Skip to content

Automation of some MAPT activities and interaction with the mobile Android device.

Notifications You must be signed in to change notification settings

RaffaDNDM/HacknDroid

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

HacknDroid

The script is used for the automation of some MAPT activities and the interaction with the mobile Android device. The script was created to solve many problems:

  • the command adb root is not enabled after device rooting on many production mobile devices;
  • the files need to be shared before on the external SD Card and then on the device;
  • the retrieving of the application data (APKs, Shared preferences, Stored data) needs to be found and retrieved with several commands;
  • the unpacking process of the application APK need a merge phase for application with multiple APKs in /data/app/{app_id}_{base64_unique_id} for efficency purpouses

Pre-requisites

Install the following programs and add their folder with binary files in the PATH environment variable:

  • ADB for interaction with the mobile device in Developer Mode;
  • scrcpy for mirroring and remote control of the mobile device over ADB connection;
  • JADX to explore source obtained from the decompiled code from the APK;
  • Apktool to compile and decompile APKs;
  • APKEditor to merge APKs.
  • ABE Android Backup Extractor to create TAR from Android Backup.

APKEditor and Apktool

For the following programs, create the wrapper to call the program without writing java -jar. As described for Apktool here, rename the tools JAR files as:

  • apktool.jar
  • APKEditor.jar
  • abe.jar

Create a wrapper for both the JAR files. For APKEditor and ABE, you can create one of the following wrappers depending on the Operating System:

  • Windows (APKEditor.bat)
@echo off
setlocal

REM Set the path to your APKEditor.jar
set APKEDITOR_P="C:/Windows/APKEditor.jar"

REM Run APKEditor.jar
java -jar %APKEDITOR_P% %*

endlocal

Insert the wrapper and the JAR in one of the paths registered in the PATH environment variable (e.g. C:\Windows\).

  • UNIX-based systems (APKEditor)
$APKEDITOR_PATH = "./APKEditor.jar"
java -jar $APKEDITOR_PATH "$@"

Insert the wrapper and the JAR in /usr/local/bin.

Install

Install python requirements using the following command:

pip install -r requirements.txt

Run the program

python main.py

Run Example Run Example Run Example

Proxy via DNS Spoofing (on Windows)

To run DNS Server using the tool, ensure that the Windows Firewall is disabled on the PC where the script will be run: Run Example Run Example

If everything was set successfully, you can intercept the traffic on ports 80, 443 in Burp Suite as follows: Run Example


Script features

  • Task Manager

    • [] Daemon tasks
      • logcat
      • mirroring
      • proxy with dns spoofing
    • Sequential tasks
  • Functionalities

  • apk_analysis
    Analysis of the APKs (signature schema verifier, apk decompiling, search for common Root Detection, Certificate Pinning, SHA1-SHA256 strings in smali files, etc.)

    • from_apk_on_pc
    • from_mobile_device
      • Cordova
      • Flutter
  • apk_compiling
    Compile an APK file from the folder with decompiled and modified code

    • compile: Compile an apk file from the folder with decompiled and modified code
    • compile_and_sign: Compile and sign an apk file from the folder with decompiled and modified code
  • apk_decompiling
    Decompile an APK file

    • from_apk_on_pc:
    • from_mobile_device:
  • apk_to_jar
    Convert the apk to a jar file

    • from_apk_on_pc:
      • create_jar_file:
      • jadx_create_and_open_file:
    • from_mobile_device:
      • create_jar_file:
      • jadx_create_and_open_file:
  • backup_and_data
    Backup the mobile device or an application

    • backup_device: Backup the mobile device
    • backup_specific_app: Backup a specific app specifing its app ID
    • backup_restore: Specify the backup file path on your system
    • backup_to_folder: Convert the AB file to an unpacked folder
    • reset_app_data: Reset App data
  • download_from_mobile
    Download file from the mobile device

  • frida: Use Frida for several functionalities

    • function_hooking
    • script
  • install_uninstall
    Install/Uninstall an app on the mobile device

    • install_from_apk
    • install_from_playstore
    • uninstall
  • merge_apks
    Merge several APKs using APKEditor

    • from_directory
    • from_list
  • mirroring
    Launch scrcpy for mobile device mirroring

  • proxy
    Set global proxy on the mobile device

    • system_proxy
      • get_current_proxy
      • set_proxy_with_current_ip
      • set_proxy_with_other_ip
      • del_proxy
    • invisible_proxy
      • ip_tables
        • get_current_proxy
        • set_proxy_with_current_ip
        • set_proxy_with_other_ip
        • del_proxy
      • dns
        • get_current_proxy
        • dns_server_with_current_ip
        • dns_server_with_another_ip
    • install_certificates
      • install depending on android
        • Android <=10
        • Android 10+
      • Install without Rooted device
        • MDM install
        • install certificates on user land and modify android manifest
        • VPN certificate in userland
  • sign_apk
    Sign an apk on your PC. Write the path of the apk you want to test

  • system_mount_for_root: Device rooting

    • Android <=10
    • Android 10+
  • track_logs
    Logs gathering

    • all_logs
    • all_crash_logs
  • upload_to_mobile
    Upload a file from PC to mobile device

  • useful_staffs

    • device_info
      • apps_list
        • 3rd_party_apps: Get list of all the installed 3rd-party apps
        • system_apps: Get list of all the installed system apps
      • cpu_info: Get CPU information
      • general_info: Get mobile device general information
      • ram_info: Get RAM information
      • storage_info: Get Storage information
    • battery_saver: Battery Saver mode (ON/OFF)
    • do_not_disturb_mode: Do Not Disturb mode (ON/OFF)
    • connectivity: Connectivity options management
      • wifi: Wifi option Management (ON/OFF)
      • airplane: Airplane mode Management (ON/OFF)
    • screenshot_video: Screenshot/Video on the mobile device
      • screenshot
      • video
    • shutdown
      Shutdown/Reboot the device with several options
      • shutdown: Shutdown the mobile device
      • reboot: Reboot the mobile device
      • reboot_recovery: Reboot the mobile device in recovery mode
      • reboot_bootloader: Reboot the mobile device in bootloader mode

About

Automation of some MAPT activities and interaction with the mobile Android device.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages