The Hack Lair
pnxauh22krzb5xso.onion

Getting your Android device ready for hacking

So you want to hack some piece of software available on Android devices he? Here’s how to setup a dedicate debugging (ahem) device.

Getting a hackable device

We strongly recommend you use a dedicated device for developing, hacking, bug hunting and testing. All of those can have undesirable effects on your device.

Cheap devices

Repairing a broken mobile is cheap and a great way to learn. You will need a repair kit and probably a heat gun. Then Google around for instructions on how to fix your device.

Install CyanogenMod OS

Get a Cyanogen compatible device list. During CyanogenMod install install the TWRP recovery image and when installing Google Apps install the smallest package possible.

Installing software from other sources

During your hacking adventures you are highly likely to need software that wasn’t approved or submitted to Google Play. So you will need to enable installation form unknown sources. In the settings search for the term “Install” and select “Install from storage”. Then activate “Unknown sources”. You will see a box pop-up that ask if Google can analyze your device for “security” purpose. Obviously, we don’t want that. The box will pop-up from time to time. Always answer negatively.

Disable Google history

If you use a Google account on the device, which I discourage, log into Google history dashboard and pause the history features. Else it’s going to track and keep note of your searches, location, browsing history and much more.

Cleanup

Once it’s booted go to settings, apps and disable all the apps you think won’t be useful. Since this list is different on each device, you’ll have to figure it out yourself.

Enable developer options

Now activate developer mode and the following options:

Install ADB debugging tools

This guide explain how to install ADB on Linux, OSX and Windows.

We strongly recommend you use a Linux desktop. Ubuntu is easy to pickup.

Trying a few things out

If everything is setup correctly you should have unrestricted access to your device. Let’s try a few of then and see how it goes.

Browsing through your phone files

In the terminal type: adb shell. You should see a command promt that look like shell@device:/ $ From there you can wander around with basic Linux commands like; cd and ls.

Fetching logs

It is possible to get the system logs. All apps write to this logfile so game software are likely to have usable information in there. Type adb logcat in your command promt and it should display.

Other posts from the Android forensics and security analysis series: