-
Notifications
You must be signed in to change notification settings - Fork 45
Getting Started With EVABS
EVABS (Extremely Vulnerable Android Labs) is an Android application that aims at helping Android security beginners with a CTF-style, story-based lab series. The application has 12 levels as of now, with the difficulty stepping-up linearly. Each level introduces the user to a particular vulnerability and gifts a flag if exploited successfully.
- Linux/MAC (Recommended)
- Basic Android programming
- Android device (rooted)/Emulator
Setting up of rest of the requirements pertaining to each level will be covered in the Solutions section while solving the levels.
First of all, since this is an Android application, we obviously need an Android emulator or a rooted Android device. Personally, I use a rooted Lenovo low-end device for all the testing purposes (which is not my primary device). You can choose what you would like. There are many options like the default Android emulator which ships with the Android SDK or any of those emulators like Genymotion. Once you've fixed this part, you can move on and set it up. For this, I've already written a script, which automatically installs the necessary tools on a Linux machine and as well sets up the device/emulator. But you can always go ahead and do this manually in case you'd like to learn.
ADB (Android Debug Bridge) is a command-line tool that comes packed with the Android SDK. Just like the name suggests, it's a bridge between your computer and your Android device. This utility is used for multiple purposes including installation of apps into the device, retrieving or copying a file to/from the device etc. As far as Android security and development is concerned, ADB is a must in the arsenal. In case you're womdering an easy way to install ADB in Linux, here it is:
`` sudo apt-get install android-tools-adb``