## Anchored - HTB Intro to Android Exploitation this my two days for learn android, after push from intern :u, learn android for repentest app on my company this my practice on hacktoday Anchored. the first one this app detected rooted android, me must bypass the android rooted with this script https://gist.github.com/pich4ya/0b2a8592d3c8d5df9c34b8d185d2ea35. before that must setup more app and tools for have intercept log. 1. frida 2. burp cert 3. set http intercept 4. adb after finish all setup u can push your frida server to /temp your phone with command ``` adb push <file> location ``` and dont forget you must go your android shell with ``` adb shell ``` and go to your location frida server, and run the frida maybe you can read this documentation for help your set up android pentest https://book.hacktricks.xyz/mobile-pentesting/android-app-pentesting/frida-tutorial after that u can install your app on devices with adb too, in this case i have more detected devices on adb  so therefore i must use -s for source my device ``` adb -s 127.0.0.1:5555 install Anchored-aligned-debugSigned.apk ``` after that when open this app my emulator has detected root device. so i must bypass the rooted with this script https://gist.github.com/pich4ya/0b2a8592d3c8d5df9c34b8d185d2ea35 and i concat this command to for ssl bypass on frida for listen the intercept on my burpsuite. before that we can check for know the name of identifier  so lets command for bypass root and ssl ``` frida --codeshare sowdust/universal-android-ssl-pinning-bypass-2 -l root_bypass.js -U -f com.example.anchored ``` lets go, the app can open  and just type your email and you will have intercept send on your burp for get a creds.