maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Translated ['src/mobile-pentesting/android-checklist.md'] to sw

Browse Source
This commit is contained in:
Translator 2025-08-20 00:20:40 +00:00
parent 09026094aa
commit 1543f5202b
1 changed files with 26 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/mobile-pentesting/android-checklist.md
View File

@ -21,9 +21,9 @@
### [Static Analysis](android-app-pentesting/index.html#static-analysis)
- [ ] Angalia matumizi ya [obfuscation](android-checklist.md#some-obfuscation-deobfuscation-information), angalia kama simu imekuwa rooted, kama emulator inatumika na ukaguzi wa kupambana na uharibifu. [Soma hapa kwa maelezo zaidi](android-app-pentesting/index.html#other-checks).
- [ ] Programu nyeti (kama programu za benki) zinapaswa kuangalia kama simu imekuwa rooted na kuchukua hatua kwa mujibu wa hilo.
- [ ] Tafuta [nyuzi za kuvutia](android-app-pentesting/index.html#looking-for-interesting-info) (nywila, URL, API, usimbuaji, milango ya nyuma, tokeni, Bluetooth uuids...).
- [ ] Angalia matumizi ya [obfuscation](android-checklist.md#some-obfuscation-deobfuscation-information), angalia kama simu imekuwa rooted, kama emulator inatumika na ukaguzi wa kupambana na uharibifu. [Soma hii kwa maelezo zaidi](android-app-pentesting/index.html#other-checks).
- [ ] Programu nyeti (kama programu za benki) zinapaswa kuangalia kama simu imekuwa rooted na zinapaswa kuchukua hatua kwa mujibu wa hilo.
- [ ] Tafuta [nyuzi za kuvutia](android-app-pentesting/index.html#looking-for-interesting-info) (nywila, URLs, API, usimbuaji, milango ya nyuma, tokeni, Bluetooth uuids...).
- [ ] Kipaumbele maalum kwa [firebase ](android-app-pentesting/index.html#firebase)APIs.
- [ ] [Soma hati ya maombi:](android-app-pentesting/index.html#basic-understanding-of-the-application-manifest-xml)
- [ ] Angalia kama programu iko katika hali ya debug na jaribu "kuikabili"
@ -36,22 +36,39 @@
- [ ] Je, programu inas[aidia kuhifadhi data kwa njia isiyo salama ndani au nje](android-app-pentesting/index.html#insecure-data-storage)?
- [ ] Je, kuna [nywila iliyowekwa kwa nguvu au kuhifadhiwa kwenye diski](android-app-pentesting/index.html#poorkeymanagementprocesses)? Je, programu [inatumia algorithimu za usimbuaji zisizo salama](android-app-pentesting/index.html#useofinsecureandordeprecatedalgorithms)?
- [ ] Je, maktaba zote zimeundwa kwa kutumia bendera ya PIE?
- [ ] Usisahau kwamba kuna kundi la [static Android Analyzers](android-app-pentesting/index.html#automatic-analysis) ambazo zinaweza kukusaidia sana katika hatua hii.
- [ ] Usisahau kwamba kuna kundi la [analyzer za Android za statiki](android-app-pentesting/index.html#automatic-analysis) ambazo zinaweza kukusaidia sana katika hatua hii.
- [ ] `android:exported` **ni lazima kwenye Android 12+** vipengele vilivyowekwa vibaya vinaweza kusababisha mwito wa nia za nje.
- [ ] Kagua **Mipango ya Usalama wa Mtandao** (`networkSecurityConfig` XML) kwa `cleartextTrafficPermitted="true"` au marekebisho maalum ya kikoa.
- [ ] Tafuta simu za **Play Integrity / SafetyNet / DeviceCheck** thibitisha ikiwa uthibitisho wa kawaida unaweza kuunganishwa/kupitishwa.
- [ ] Kagua **Viungo vya Programu / Viungo vya Kina** (`android:autoVerify`) kwa masuala ya kuelekeza nia au kuelekeza wazi.
- [ ] Tambua matumizi ya **WebView.addJavascriptInterface** au `loadData*()` ambayo yanaweza kusababisha RCE / XSS ndani ya programu.
- [ ] Changanua vifurushi vya cross-platform (Flutter `libapp.so`, React-Native JS bundles, Capacitor/Ionic assets). Zana maalum:
- `flutter-packer`, `fluttersign`, `rn-differ`
- [ ] Scan maktaba za asili za wahusika wengine kwa CVEs zinazojulikana (mfano, **libwebp CVE-2023-4863**, **libpng**, n.k.).
- [ ] Kadiria **SEMgrep Mobile rules**, **Pithus** na matokeo ya hivi karibuni ya **MobSF ≥ 3.9** yaliyosaidiwa na AI kwa matokeo ya ziada.
### [Dynamic Analysis](android-app-pentesting/index.html#dynamic-analysis)
- [ ] Andaa mazingira ([mtandaoni](android-app-pentesting/index.html#online-dynamic-analysis), [VM ya ndani au kimwili](android-app-pentesting/index.html#local-dynamic-analysis))
- [ ] Andaa mazingira ([mtandaoni](android-app-pentesting/index.html#online-dynamic-analysis), [VM ya ndani au ya kimwili](android-app-pentesting/index.html#local-dynamic-analysis))
- [ ] Je, kuna [kuvuja kwa data zisizokusudiwa](android-app-pentesting/index.html#unintended-data-leakage) (kuandika, nakala/paste, kumbukumbu za ajali)?
- [ ] [Taarifa za siri zinahifadhiwa katika SQLite dbs](android-app-pentesting/index.html#sqlite-dbs)?
- [ ] [Taarifa za siri zinahifadhiwa katika hifadhidata za SQLite](android-app-pentesting/index.html#sqlite-dbs)?
- [ ] [Shughuli zilizofichuliwa zinazoweza kutumika](android-app-pentesting/index.html#exploiting-exported-activities-authorisation-bypass)?
- [ ] [Watoa maudhui wanaoweza kutumika](android-app-pentesting/index.html#exploiting-content-providers-accessing-and-manipulating-sensitive-information)?
- [ ] [Huduma zilizofichuliwa zinazoweza kutumika](android-app-pentesting/index.html#exploiting-services)?
- [ ] [Vipokezi vya matangazo vinavyoweza kutumika](android-app-pentesting/index.html#exploiting-broadcast-receivers)?
- [ ] Je, programu [inasambaza taarifa kwa maandiko wazi/ikatumia algorithimu dhaifu](android-app-pentesting/index.html#insufficient-transport-layer-protection)? Je, MitM inawezekana?
- [ ] Je, programu [inasambaza taarifa kwa maandiko wazi/kutumia algorithimu dhaifu](android-app-pentesting/index.html#insufficient-transport-layer-protection)? Je, MitM inawezekana?
- [ ] [Kagua trafiki ya HTTP/HTTPS](android-app-pentesting/index.html#inspecting-http-traffic)
- [ ] Hii ni muhimu sana, kwa sababu ikiwa unaweza kukamata trafiki ya HTTP unaweza kutafuta udhaifu wa kawaida wa Mtandao (Hacktricks ina habari nyingi kuhusu udhaifu wa Mtandao).
- [ ] Angalia uwezekano wa [Android Client Side Injections](android-app-pentesting/index.html#android-client-side-injections-and-others) (labda uchambuzi wa msimbo wa statiki utaweza kusaidia hapa)
- [ ] [Frida](android-app-pentesting/index.html#frida): Frida tu, tumia ili kupata data ya kuvutia ya kidinamik kutoka kwa programu (labda nywila zingine...)
- [ ] Angalia uwezekano wa [Mingiliano ya upande wa mteja wa Android](android-app-pentesting/index.html#android-client-side-injections-and-others) (labda uchambuzi wa msimbo wa statiki utaweza kusaidia hapa)
- [ ] [Frida](android-app-pentesting/index.html#frida): Frida tu, itumie kupata data ya kuvutia ya dynamic kutoka kwa programu (labda nywila zingine...)
- [ ] Jaribu **Tapjacking / Mashambulizi yanayoendeshwa na Animation (TapTrap 2025)** hata kwenye Android 15+ (hakuna ruhusa ya overlay inahitajika).
- [ ] Jaribu **overlay / SYSTEM_ALERT_WINDOW clickjacking** na **kudhulumu Huduma za Urahisi** kwa ajili ya kupandisha hadhi.
- [ ] Angalia kama `adb backup` / `bmgr backupnow` bado inaweza kutupa data ya programu (programu ambazo zilisahau kuzima `allowBackup`).
- [ ] Chunguza **Binder-level LPEs** (mfano, **CVE-2023-20963, CVE-2023-20928**); tumia fuzzers za kernel au PoCs ikiwa inaruhusiwa.
- [ ] Ikiwa Play Integrity / SafetyNet inatekelezwa, jaribu vidokezo vya wakati wa kukimbia (`Frida Gadget`, `MagiskIntegrityFix`, `Integrity-faker`) au upya wa kiwango cha mtandao.
- [ ] Panga na zana za kisasa:
- **Objection > 2.0**, **Frida 17+**, **NowSecure-Tracer (2024)**
- Ufuatiliaji wa mfumo mzima wa dynamic na `perfetto` / `simpleperf`.
### Some obfuscation/Deobfuscation information