Ethical Hacking: Mobile Devices and Platforms

with Alyssa Pratt

Preconfiguration File
This file contains details of the software and virtual machine configuration changes required to support the Ethical Hacking: Mobile Devices and
Platforms course. Each requirement is noted in the relevant course module, but you may wish to preload the software to avoid having to wait when
working through each video. All software is downloaded to and installed in Windows unless otherwise noted.

Download the SMSReader app using apps.evozi.com/apk-downloader and

rename to sms.apk. Copy the file to
SMSReader C:\Testing\ApkTool

C:\Testing\dex2jar
Note: ABank.apk is used as an example of a different structure, but is not
required to be downloaded.
Download from https://sourceforge.net/projects/dex2jar/ and extract into
dex2jar
C:\Testing\dex2jar
02_05 Extracting and reading JavaScript code
Download from http://jd.benow.ca/ and extract into
jd-gui
\Testing\jd-gui

02_06 Recreating Java source code files Download from http://varaneckas.com/jad/ and extract into
jad
with JAD C:\Testing\jad
Download from https://github.com/skylot/jadx/releases/tag/v1.0.0 and
02_07 Browsing applications directly with JADX jadx extract into
C:\Testing\jadx
This module uses the Android SDK already loaded.
02_09 Install an Android emulator from Note that some systems experience problems with the Android Emulator,
the SDK and you may want to set the skin to the WXGA800-7in or use a different API in
order to get a stable emulated device.

Ethical Hacking: Mobile Devices and Platforms with Alyssa Pratt 1 of 3

 Download from www.androidapksfree.com/apk/slack-android-latest-apk-
Slack.apk download and rename to slack.apk.
02_10 Dynamic analysis of Android
Copy to C:\Testing|AndroidSDK\platform-tools
applications
DB Browser for
Download from http://sqlitebrowser.org/ and install to its default path.
SQLite
Download from https://labs.mwrinfosecurity.com/tools/drozer/ and
install into
C:\Testing\drozer
Edit the \Testing\drozer\lib\drozer\configuration.py file to hard code the
javac path.
…..
02_11 Using Drozer to analyze applications drozer #is the required exe available on the PATH?
if path == None and cls.get(“executables”, name) == None:
path = ‘C:\\Program Files\\Java\\jdk1.8.0_101\\bin\\javac.exe’
……..
Copy the agent.apk file to
C:\Testing\AndroidSDK\platform-tools
Download from http://www.fosshub.com/Android-x86.html/android-x86-
4.4-r5.iso the Android iso image and install it as a new VM in VirtualBox.
VirtualBox configuration:
Linux 2.6/3.x/4.x/32 bit
1024 Mb RAM
02_12 Setting up a KitKat VM KitKat VM 6.22Gb VDI virtual disk
Add eternal USB Wi-Fi card.
OS configuration
Install Android x86 to hard disk.
Create hard disk as ext3.
Install GRUB bootloader.

Ethical Hacking: Mobile Devices and Platforms with Alyssa Pratt 2 of 3

 iPhone Obtain a dedicated test iPhone 4 running iOS 7.1.2.
Pangu 9 Download from http://pangu-download.com/ and run the jailbreak.

03_03 Jailbreaking for command line access Cydia will be installed.

AppSync Install on the iPhone through Cydia.
OpenSSH Install on the iPhone through Cydia.
Putty Download from http://www.putty.org/ and install into its default location .
Erica Utilities Install on the iPhone through Cydia.
Add the source repository: http://cydia.iphonecake.com
Clutch Install on the iPhone through Cydia.
Make the file executable using chmod +x /usr/bin/Clutch using PuTTY.
Add the source repository: http://cydia.radare.
classdumpz
Install on the iPhone through Cydia.
03_04 Preparing to test iOS applications Ipainstaller Install on the iPhone through Cydia.
Download from https://winscp.net/eng/download.php and install into its
WinSCP
default location.
DB Browser for Download from http://sqlitebrowser.org/ and install to its default path.
SQLite (Note: if not installed above in module 02_10)
Download from https://www.hex-rays.com/products/ida/ and install into its
IDA
default location
03_05 Extracting properties and class headers Bubbsie Download from App Store.
Download from https://www.hopperapp.com/download using the Firefox
Hopper
automatic installation
Extract the Bubbsie.apk from the iPhone using WinSCP and rename it
03_06 Disassembling iOS executable code Bubbsie bubbsie.apk.

Copy it into Ubuntu.

Ethical Hacking: Mobile Devices and Platforms with Alyssa Pratt 3 of 3