Activity 1 - Mobile Forensics
Generate Keystore and APK File
Estimated Time : 30 Minutes
Scenario
Jack and Jill are friends who trust each other. Jack is using an app in her cellphone which asks for a username and password. Jill wants to surprise Jack with her hacking skills. So, she wants to modify this app in a way that puts the input username and password in the log and send them to a prepared server.
Objective
In this Activity 1, a signed APK file is generated along with key store file (jks).
Prerequisites
- ↠ A computer with Android Studio installed.
- ↠ An Android emulator or device to test the app on.
- ↠ Python installed on the computer.
- ↠ JDK installed on the computer.
Artifacts
Click below link to download APK file and jks file.
app-release.apk
p9cert.jks
Instructions
- Step 1: Through steps 2 to 10, we will generate a new APK file and a new jks key store file in Android Studio. (Note: In case, if you are unable to generate files through below steps, you can directly download the end result files from Artifacts Section.)
- Step 2: This learning project requires a computer installed with Android Studio. (Useful YouTube video link for Android Studio and creating a HelloWorld project.)
- Step 3: You need to install python on your computer for running the server in Activity 4. (Useful YouTube video link for Python setup on computer)
- Step 4: You need to have jdk18 installed on your computer for running java-based commands in next Activities. (Useful YouTube video link for JDK setup on computer)
- Step 5: We shall start by creating an APK file and key store file using Android Studio software. (Note: We have taken Android Studio 3+ version for this tutorial)
- Step 6: Open Android Studio -> Click 'Build' -> Generate Signed APK
- Step 7: On the Generate APK page click "Create New" button for creating a key store first. We need to create key store beforehand for signing the APK file.
- Step 8: On the "New Key Store" page, we need to fill details. key store path:
- Step 9: After filling details and clicking OK on "New Key Store", you will be redirected to "Generate Signed APK" again. But this time you will see fields auto filled.
- Step 10: Click Next -> Build Type "Release" -> Finish -> Signed APK generated Successfully
- Step 11: After executing above steps we will get a new APK file and a key store file "p9cert.jks" through Android Studio. Name APK file as "app-release.apk"
- Step 12: As mentioned in Step 1, if you are unable to generate files with above steps, you can download the end result Signed APK file and jks file directly from "Activity 1: Artifacts" section with name app-release.apk and p9cert.jks
- Step 13: Please note that Step 8 is for generating New Key store file. You can set custom path and filename according to your choice in field 'Key store path:'. The path and filename shown in screenshot 'C:\Users\abc\Desktop\p9cert.jks' are only for reference. But if you are curious to see contents of key store file (p9cert.jks) provided in this activity, kindly use password as 'education' (all small letters and no special characters).
https://www.youtube.com/watch?v=0zx_eFyHRU0
https://www.youtube.com/watch?v=Kn1HF3oD19c
https://www.youtube.com/watch?v=cRgLuNWCq6c
password:
Alias:
First and Last Name:
For remaining fields, you can refer below screenshot
Self-Assessment
Please complete the following self-assessment over Activity 1.
Start Assessment