Friday, November 18, 2022
HomeHackerSoftware To Automate The Boring Course of Of APK Recon

Software To Automate The Boring Course of Of APK Recon




A instrument to automate the recon course of on an APK file.

Slicer accepts a path to an extracted APK file after which returns all of the actions, receivers, and providers that are exported and have null permissions and may be externally provoked.

Be aware: The APK needs to be extracted through jadx or apktool.

Why?

I began bug bounty like 3 weeks in the past(in June 2020) and I’ve been making an attempt my greatest on android apps. However I seen one factor that in all of the apps there have been sure issues which I’ve to do earlier than diving in deep. So I simply thought it could be good to automate that course of with a easy instrument.

Why not drozer?

Properly, drozer is a distinct beast. Although it does finds out all of the accessible elements however I used to be bored with operating these instructions repeatedly.

Why not automate utilizing drozer?

I truly wrote a bash script for operating sure drozer instructions so I will not must run them manually however there was nonetheless some boring stuff that needed to be executed. Like Checking the strings.xml for numerous API keys, testing if firebase DB was publically accessible or if these google API keys have setup any cap or something on their utilization and lot of different stuff.

Why not search all of the information?

I feel {that a} instrument like grep or ripgrep could be a lot quicker to go looking via all of the information. So if there’s something particular that you simply need to search it could be higher to make use of these instruments. However if you happen to assume that there’s something which must be checked in all of the android information then be happy to open a problem.

git clone https://github.com/mzfr/slicer
  • cd slicer
  • Now you’ll be able to run it: python3 slicer.py -h

It is quite simple to make use of. Following choices can be found:

Extract info from Manifest and strings of an APK

Utilization:
slicer [OPTION] [Extracted APK directory]

Choices:

-d, --dir path to jadx output listing
-o, --output Title of the output file(not applied)

I’ve not applied the output flag but as a result of I feel if you happen to can redirect slicer output to a yaml file it would a correct format.

  • Extract info from the APK and show it on the display screen.
python3 slicer.py -d path/to/extact/apk -c config.json

The extractor module used to extract URLs and paths is taken from apkurlgrep by @ndelphit

All of the options applied on this are issues that I’ve realized in previous few weeks, so if you happen to assume that there are numerous different issues which must be checked in an APK then please open a problem for that function and I would be completely happy to implement that 🙂

If you would like you should buy me some espresso:



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments