Mobile pentesting
iOS
Yes, you will need a jailbroken device. At the moment of writing (2024) any A11 chip iphone works with any iOS version. I personally have an Iphone 8 and use Checkra1n to jailbreak.
Android
Testing can be done using a physical device or an emulator. In my experience, an emulator for android is completely fine. The only problem I run into is the fact that Android Studio is just extremely slow...
Setup an emulator which can be rooted
To enable root access: Pick an emulator system image that is NOT labelled "Google Play". (The label text and other UI details vary by Android Studio version.)
Test it: Launch the emulator, then run adb root. It should say
restarting adbd as root
or
adbd is already running as root
not
adbd cannot run as root in production builds
Alternate test: Run adb shell, and if the prompt ends with $, run su. It should show a # prompt.
Steps: To install and use an emulator image that can run as root:
- In Android Studio, use the menu command Tools > AVD Manager.
- Click the + Create Virtual Device... button.
- Select the virtual Hardware, and click Next.
- Select a System Image.
- Pick any image that does NOT say "(Google Play)" in the Target column.
- If you depend on Google APIs (Google Sign In, Google Fit, etc.), pick an image marked with "(Google APIs)".
- You might have to switch from the "Recommended" group to the "x86 Images" or "Other Images" group to find one.
- Click the Download button if needed.
- Finish creating your new AVD.
- Tip: Start the AVD Name with the API level number so the list of Virtual Devices will sort by API level.
- Launch your new AVD. (You can click the green "play" triangle in the AVD window.
Running emulator via command line
List existing avds
emulator -list-avds
Run an emulator
emulator -avd avd_name [ {-option [value]} … ]