VirtualDynamicAnalysis

PoC app to demonstrate how to perform dynamic analysis on apps installed inside a cloning app without root or repackaging the application. This app is based on VirtualApp Changes required to use Virtual App in 9.0 is cloned from VirtualAppEx

License and Warning

Since this app is derived from Virtual app. Please refer to VirtualApp's declaration.

Demo

Attacking Popular apps with fake security provider

Google Authenticator

Google Authenticator depends on the default Security Provider. By executing it inside the cloning app OTP seed used in HMAC operation can be fetched from the logcat

Microsoft Authenticator

The same case with Microsoft Authenticator

Attacking Android Keystore

This is to demonstrate how a Fake Biometric Authentication App installed alongside a benign Biometric Authentication app inside cloning app can make use of the AES Key generated inside Android Keystore to decrypt a secret message

Debugging a playstore application

This is to demonstrate any guest app can be made debuggable if the host app is debuggable

Blog

For more details please visit my blog Part 1 blog Part 2

About

A basic android pentest environment to instrument apps without root or repackaging an app

Languages

Language:Java 67.4%Language:C 15.1%Language:C++ 14.8%Language:Kotlin 1.7%Language:Makefile 0.6%Language:Assembly 0.3%Language:Objective-C 0.2%Language:Starlark 0.0%