Created
December 12, 2018 16:18
-
-
Save eybisi/21ab53371341fa36393cac57d32dd344 to your computer and use it in GitHub Desktop.
get decrypted payload from all apk files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #get apks from server? wget -np -e robots=off -m site.com/apk/folder/ | |
| #Place all apks in the same dir as py file or change os.listdir parameter | |
| #you can get del.js from my repo https://github.com/eybisi/fridaScripts/blob/master/del.js | |
| import os | |
| from androguard.core.bytecodes import apk | |
| import frida | |
| import time | |
| device = frida.get_usb_device() | |
| files = [f for f in os.listdir("./")] | |
| for f in files: | |
| print(f) | |
| a = apk.APK(f) | |
| os.system("adb install "+f) | |
| print(f + " installed ") | |
| pid = device.spawn([a.get_package()]) | |
| session = device.attach(pid) | |
| script = session.create_script(open("del.js").read()) | |
| script.load() | |
| device.resume(pid) | |
| time.sleep(2) | |
| os.system("adb pull /data/data/"+a.get_package()+" .") | |
| print("Decrypted dex pulled") | |
| script.unload() | |
| os.system("adb uninstall "+a.get_package()) | |
| print(f + " uninstalled") | |
| time.sleep(2) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment