Monday, May 6, 2013

How to Get Root Certification Authorities List from Android Phone Connected by USB in Mac OS X

1. Make sure you have adb installed, and if not install it via homebrew.

$ which adb
$ brew install adb
Note: You can also determine the Android SDK version of the device by typing:
$ adb shell grep system/build.prop
2. Log into the android phone terminal by typing this command in the mac terminal.
$ adb -d shell
shell@android:/ $

3. Navigate to the /system/etc/security/cacerts directory or whatever directory that contains the certificate authority certificates and then you can list the root certification authorities on that phone. 
$ cd system/etc/security/cacerts/ 
$ ls 
shell@android:/system/etc/security/cacerts $ ls
4. Once you've located all of the certificate authorities certificates you can pull then to your local computer by typing this command:
Note: I created a folder called android-certs on my local computer and the "." command says to copy all of the files to the current directory. 
Kurrys-MacBook-Pro:android-certs ktran$ adb pull /system/etc/security/cacerts/ .
pull: building file list...
pull: /system/etc/security/cacerts/ff783690.0 -> ./ff783690.0
pull: /system/etc/security/cacerts/fde84897.0 -> ./fde84897.0
pull: /system/etc/security/cacerts/fb126c6d.0 -> ./fb126c6d.0
pull: /system/etc/security/cacerts/facacbc6.0 -> ./facacbc6.0
pull: /system/etc/security/cacerts/fac084d7.0 -> ./fac084d7.0
pull: /system/etc/security/cacerts/f80cc7f6.0 -> ./f80cc7f6.0
pull: /system/etc/security/cacerts/f61bff45.0 -> ./f61bff45.0
pull: /system/etc/security/cacerts/f58a60fe.0 -> ./f58a60fe.0
pull: /system/etc/security/cacerts/f4996e82.0 -> ./f4996e82.0
pull: /system/etc/security/cacerts/ee7cd6fb.0 -> ./ee7cd6fb.0
pull: /system/etc/security/cacerts/ed524cf5.0 -> ./ed524cf5.0
pull: /system/etc/security/cacerts/ed049835.0 -> ./ed049835.0
140 files pulled. 0 files skipped.
2206 KB/s (693383 bytes in 0.306s)
5. Once you have all of the certificates in the folder you can use the command line tool grep to find all issuers. Run this command:

$ grep "Issuer" *
You should see something like this:
00673b5b.0:        Issuer: C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
03e16f6c.0:        Issuer: OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
08aef7bb.0:        Issuer: C=US, O=Wells Fargo WellsSecure, OU=Wells Fargo Bank NA, CN=WellsSecure Public Root Certificate Authority
0d188d89.0:        Issuer: C=TR, O=Elektronik Bilgi Guvenligi A.S., CN=e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi
10531352.0:        Issuer: C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
111e6273.0:        Issuer: OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
1155c94b.0:        Issuer: C=ES, L=C/ Muntaner 244 Barcelona, CN=Autoridad de Certificacion Firmaprofesional CIF 

1 comment :

Qadit Qadit said...

Great article! Thanks for the information, I think others will find this useful.

IT security companies in Bangalore