The script is used for the automation of some MAPT activities and the interaction with the mobile Android device. The script was created to solve many problems:
- the command
adb root
is not enabled after device rooting on many production mobile devices; - the files need to be shared before on the external SD Card and then on the device;
- the retrieving of the application data (APKs, Shared preferences, Stored data) needs to be found and retrieved with several commands;
- the unpacking process of the application APK need a merge phase for application with multiple APKs in
/data/app/{app_id}_{base64_unique_id}
for efficency purpouses
Install the following programs and add their folder with binary files in the PATH
environment variable:
- ADB for interaction with the mobile device in Developer Mode;
- scrcpy for mirroring and remote control of the mobile device over ADB connection;
- JADX to explore source obtained from the decompiled code from the APK;
- Apktool to compile and decompile APKs;
- APKEditor to merge APKs.
- ABE Android Backup Extractor to create TAR from Android Backup.
For the following programs, create the wrapper to call the program without writing java -jar
.
As described for Apktool here, rename the tools JAR files as:
apktool.jar
APKEditor.jar
abe.jar
Create a wrapper for both the JAR files. For APKEditor and ABE, you can create one of the following wrappers depending on the Operating System:
- Windows (
APKEditor.bat
)
@echo off
setlocal
REM Set the path to your APKEditor.jar
set APKEDITOR_P="C:/Windows/APKEditor.jar"
REM Run APKEditor.jar
java -jar %APKEDITOR_P% %*
endlocal
Insert the wrapper and the JAR in one of the paths registered in the PATH
environment variable (e.g. C:\Windows\
).
- UNIX-based systems (
APKEditor
)
$APKEDITOR_PATH = "./APKEditor.jar"
java -jar $APKEDITOR_PATH "$@"
Insert the wrapper and the JAR in /usr/local/bin
.
Install python requirements using the following command:
pip install -r requirements.txt
python main.py
To run DNS Server using the tool, ensure that the Windows Firewall is disabled on the PC where the script will be run:
If everything was set successfully, you can intercept the traffic on ports 80, 443 in Burp Suite as follows:
-
Task Manager
- [] Daemon tasks
- logcat
- mirroring
- proxy with dns spoofing
- Sequential tasks
- [] Daemon tasks
-
Functionalities
-
apk_analysis
Analysis of the APKs (signature schema verifier, apk decompiling, search for common Root Detection, Certificate Pinning, SHA1-SHA256 strings in smali files, etc.)-
from_apk_on_pc
-
from_mobile_device
- Cordova
- Flutter
-
-
apk_compiling
Compile an APK file from the folder with decompiled and modified code-
compile
: Compile an apk file from the folder with decompiled and modified code -
compile_and_sign
: Compile and sign an apk file from the folder with decompiled and modified code
-
-
apk_decompiling
Decompile an APK file-
from_apk_on_pc
: -
from_mobile_device
:
-
-
apk_to_jar
Convert the apk to a jar file-
from_apk_on_pc
:-
create_jar_file
: -
jadx_create_and_open_file
:
-
-
from_mobile_device
:-
create_jar_file
: -
jadx_create_and_open_file
:
-
-
-
backup_and_data
Backup the mobile device or an application-
backup_device
: Backup the mobile device -
backup_specific_app
: Backup a specific app specifing its app ID -
backup_restore
: Specify the backup file path on your system -
backup_to_folder
: Convert the AB file to an unpacked folder -
reset_app_data
: Reset App data
-
-
download_from_mobile
Download file from the mobile device -
frida
: Use Frida for several functionalities-
function_hooking
-
script
-
-
install_uninstall
Install/Uninstall an app on the mobile device-
install_from_apk
-
install_from_playstore
-
uninstall
-
-
merge_apks
Merge several APKs using APKEditor-
from_directory
-
from_list
-
-
mirroring
Launch scrcpy for mobile device mirroring -
proxy
Set global proxy on the mobile device-
system_proxy
-
get_current_proxy
-
set_proxy_with_current_ip
-
set_proxy_with_other_ip
-
del_proxy
-
-
invisible_proxy
-
ip_tables
-
get_current_proxy
-
set_proxy_with_current_ip
-
set_proxy_with_other_ip
-
del_proxy
-
-
dns
-
get_current_proxy
-
dns_server_with_current_ip
-
dns_server_with_another_ip
-
-
-
install_certificates
- install depending on android
- Android <=10
- Android 10+
- Install without Rooted device
- MDM install
- install certificates on user land and modify android manifest
- VPN certificate in userland
- install depending on android
-
-
sign_apk
Sign an apk on your PC. Write the path of the apk you want to test -
system_mount_for_root
: Device rooting- Android <=10
- Android 10+
-
track_logs
Logs gathering-
all_logs
-
all_crash_logs
-
-
upload_to_mobile
Upload a file from PC to mobile device -
useful_staffs
-
device_info
-
apps_list
-
3rd_party_apps
: Get list of all the installed 3rd-party apps -
system_apps
: Get list of all the installed system apps
-
-
cpu_info
: Get CPU information -
general_info
: Get mobile device general information -
ram_info
: Get RAM information -
storage_info
: Get Storage information
-
-
battery_saver
: Battery Saver mode (ON/OFF) -
do_not_disturb_mode
: Do Not Disturb mode (ON/OFF) -
connectivity
: Connectivity options management-
wifi
: Wifi option Management (ON/OFF) -
airplane
: Airplane mode Management (ON/OFF)
-
-
screenshot_video
: Screenshot/Video on the mobile device-
screenshot
-
video
-
-
shutdown
Shutdown/Reboot the device with several options-
shutdown
: Shutdown the mobile device -
reboot
: Reboot the mobile device -
reboot_recovery
: Reboot the mobile device in recovery mode -
reboot_bootloader
: Reboot the mobile device in bootloader mode
-
-