This repository contains the mobile Proof of Concept (POC) tester for CTF challenges. The POC tester is a web application that allows users to test their POCs against a vulnerable Android application. It supports multiple challenges within a single Android emulator.
To install the POC tester, follow these steps:
-
Clone the repository:
git clone https://github.com/TCP1P/Mobile-POC-Tester.git
-
Navigate to the
Mobile-POC-Testerdirectory:cd Mobile-POC-Tester -
Run Docker Compose:
bash ./run.sh
-
Open your browser and go to port 5000:
note: for example challenge configuration, you can refer to this branch https://github.com/TCP1P/Mobile-POC-Tester/tree/example-challenge/web/src/challenges
To use the POC tester, you can modify the folders inside the challenges directory. Each folder within the challenges directory represents a challenge that shares the emulator. Be careful when adding a challenge to ensure it does not conflict with or influence other challenge POCs. You can configure your application and Android behavior in client.py, and don't forget to place your APK file inside the folder. The POC tester will automatically install the APK when you start Docker. Here is the folder structure for a challenge:
.
├── challenges
│ └── <your challenge folder>
│ ├── *.apk
│ └── client.py