In this webinar we demonstrated Automating Android Apps being emulated in Nox & using Fiddler to see the API traffic.
Video Hour 1: High-level overview
Video Hour 2: Q&A
The script we highlighted was AHKGenerator – from mshafer1. You can find the source code here and the forum post here.
In the webinar we demonstrated the three programs needed:
Configuring Fiddler & Nox / Mobile Devices
- 0603 Configuring Fiddler to Decrypt Encrypted connections- 443 connections
- Loading Fiddler Certificate on a Android device ipv4.fiddler:8888
- Start Fiddler-
- Go to tools, options, connections- select “allow remote computers to connect”
- On Fiddler- Hover over “Online” icon in top right area and note IP address where Fiddler is running.
- On phone-
- Go to wifi settings and long-hold your wifi connection. Then click Modify network. Show advanced options. Add IP address where fiddler is running & port of 8888
- On phone, navigate to http://ipv4.fiddler:8888 Download certificate to your phone
- Go to Settings- Security, Trusted Credentials & install from SD card. Find downloaded certificate from above
- 0608 SSL Behavior on a Compromised Device
- How to Capture Mobile Device Network Traffic
Automating Android Apps /Interacting with the Emulator and Fiddler
- Use Fiddler to examine API traffic from App call (Hopefully payload is decrypted)
- Detect presence of images
- Perform OCR on image
- Finding text / images & Click them
NOX examples
run “D:\Program Files\Nox\bin\Nox.exe” “-package:com.car2go”
run “D:\Program Files\Nox\bin\Nox.exe” “-quit“