Recent apps in the market are designed to make their own decisions during runtime. In this section, let's try and see what can be done to our target app during runtime. For this attack demonstration, we will be using an app developed by Open Security Research:
Download the
runtime.apk
file and install it to Genymotion.The functionality of the app is that if you enter the correct PIN, it responds with the message Correct PIN entered; if the value does not match, it throws an error message Incorrect PIN please try again later, as shown in this screenshot:
This technique can be bypassed during runtime. We will now use the Java debugger to achieve this.
The following screenshot displays a list of the processes that are available on the device:
In order to make sure that the JVM is available for debugging, run
adb forward tcp:8000 jdwp:1709
; this is the port-forwarding concept used in drozer. This means that the process running on port 1709 will now communicate on...