-
Notifications
You must be signed in to change notification settings - Fork 78
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
229 changed files
with
7,290 additions
and
0 deletions.
There are no files selected for viewing
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,101 @@ | ||
| #!/usr/bin/python | ||
| # | ||
| # License: Refer to the README in the root directory | ||
| # | ||
| import os | ||
| import xml.dom.minidom | ||
| import argparse, shlex, sys, urllib2 | ||
| from xml.dom.minidom import parseString | ||
| from internals.lib.basecmd import BaseCmd | ||
| from internals.lib.menu import Menu | ||
| from internals.lib.server import Server | ||
| from internals.lib.common import version | ||
|
|
||
| class Afe(BaseCmd): | ||
|
|
||
| def __init__(self): | ||
| BaseCmd.__init__(self, None) | ||
| self.prompt = "Afe$ " | ||
| self.connected = 0 | ||
| #self.session = None | ||
| self.intro = """ | ||
| ---- The Android Framework For Exploitation v2.0 ---- | ||
| _______ _______ _______ _______ _______ | ||
| ( ___ )( ____ \( ____ \ |\ /| / ___ ) ( __ ) | ||
| | ( ) || ( \/| ( \/ _ | ) ( | \/ ) | | ( ) | | ||
| | (___) || (__ | (__ (_) | | | | / ) | | / | | ||
| | ___ || __) | __) ( ( ) ) _/ / | (/ /) | | ||
| | ( ) || ( | ( _ \ \_/ / / _/ | / | | | ||
| | ) ( || ) | (____/\(_) \ / ( (__/\ _ | (__) | | ||
| |/ \||/ (_______/ \_/ \_______/(_)(_______) | ||
| Copyright Reserved : XYS3C (Visit us at http://xysec.com) | ||
| ---------------------------------------------------------- | ||
| 'help <command>' or '? <command>' gives help on <command> | ||
| """ | ||
|
|
||
| #def do_exit(self, _args): | ||
| # """ | ||
| #Exits from AFE | ||
| # """ | ||
| # return -1 | ||
|
|
||
| def do_version(self, _args): | ||
| """ | ||
| Version and author information | ||
| """ | ||
| print "\nAFE V", version, "\n" | ||
| print "XYSEC @ http://xysec.com\n" | ||
|
|
||
| def do_connect(self, args): | ||
| """ | ||
| Connects to a remote TCP Server | ||
| usage: connect [--port <port>] ip | ||
| Use adb forward tcp:12346 tcp:12346 when using an emulator or usb-connected device | ||
| """ | ||
| try: | ||
| parser = argparse.ArgumentParser(prog="connect", add_help = False) | ||
| parser.add_argument('ip') | ||
| parser.add_argument('--port', '-p', metavar = '<port>') | ||
| splitargs = parser.parse_args(shlex.split(args)) | ||
| if not splitargs: | ||
| return | ||
| ip = splitargs.ip | ||
| if (splitargs.port): | ||
| port = int(splitargs.port) | ||
| else: | ||
| port = 12346 | ||
| self.session = Server(ip, port, "bind") | ||
| self.session.sendData("ping\n") | ||
| resp = self.session.receiveData() | ||
| if (resp == "pong"): | ||
| print "**Connected !" | ||
| self.prompt = "*Afe$ " | ||
| self.connected = 1 | ||
| else: | ||
| print "**Not Connected !** There is some Problem, Try Again !" | ||
| except: | ||
| pass | ||
|
|
||
| def do_menu(self, args): | ||
| """ | ||
| Menu Screen, to cook with different recepies available ! | ||
| """ | ||
| subconsole = Menu(self.connected, self.session) | ||
| subconsole.cmdloop() | ||
|
|
||
|
|
||
| def do_update(self, args): | ||
| """ | ||
| Check if there is an updated release available from http://afe-framework.com | ||
| """ | ||
|
|
||
|
|
||
| if __name__ == '__main__': | ||
|
|
||
| os.system('clear') | ||
| try: | ||
| console = Afe() | ||
| console.cmdloop() | ||
| except: | ||
| pass |
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| Summary | ||
| === | ||
| apkjet is a python wrap of the apktool to make it easier to do apk reverse engineering in a automated way. | ||
|
|
||
| usage | ||
| === | ||
| $ apkjet.py -h | ||
| Usage: apkjet.py [options] args | ||
|
|
||
| Options: | ||
| -h, --help show this help message and exit | ||
| -d decode, --decompress=decode | ||
| decompress apk file | ||
| -b build, --build=build | ||
| build apk file | ||
| -s sign, --sign=sign sign apk file | ||
| -r bsign, --bulid_sign=bsign | ||
| build and sign apk file | ||
|
|
||
|
|
||
|
|
||
| Examples: | ||
| === | ||
| python apkjet.py -d mitbbs.apk # decompress apk file | ||
| python apkjet.py -b mitbbs.apk # build apk file | ||
| python apkjet.py -s mitbbs.apk # sign apk file | ||
|
|
||
|
|
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,101 @@ | ||
| #!/bin/env python | ||
|
|
||
| import sys, os | ||
| from optparse import OptionParser | ||
|
|
||
| #ApkToolPath = os.path.dirname(os.path.abspath(__file__)) | ||
| ApkToolPath = 'c:\\\\android\\\\apkjet' | ||
|
|
||
|
|
||
| def sign_apk(fn, fn_new): | ||
| if not fn_new: | ||
| file_path, ext = os.path.splitext(fn) | ||
| fn_new = r'%s_signed%s' %(file_path, ext) | ||
| cmd = '''java -Xmx80m -jar %s/signapk.jar -w %s/testkey.x509.pem %s/testkey.pk8 %s %s''' % ( | ||
| ApkToolPath, ApkToolPath, ApkToolPath, fn, fn_new) | ||
| print cmd | ||
| os.system(cmd) | ||
| print 'done!!! ... %s' % fn_new | ||
|
|
||
| def dec_apk(fn, path_new): | ||
| if not path_new: | ||
| file_path, ext = os.path.splitext(fn) | ||
| path_new = file_path.split('/')[-1] | ||
| cmd = '''java -Xmx80m -jar %s/apktool.jar d %s %s''' %(ApkToolPath, fn, path_new ) | ||
| print cmd | ||
| os.system(cmd) | ||
| print 'done!!! ... dir %s' %(path_new) | ||
|
|
||
| def bld_apk(file_path, fn_new): | ||
| if not fn_new: | ||
| fn_new = file_path.split('/')[-1] + '.apk' | ||
| cmd = '''java -Xmx80m -jar %s/apktool.jar b %s %s''' % (ApkToolPath, file_path, fn_new) | ||
| os.system(cmd) | ||
| print 'done!!! ... new apk file %s' %(fn_new) | ||
|
|
||
| def bsign_apk(file_path, fn_sign): | ||
| if not fn_sign: | ||
| path_new = file_path.split('/')[-1] | ||
| fn_nosign = path_new + '.apk' | ||
| fn_sign = path_new + '_sign.apk' | ||
| else: | ||
| file_path, ext = os.path.splitext(fn) | ||
| fn_nosign = file_path + '_nosign.apk' | ||
| bld_apk(file_path, fn_nosign) | ||
| print 'done!!! ... new apk before sign file %s' %(fn_nosign) | ||
| sign_apk(fn_nosign, fn_sign) | ||
| print 'done!!! ... new apk signed file %s' %(fn_sign) | ||
|
|
||
|
|
||
| def main(): | ||
| usage = "usage: %prog [options] args" | ||
| parser = OptionParser(usage=usage) | ||
| parser.add_option("-d", "--decompress", dest="dpath", | ||
| help="decompress apk file", metavar="decode") | ||
| parser.add_option("-b", "--build", dest="bpath", | ||
| help="build apk file", metavar="build") | ||
| parser.add_option("-s", "--sign", dest="sign", | ||
| help="sign apk file", metavar="sign") | ||
| parser.add_option("-r", "--bulid_sign", dest="bsign", | ||
| help="build and sign apk file", metavar="bsign") | ||
|
|
||
| (opts, args) = parser.parse_args() | ||
| if opts.dpath: | ||
| if len(args) > 0: | ||
| new_path = args[0] | ||
| else: | ||
| new_path = None | ||
| if os.path.isfile(opts.dpath): | ||
| dec_apk(opts.dpath, new_path) | ||
| else: | ||
| parser.error("original apk file not exist") | ||
| if opts.bpath: | ||
| if len(args) > 0: | ||
| new_apk = args[0] | ||
| else: | ||
| new_apk = None | ||
| if opts.bpath and os.path.isdir(opts.bpath): | ||
| bld_apk(opts.bpath, new_apk) | ||
| else: | ||
| parser.error("building dir not exist") | ||
| if opts.sign: | ||
| if len(args) > 0: | ||
| new_apk = args[0] | ||
| else: | ||
| new_apk = None | ||
| if opts.sign and os.path.isfile(opts.sign): | ||
| sign_apk(opts.sign, new_apk) | ||
| else: | ||
| parser.error("apk file not exist") | ||
| if opts.bsign: | ||
| if len(args) > 0: | ||
| new_apk = args[0] | ||
| else: | ||
| new_apk = None | ||
| if os.path.isdir(opts.bsign): | ||
| bsign_apk(opts.bsign, new_apk) | ||
| else: | ||
| parser.error("building dir not exist") | ||
|
|
||
| if __name__ == '__main__': | ||
| main() |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIEqDCCA5CgAwIBAgIJAJNurL4H8gHfMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD | ||
| VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4g | ||
| VmlldzEQMA4GA1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UE | ||
| AxMHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe | ||
| Fw0wODAyMjkwMTMzNDZaFw0zNTA3MTcwMTMzNDZaMIGUMQswCQYDVQQGEwJVUzET | ||
| MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4G | ||
| A1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9p | ||
| ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCASAwDQYJKoZI | ||
| hvcNAQEBBQADggENADCCAQgCggEBANaTGQTexgskse3HYuDZ2CU+Ps1s6x3i/waM | ||
| qOi8qM1r03hupwqnbOYOuw+ZNVn/2T53qUPn6D1LZLjk/qLT5lbx4meoG7+yMLV4 | ||
| wgRDvkxyGLhG9SEVhvA4oU6Jwr44f46+z4/Kw9oe4zDJ6pPQp8PcSvNQIg1QCAcy | ||
| 4ICXF+5qBTNZ5qaU7Cyz8oSgpGbIepTYOzEJOmc3Li9kEsBubULxWBjf/gOBzAzU | ||
| RNps3cO4JFgZSAGzJWQTT7/emMkod0jb9WdqVA2BVMi7yge54kdVMxHEa5r3b97s | ||
| zI5p58ii0I54JiCUP5lyfTwE/nKZHZnfm644oLIXf6MdW2r+6R8CAQOjgfwwgfkw | ||
| HQYDVR0OBBYEFEhZAFY9JyxGrhGGBaR0GawJyowRMIHJBgNVHSMEgcEwgb6AFEhZ | ||
| AFY9JyxGrhGGBaR0GawJyowRoYGapIGXMIGUMQswCQYDVQQGEwJVUzETMBEGA1UE | ||
| CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4GA1UEChMH | ||
| QW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9pZDEiMCAG | ||
| CSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbYIJAJNurL4H8gHfMAwGA1Ud | ||
| EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHqvlozrUMRBBVEY0NqrrwFbinZa | ||
| J6cVosK0TyIUFf/azgMJWr+kLfcHCHJsIGnlw27drgQAvilFLAhLwn62oX6snb4Y | ||
| LCBOsVMR9FXYJLZW2+TcIkCRLXWG/oiVHQGo/rWuWkJgU134NDEFJCJGjDbiLCpe | ||
| +ZTWHdcwauTJ9pUbo8EvHRkU3cYfGmLaLfgn9gP+pWA7LFQNvXwBnDa6sppCccEX | ||
| 31I828XzgXpJ4O+mDL1/dBd+ek8ZPUP0IgdyZm5MTYPhvVqGCHzzTy3sIeJFymwr | ||
| sBbmg2OAUNLEMO6nwmocSdN2ClirfxqCzJOLSDE4QyS9BAH6EhY6UFcOaE0= | ||
| -----END CERTIFICATE----- |
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,77 @@ | ||
| #!/bin/bash | ||
| # | ||
| # Copyright (C) 2007 The Android Open Source Project | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
|
|
||
| # This script is a wrapper for smali.jar, so you can simply call "smali", | ||
| # instead of java -jar smali.jar. It is heavily based on the "dx" script | ||
| # from the Android SDK | ||
|
|
||
| # Set up prog to be the path of this script, including following symlinks, | ||
| # and set up progdir to be the fully-qualified pathname of its directory. | ||
| prog="$0" | ||
| while [ -h "${prog}" ]; do | ||
| newProg=`/bin/ls -ld "${prog}"` | ||
| echo ${newProg} | ||
|
|
||
|
|
||
| newProg=`expr "${newProg}" : ".* -> \(.*\)$"` | ||
| if expr "x${newProg}" : 'x/' >/dev/null; then | ||
| prog="${newProg}" | ||
| else | ||
| progdir=`dirname "${prog}"` | ||
| prog="${progdir}/${newProg}" | ||
| fi | ||
| done | ||
| oldwd=`pwd` | ||
| progdir=`dirname "${prog}"` | ||
| cd "${progdir}" | ||
| progdir=`pwd` | ||
| prog="${progdir}"/`basename "${prog}"` | ||
| cd "${oldwd}" | ||
|
|
||
|
|
||
| jarfile=apktool.jar | ||
| libdir="$progdir" | ||
| if [ ! -r "$libdir/$jarfile" ] | ||
| then | ||
| echo `basename "$prog"`": can't find $jarfile" | ||
| exit 1 | ||
| fi | ||
|
|
||
| javaOpts="" | ||
|
|
||
| # If you want DX to have more memory when executing, uncomment the following | ||
| # line and adjust the value accordingly. Use "java -X" for a list of options | ||
| # you can pass here. | ||
| # | ||
| javaOpts="-Xmx256M" | ||
|
|
||
| # Alternatively, this will extract any parameter "-Jxxx" from the command line | ||
| # and pass them to Java (instead of to dx). This makes it possible for you to | ||
| # add a command-line parameter such as "-JXmx256M" in your ant scripts, for | ||
| # example. | ||
| while expr "x$1" : 'x-J' >/dev/null; do | ||
| opt=`expr "$1" : '-J\(.*\)'` | ||
| javaOpts="${javaOpts} -${opt}" | ||
| shift | ||
| done | ||
|
|
||
| if [ "$OSTYPE" = "cygwin" ] ; then | ||
| jarpath=`cygpath -w "$libdir/$jarfile"` | ||
| else | ||
| jarpath="$libdir/$jarfile" | ||
| fi | ||
|
|
||
| exec java $javaOpts -jar "$jarpath" "$@" |
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIEqDCCA5CgAwIBAgIJAJNurL4H8gHfMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD | ||
| VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4g | ||
| VmlldzEQMA4GA1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UE | ||
| AxMHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe | ||
| Fw0wODAyMjkwMTMzNDZaFw0zNTA3MTcwMTMzNDZaMIGUMQswCQYDVQQGEwJVUzET | ||
| MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4G | ||
| A1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9p | ||
| ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCASAwDQYJKoZI | ||
| hvcNAQEBBQADggENADCCAQgCggEBANaTGQTexgskse3HYuDZ2CU+Ps1s6x3i/waM | ||
| qOi8qM1r03hupwqnbOYOuw+ZNVn/2T53qUPn6D1LZLjk/qLT5lbx4meoG7+yMLV4 | ||
| wgRDvkxyGLhG9SEVhvA4oU6Jwr44f46+z4/Kw9oe4zDJ6pPQp8PcSvNQIg1QCAcy | ||
| 4ICXF+5qBTNZ5qaU7Cyz8oSgpGbIepTYOzEJOmc3Li9kEsBubULxWBjf/gOBzAzU | ||
| RNps3cO4JFgZSAGzJWQTT7/emMkod0jb9WdqVA2BVMi7yge54kdVMxHEa5r3b97s | ||
| zI5p58ii0I54JiCUP5lyfTwE/nKZHZnfm644oLIXf6MdW2r+6R8CAQOjgfwwgfkw | ||
| HQYDVR0OBBYEFEhZAFY9JyxGrhGGBaR0GawJyowRMIHJBgNVHSMEgcEwgb6AFEhZ | ||
| AFY9JyxGrhGGBaR0GawJyowRoYGapIGXMIGUMQswCQYDVQQGEwJVUzETMBEGA1UE | ||
| CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4GA1UEChMH | ||
| QW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9pZDEiMCAG | ||
| CSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbYIJAJNurL4H8gHfMAwGA1Ud | ||
| EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHqvlozrUMRBBVEY0NqrrwFbinZa | ||
| J6cVosK0TyIUFf/azgMJWr+kLfcHCHJsIGnlw27drgQAvilFLAhLwn62oX6snb4Y | ||
| LCBOsVMR9FXYJLZW2+TcIkCRLXWG/oiVHQGo/rWuWkJgU134NDEFJCJGjDbiLCpe | ||
| +ZTWHdcwauTJ9pUbo8EvHRkU3cYfGmLaLfgn9gP+pWA7LFQNvXwBnDa6sppCccEX | ||
| 31I828XzgXpJ4O+mDL1/dBd+ek8ZPUP0IgdyZm5MTYPhvVqGCHzzTy3sIeJFymwr | ||
| sBbmg2OAUNLEMO6nwmocSdN2ClirfxqCzJOLSDE4QyS9BAH6EhY6UFcOaE0= | ||
| -----END CERTIFICATE----- |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| .class public final Lcom/xybot/BuildConfig; | ||
| .super Ljava/lang/Object; | ||
| .source "BuildConfig.java" | ||
|
|
||
|
|
||
| # static fields | ||
| .field public static final DEBUG:Z | ||
|
|
||
|
|
||
| # direct methods | ||
| .method public constructor <init>()V | ||
| .locals 0 | ||
|
|
||
| .prologue | ||
| .line 4 | ||
| invoke-direct {p0}, Ljava/lang/Object;-><init>()V | ||
|
|
||
| return-void | ||
| .end method |
Oops, something went wrong.