your python version (2.5, 2.6, 2.7, 3.0, 3.1, 3.2)

To install chilkat in your Kali Linux machine, follow below steps:

First step is to extract the chilkat package with the help of tar command: “tar xvf chilkat-9.5.0-python-2.7-x86_64-linux.tar.gz“.

To install chilkat package, type “python installchilkat.py” in same terminal.

To run Androwarn, type “python androwarn.py -i <yourapplication.apk> -r html -v 3

Here you can, we used -v 3, means expert mode, -i stands for input your apk file and -r stands for your report format which is HTML in this case and all the reports will be saved in “Report” folder.

To save your report in text format, type “python androwarn.py -i <yourapplication.apk> -r txt -v 3“.

Here is the sample for text format.

To view more about Androwarn tool, type “python androwarn.py -h“.

Yeahhub.com

Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.

https://www.yeahhub.com/

Leave a Reply

Your email address will not be published. Required fields are marked *

3 × 2 =