Hi everyone!! Welcome to Pentestguy. This article will show the setup of the drozer on Kali Linux. As drozer has a new release, the installation process of drozer is quite different. For this drozer setup I am using WSL of Kali Linux, which is very quick and utilize less resources and genymotion for android device emulator.
Install Drozer
Make sure to install the requirements of drozer, for that use the command given below. After that only drozer will install/work without any errors.
sudo apt install python3 python3-pip python3-protobuf python3-openssl python3-twisted python3-yaml python3-distro git protobuf-compiler libexpat1 libexpat1-dev libpython3-dev python-is-python3 zip default-jdk
Download the drozer whl file from github using wget, or you can download the whl file directly from the release – https://github.com/WithSecureLabs/drozer/releases/
wget https://github.com/WithSecureLabs/drozer/releases/download/3.0.1/drozer-3.0.1-py3-none-any.whl
Use pip to install the drozer using the below command.
pip install drozer-3.0.1-py3-none-any.whl
To check whether the drozer is installed properly or not, try the simple drozer command.
drozer
Great! Please keep in mind I am using genymotion emulator, if you don’t know how to set up genymotion follow the video link given below.
Install drozer agent
Now download drozer-agent.apk and install it on an android device.
Open the installed drozer agent on an android device and turn on the server.
Now, it’s time to connect the drozer console for that follow the steps given below. There are two different ways one is via network and another one via USB.
Connect to the phone via Network
Drozer agent listens all the incoming on port 31415, so run the following command to connect to the android device.
drozer console connect --server IP-ADDRESS-OF-ANDROID_DEVICE
Connect to the phone via USB
Install adb using the below command
sudo apt install adb
Connect the android device via adb
adb connect IP-ADDRESS-OF-ANDROID_DEVICE
Set up a port forward as so that your PC can connect to a TCP socket opened by the Agent inside the emulator, or on the device. By default, the drozer uses port 31415
adb forward tcp:31415 tcp:31415
Use the below drozer command to connect.
drozer console connect
Check the drozer module list by using the list command via the drozer console.
list
Use with Docker Container
Another way to run and use drozer is via docker. Make sure to install docker on your operating system and pull the image using drozer image using below command.
docker pull withsecurelabs/drozer
To connect with android device with drozer via docker container use the below command. Make sure to provide the correct device IP address and drozer agent should be on.
docker run --net host -it withsecurelabs/drozer console connect --server 192.168.1.4
That’s all!! follow the article on the drozer guide and use drozer in android application penetration testing – https://pentestguy.com/drozer-the-ultimate-tool-for-android-app-pentesting/
Please share this post with your co-workers and friends if you found it helpful. Please provide your valuable comments and let us know if there are any suggestions. Now you can also collaborate with us please check our collaboration page, thank you!
