Posts Tagged ‘Android’

Mobile Automation Testing is a must for every project nowadays. I am not going to talk about advantages and disadvantages of Automation Testing here. I want to discuss about few basic but important things that can help write effective Automation Code for any platform.

When we start our Automation Project, we all involve ourselves into various strategies and techniques to test a functionality End to End. We implement Test Execution steps, Data Driven Framework (mostly), Reports, Loggers and what not. To navigate through various screen having data or images, we write predefined wait conditions or we implement complete codes to wait by ourselves. Even though we face few issues like timeout/specified element/screen not found error and etc while waiting for an activity (in android) / screen / UI elements. So, we happen to run and test our code multiple times to ensure that our code works fine and it’s the device or app which is having problem. Finally we let it go and publish our code.

But we always forget or ignore basic OS function/Apps in Device. Here are few tips which will can fix these issues.

  1. Disable Animation in your Device: In Android, Go to Settings > Developers options and set “Window animation scale”, “Transition animation scale”, “Animator duration scale” to “Off”. In iOS, Go to Settings > General > Accessibility and turn off “Reduce Motion”
  2. Force Stop / Uninstall any app which uses internet
  3. Turn off Automatic Sync for your mails / Dropbox or any other apps/widgets
  4. Close all background apps
  5. Clear your RAM and have adequate memory available
  6. Select a good Wifi Connection or use Mobile Network. 4G or 3G is preferable than 2G
  7. Use an Automation Tool which gives maximum accuracy level. E.g. Robotium for Android (You should also checkout Google’s “Espresso – Android Test Kit”)

Hope this will help you next time when you perform Automation Testing. Please do comment on the post and share your thoughts.


Many of you may be wondering and searching for Security Testing/Hacking Tutorials of Android Apps. Android is a very popular OS now a days, so every customer wants to have their Android App. It has become inevitable for a Software Tester to learn and find security flaws.

So, here is the simplest attack to steal User Credentials and App Settings.

I will use goatdroid app to demonstrate the attack. Download Link:


1. Install Android SDK. Download Link:

2. Set Platform Tools in Path Environmental Variables. E.g. C:\Program Files (x86)\Android\android-sdk\platform-tools

3. Create Android AVD and start emulator. Tutorial Link: OR connect device in your computer. Make sure USB Debugging is turned on in Developer Options of Settings

GoatDroid Installation Steps:

1. Unzip GoatDroid and launch goatdroid-0.9.jar. GoatDroid Tutorial Link:

2. Select FourGoats under Apps and Click on Start Web Service from the right pane

3. Go to “OWASP-GoatDroid-0.9\OWASP-GoatDroid-0.9\goatdroid_apps\FourGoats\android_app” folder

4. Press Shift and Right click on empty space

5. Click on Open command window here. Command Prompt will be opened

6. Type “adb install OWASP GoatDroid- FourGoats Android App.apk”. App will get installed

7. Launch FourGoats app

8. Click on Android Menu button

9. Click on Destination Info

10. Enter your computer’s IP in “Host (Or IP)

11. Enter HTTPS Port as 9888. No need to enter anything in Proxy Host and Proxy Port

12. Click on Save

13. Register an account in FourGoats

14. Launch monitor.bat from “Android\android-sdk\tools” folder. Android Debug Monitor will be opened

15. Observe the app in the left pane and the file structure of android in right, especially /data/data/folder. All installation files, settings and DBs are stored under /data/data folder. You will not be permitted to view inside /data folder if your phone is not rooted. If your using rooted phone or emulator, you can view the files and folders under /data folder











16. Observe FourGoats app in /data/data/folder











Follow the below mentioned steps if you are using rooted phone or emulator

1. Type adb pull /data/data/org.owasp.goatdroid.fourgoats C:/goatdroid. All the folders and files inside the app (org.owasp.goatdroid.fourgoats) will be copied in “goatdroid” folder under C drive













2. Open the goatdroid folder and check the files inside it. You will observe userinfo.db inside databases folder. SQL,Oracle and MySQL RDMS usually have DBs with .sql extension. But .db is SQLite extension







3. Download SQLite Browser: Download Link:

4. Open userinfo.db in SQLite Browser. You will observe user information in it











5. Go to shared_prefs folder and open credentials.xml file. You will observe user credentials with which you registered FourGoats in Device are displayed here










Follow the below mentioned steps if you are not using a rooted device. You have to go inside Android Shell to get the files. Open command prompt and type the commands.

1. To go inside Android Shell: adb shell

2. To fool the system and login as the app developer: run-as org.owasp.goatdroid.fourgoats . “org.owasp.goatdroid.fourgoats” is the package name of the app. To find it, check Android Debug Monitor. Once you type this, you will be under “/data/data/org.owasp.goatdroid.fourgoats” folder

3. To list the files under org.owasp.goatdroid.fourgoats: ls

4. To navigate to databases folder: cd databases

5. To copy userinfo.db from “/data/data/org.owasp.goatdroid.fourgoats/databases” folder to sdcard, which is accessible to the user: cat userinfo.db>/sdcard/userinfo.db

6. To navigate to sdcard: cd /sdcard

7. To check if the userinfo.db is copied properly: ls

8. Navigate to root folder: cd /

9. Execute exit command twice:


10. To copy userinfo.db from sdcard to data folder of C drive: adb pull /sdcard/userinfo.db C:/data

That’s it 🙂

See it’s not too hard, you can now use the same technique in any app, just you need to know the package name of the app as with the same name a folder will be created inside /data/data folder. If you don’t find the package name, trying opening the app in device and then check it in Android Debug Monitor.

Please get back to me if you are stuck in any step 🙂