git clone https://github.com/linkedin/qark
cd qark
pip install -r requirements.txt
pip install .
qark --help
You see a Qark help message,
as shown below.
adb connect 172.16.123.154
adb devices -l
You should see your Genymotion device in the
"List of devices attached",
as shown below.
To see the complete package name, on Kali, execute this command:
adb shell pm list packages | grep genie
The reply shiows the package name,
as shown below. Use that package
name in the next command to
get the APK path:
adb shell pm path com.geniemd.geniemd.harvard
The reply shiows the full path to the
APK. Use that path
in the next command to
pull the APK file:
adb pull /data/app/com.geniemd.geniemd.harvard-A0xnv6wdqwqLoAAgXh3GqA==/base.apk
The file downloads into Kali,
as shown below.
qark --apk base.apk
Qark takes about 10 minutes to unpack all the
code and scan it, ending with the path
to a report file,
as shown below.
After the report is generated, move it to a more convenient location and name with this command:
mv /usr/local/lib/python2.7/dist-packages/qark/report/report.html genie.html
Navigate to the genie.htm file, as shown below, and double-click it.
The report opens in Firefox, as shown below.
Type Ctrl+F and search for cert to find the SSL certificate validation error, as shown below.
Save a full-desktop image. On a Mac, press Shift+Commmand+3. On a PC, press Shift+PrntScrn and paste into Paint.
YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!
Save the image with the filename "YOUR NAME Proj 11", replacing "YOUR NAME" with your real name.