Reverse Engineering Android Apps — Part 3
This is only for informative purposes. It is not intended for piracy or other non-legal uses.
If you haven’t read our previous blogs on Reverse Engineering Android, I encourage you to read those 2 parts before starting this one. Here are the links
Reverse Engineering Android Apps — Part 1 | by Dotworld Technologies | Medium
Reverse Engineering Android Apps — Part 2 | by Dotworld Technologies | Medium
In this story, we are going to see how to monitor the network traffic from an Android application. For that we are going to use Burp suite. It’s a paid application but don’t worry it also has a free community version available with some stripped down features which is enough to get started. You can download it here.
Steps for monitoring traffic
- Get apk of an Android application
- Modify it
- Install it in a emulator/physical device
- Configure burp and install certificate on the device
- Monitor the traffic
1. Get APK of an Android Application
Getting APK of an Android application is pretty easy. You can download it from here/here. You can also download and install it to your mobile device and extract from it using another app/using below command.
For this part, we are going to use an application build by us specially for this blog post. You can download it from the link below.
2. Modify it
Tools needed: APK Easy Tool
Yes, We need to edit it a bit to make the application to trust all certificates. This is relatively simple. If you don’t know how to use APK Easy Took, read our first 2 blog posts for more details about it.
Select the apk and click decompile and open the decompiled directory. Navigate to res/xml and look for file named “network_security_config.xml” and don’t worry if you didn’t find the file.
If network_security_config.xml was already there
Edit the file so it can look like this. Don’t modify the <domain-config>…</domain-config> part. Just add the <base-config>….</base-config> part so the app can trust user added certificates which we are going to do next.
If network_security_config.xml was not available
Easy, just create a file “network_security_config.xml” (make sure you created file with extension .xml) and copy paste all the contents given above.
Now navigate back to where it was extracted and find the file named “AndroidManifest.xml”
Open AndroidManifest.xml and search for text
If this line already available the close the file and leave as it is. If not add it to as attribute for application document like below and make sure you had typed it correctly.
Go to APK Easy tool again and give compile. It will generate an apk from extracted directory.
3. Install the APK in Emulator/Physical Device
Use adb to install the application to device
adb install filename.apk
or copy the file to device and install it.
4. Configure burp and install certificate on the device
…. developing story