Skip to content

Instantly share code, notes, and snippets.

@eybisi
Last active December 29, 2023 23:45
Show Gist options
  • Save eybisi/a68b3a18ac9adc8eb17d0b869039ed54 to your computer and use it in GitHub Desktop.
Save eybisi/a68b3a18ac9adc8eb17d0b869039ed54 to your computer and use it in GitHub Desktop.
#!/usr/bin/python3
import os
from androguard.core.apk import APK
import frida
import time
import sys
frida_script = """
Java.perform(function() {
var f = Java.use("java.io.File")
f.delete.implementation = function(a){
if(this.getAbsolutePath().includes("jar")){
console.log("[+] Delete catched =>" +this.getAbsolutePath())
}
return true
}
})
"""
device = frida.get_usb_device()
f = sys.argv[1]
a = APK(f)
print("Package name ",a.get_package())
os.system("adb install "+f)
print(f + " installed ")
pid = device.spawn([a.get_package()])
session = device.attach(pid)
script = session.create_script(frida_script)
script.load()
device.resume(pid)
time.sleep(2)
os.system("adb pull /data/data/"+a.get_package()+" .")
print("Decrypted dex pulled")
script.unload()
os.system("adb uninstall "+a.get_package())
print(a.get_package() + " uninstalled")
time.sleep(2)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment