Android Security Cookbook: Practical recipes to delve into Android's security mechanisms by troubleshooting common vulnerabilities in applications and Android OS versions

You'll need to head over to https://developer.android.com and navigate to the ADT Download page or just visit https://developer.android.com/sdk/index.html#download. You should see a page like the one in the following screenshot:

Once you're there, click on Download the SDK and the following screen should appear:

Of course, you will need to accept the license agreement before downloading and select the appropriate CPU type, or register size if you're not sure how to check your CPU type.

On Windows, you need to complete the following steps:

To check your system type on Ubuntu, Debian, or Unix-based distributions, perform the following steps:

When you're happy with the license agreement and you've selected the correct system type, click on Download in the ADT Download page. Once the ZIP file has been downloaded, it should look like the following screenshot on Windows:

Grab a copy of the JDK from Oracle's Downloads page, http://www.oracle.com/technetwork/java/javase/downloads/index.html. Click on DOWNLOAD. The following screenshot shows the Downloads page:

Make sure to select the appropriate version for your system type; see the previous walkthrough to find out how to check your system type. The following screenshot highlights the Windows system types supported by the Oracle Java JDK:

After downloading the JDK, run the jdk-[version]-[platform version].exe file. For instance, you could have an EXE file named something like jdk-7u21-windows-i586.exe. All you need to do now is follow the prompts until the installation of all the setups is completed. The following screenshot is what the install wizard should look like once it's launched:

Open a terminal, either by searching for the terminal application via your Unity, KDE, or Gnome desktop or by pressing Ctrl + Alt + T.

You may need to update your package list before installation, unless you've already done that a couple of minutes ago. You can do this by executing either of the following commands:

sudo aptitude update //If you have aptitude installed 

Or:

sudo apt-get update

You should see your terminal print out all the downloads it's performing from your repositories as shown in the following screenshot:

Once that's done, execute the following command:

sudo apt-get install openjdk-[version]-jdk apt-get 

You will need to enter your password if you have been added to your sudoers file correctly. Alternatively, you could borrow root privileges to do this by executing the following command, assuming that you have the root user's password:

su root

This is displayed in the following screenshot:

Navigate to the SDK manager. If you're doing this all from Windows, you should find it in the root of the ADT-bundle folder called SDK Manager.exe. Ubuntu users will find it at [path to ADT-bundle]/sdk/tools/android.

All you need to do is launch the SDK manager. It should start up and begin retrieving a fresh list of the available API and documentation packages.

You will need to make sure that you select the Tools package; of course, you could also select any other additional packages. A good idea would be to download the last two versions. Android is very backward compatible so you don't really need to worry too much about the older APIs and documentation, unless you're using it to support really old Android devices.

You will need to indicate that you accept the license agreement. You can either do this for every single object being installed or you can click on Accept All.

Once you've accepted the licenses, you can collect your documentation and APIs by clicking on Install as shown in the following screenshot:

Download Eclipse—Helios or a later version—from http://www.eclipse.org/downloads/. Please make sure to select the appropriate version for your operating system. You should see a page that looks like the following screenshot:

Download the ADT bundle for your platform version from the Android website, http://developer.android.com/sdk/installing/installing-adt.html. The following screenshot displays a part of the page on this website:

Make sure you have the Java JDK installed.

If your JDK installation is good to go, run the Eclipse installer you downloaded in step 1.

Once Eclipse is installed and ready to go, plugin your ADT.

Open Eclipse and click on the Help button in the menu bar.

Click on Install New Software....

The Available Software dialog box will pop up. You need to click on Add….

The Add Repository dialog box will show up. You need to click on the Archive... button.

A file browser should pop up. At this point, you will need to navigate to the ADT ZIP file that you downloaded in the previous steps.

After finding the ADT file, click on Open.

Then click on OK.

You will be shown the available packages in the .zip archive. Click on Select All and then on Next.

You will now need to accept the license agreement; of course, you reserve the right not to. It's always a good idea to give it a read. If you're happy, select the I accept the terms of the license agreements option and then click on Finish.

The software installation will now begin. You may get a warning stating that the content is unsigned and the authenticity cannot be verified. Click on OK.

Restart Eclipse.

Downloading the NDK is pretty straightforward. Go to http://developer.android.com/tools/sdk/ndk/index.html to grab the latest copy and make sure to select the appropriate version for your system type.

Unzip the NDK to a convenient location.

Click on the AVD manager icon on your toolbar.

The AVD will pop up. You can either select a preconfigured featured device or you can set up a device according to your own criteria. For this recipe, let's stick to configuring our own devices.

Click on New….

The Create new Android Virtual Device (AVD) dialog box should pop up. You will need to fill in some metrics for the new virtual devices and give it a name. You can enter whatever you feel here as this recipe is just to get you to emulate your first device.

Once you're done, click on OK. The new device should show up in the AVD dialog box.

Click on the device you just created and click on Start….

You can find a list of the system images available to you by using the following command:

[path-to-sdk-install]/tools/android list targets

Or use the following command from the Windows terminal:

C:\[path-to-sdk-install]\tools\android list targets

As an example, enter the following into the command prompt:

C:\Users\kmakan\Documents\adt-bundle-windows-x86-20130219\sdk\tools\android list targets

This command will list the system images available on your system. If you'd like more, you'll need to install them via the SDK manager. The pieces of information that you're looking for in this list are the target IDs because you'll need them to identify the system image, which you will need to specify in the next step.

Create the AVD using the following command:

[path-to-sdk-install]/tools/android create avd –n [name of your new AVD] –t [system image target id]

You will need to decide on a name for the AVD you've just created, which you will specify using the –n switch. The system image ID you selected from the previous step must be specified using the –t switch. If everything goes well, you should have just created a brand new virtual machine.

You can launch your brand new AVD using the following command:

[path-to-sdk-install]/tools/emulator –avd [avd name]

Here, [avd name] is the AVD name you decided on in the previous step. If all goes well, your new AVD should start right up.

You'll need to start an AVD first or, if you like, simply plug in your own Android device via a USB to whatever machine you'd like to use—given that this machine has the SDK installed. You can start the AVD using the following command:

emulator –avd [name]

We can list all the connected Android Devices by using the following command for a Windows machine:

C;\\[path-to-sdk-install]\platform-tools\adb devices

Or, if you're using a Linux machine, use the following command:

[path-to-sdk-install]/platform-tools/adb devices

This command should give you a list of the connected devices, which is basically all the devices that you will be able to connect to using ADB. You need to pay attention to the device names in the list. You will need to identify the devices when you launch a connection to them using ADB.

You can launch a shell connection to your Android device using the following command:

/sdk/platform-tools/abd shell –s [specific device]

Or, if you happen to know that the Android device you want to connect to is the only emulated device, you can use the following command:

/sdk/platform-tools/adb shell –e

Or, if the device is the only USB-connected device, you can use the following command:

/sdk/platform-tools/adb shell –d

The switches –d, -e, and -p apply to the other ADB commands and not just the shell. If this works well, you should see a prompt string—the string displayed to identify the command shell being used—similar to the following command:

root@android$

It's actually pretty simple to do this. You'll need to fire off the following command from your command-line interface:

adb {options} pull [path to copy from] [local path to copy to]

To copy files onto an AVD, you can use the following command:

adb {options} push [local path to copy from] [path to copy to on avd]

You will need to actually know where the APK is on your local machine, and when you find it, you can substitute it with path as shown in the following command:

adb {options} install [path to apk]

You can also use the device-specific commands to narrow down the device you want to install it onto. You can use the following command:

adb {-e | -d | -p } install [path to apk]