Home > Android, Mobile Security > Setting up proxy for apps in android emulator

Setting up proxy for apps in android emulator

August 16th, 2011 Leave a comment Go to comments

Proxy for Android apps not working even after u tried all proxy settings in emulator? Is your android proxy setting only working for browser not for apps in emulator?

In some of the previous posts(http://hakers.info/site/2011/08/setting-up-proxy-for-android-emulator/) we saw how to setup a proxy for android emulator using settings available in emulator itself. The problem with that approach is that it works only for the browser, it does not work with the apps installed inside the emulator. As I couldn’t find any solution for this problem in android emulator I thought of finding a work around to perform this task. One workaround I found is that we should use the base machine itself to capture the packets which emulator (the apps in emulator) is sending.

We can use many network analyzer tools like wireshark etc to capture and analyze the packets but using these tools you can only capture the packets, there is no option to tamper the packets at runtime. If there is a requirement in which you just have to capture the packets and analyze them wireshark will suffice the needs. But if you want to tamper the request and response(which we normally do using Paros/fiddler in web applications) you need to have a tool which can capture network packets and has a capability to intercept and tamper them.

One of these tools I can suggest is Echo Mirage by BindShell which has nearly all of the features we need. It uses DLL injection and function hooking techniques to redirect network related function calls so that data transmitted and received by local applications can be observed and modified. Using these techniques this tools gives you an advantage that it will attach itself to a particular ‘exe’, due to this packets of only a particular exe are captured(in case of wireshark we have to use filter as it captures each and every packet with goes out of the machine).

To setup a proxy using Echo Mirage use the steps given below:

1.)    Download latest version of Echo Mirage.

Latest version of Echo Mirage can be downloaded from:

http://www.bindshell.net/tools/Echo Mirage.html

2.)    Open Echo Mirage and emulator.

3.)    After both the applications are running, using Echo Mirage we need to inject into emulator.exe. To do so click on second tab on Echo Mirage (inject into process). Enter the process name emulator.exe or click on select process to select emulator.exe and click on start.

 

 

 

 

 

 

4.)    If everything works fine you will get a window like this.

 

 

 

5.) Echo Mirage is now ready to trap and intercept all your requests which are sent through emulator.exe.  The screenshot of interceptor below was taken when I tried to open maps application in emulator after setting up Echo Mirage.

 

You can watch this video to see how to use paros and echomirage to setup the proxy for android emulator or devices.

Hope this article was helpful to you and will further help you in penetration testing of android apps.

 

Please comment if you have some questions or you want some more clarifications.

  1. September 16th, 2011 at 08:17 | #1

    You have really interesting blog, keep up posting such informative posts!

  2. October 13th, 2011 at 20:50 | #2

    Thank you for this information! I used it for my diploma thesis =)

  3. October 15th, 2011 at 12:16 | #3

    Thank you very much for this article! This information was very usefull for me=)

  1. October 12th, 2011 at 04:57 | #1

Switch to our mobile site