appknox / afe Goto Github PK
View Code? Open in Web Editor NEWAndroid Framework for Exploitation, is a framework for exploiting android based devices
License: GNU General Public License v3.0
Android Framework for Exploitation, is a framework for exploiting android based devices
License: GNU General Public License v3.0
Traces of Crypto Keys which might be intermediate keys used when loading
the different libraries.
1:None
- AES was found to be implemented at Lcom/flipkart/android/t/b;->a. This algorithm is insecure, hence should not be used. HMAC or other algorithms should be preferred
A service was found to be shared with other apps on the device without
an intent filter or a permission requirement therefore leaving it
accessible to any other application on the device.
1:None
- com.google.firebase.messaging.FirebaseMessagingService
2:None
- com.google.firebase.iid.FirebaseInstanceIdService
Hi,
First of all I would like to thank you about the wonderful framework.
I folllowed the manual and also some online videos and managed to reach upo to the point that I am about to start the reverse handler however I getting this error.
Success
Starting: Intent { cmp=com.xysecv3/.Xysecv3Activity }
Starting listener, press Ctrl+C to exit listener
python: can't open file 'postdata.py': [Errno 2] No such file or directory
The code that is calling the postdata.py as you know exists at the modules/malware/run.sh
I tried to find that file with no luck and also I browsed the code from previous commits but there is no where.
Best regards
Stergios
The default handling of WebViewClient should handle the
onReceivedSSLError properly, which might break certificate validation
1:None
- WebViewClient extended in com.facebook.internal.WebDialog$DialogWebViewClient Naive SSL error handling implemented
2:None
- WebViewClient extended in com.flipkart.android.fragments.WebViewFragment$b Naive SSL error handling implemented
Traces of Crypto Keys which might be intermediate keys used when loading
the different libraries.
1:None
- AES implemented at Lcom/flipkart/android/t/b;->a
The Android application exports Activity for use by other applications,
but does not properly restrict which applications can launch the
component or access the data it contains.
1:None
- Unprotected activity: com.flipkart.android.SplashActivity
Insufficient transport layer protection issues happen when the data is
sent from the mobile app to the server over unsecure channels. Whether
the data is transmitted through the carrier network or through WiFi, it
will end up through the Internet either way before it could reach the
remote server. There are several ways where unprotected data transmitted
over the network could be sniffed; things like routers, proxies, cell
towers, are some of the few ways data could be sniffed while in transit.
1:None
- This application opens a socket and connects to it, which might be insecured, defined at Lcom/e/a/a/a/q;->b
2:None
- This application opens a socket and connects to it, which might be insecured, defined at Lcom/e/a/a/a/p;->a
3:None
- This application opens a socket and connects to it, which might be insecured, defined at Lcom/e/a/a/a/p;->d
4:None
- This application opens a socket and connects to it, which might be insecured, defined at Lcom/e/a/a/a/p;->f
Application was found to be writing logs to the system logs
1:None
- Log message tagged 'ParseHelper': 'cannot add relative layout rules when container is not relative'
2:None
- Log message tagged 'Lcom/flipkart/android/proteus/ProteusConstants;->isLoggingEnabled()Z': 'Lcom/flipkart/android/proteus/parser/ParseHelper;->parseFloat(Ljava/lang/String;)F'
3:None
- Log message tagged 'Lcom/flipkart/android/proteus/ProteusConstants;->isLoggingEnabled()Z': 'Landroid/view/View;->getLayoutParams()Landroid/view/ViewGroup$LayoutParams;'
4:None
- Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'
5:None
- Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'
6:None
- Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'
7:None
- Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'
8:None
- Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'
Application was found to be writing logs to the system logs
1:None
- A message 'cannot add relative layout rules when container is not relative' under the tag 'ParseHelper' was logged
2:None
- A message 'Lcom/flipkart/android/proteus/parser/ParseHelper;->parseFloat(Ljava/lang/String;)F' under the tag 'Lcom/flipkart/android/proteus/ProteusConstants;->isLoggingEnabled()Z' was logged
3:None
- A message 'Landroid/view/View;->getLayoutParams()Landroid/view/ViewGroup$LayoutParams;' under the tag 'Lcom/flipkart/android/proteus/ProteusConstants;->isLoggingEnabled()Z' was logged
4:None
- A message 'margins can only be applied to views with parent ViewGroup' under the tag 'ViewParser' was logged
5:None
- A message 'margins can only be applied to views with parent ViewGroup' under the tag 'ViewParser' was logged
6:None
- A message 'margins can only be applied to views with parent ViewGroup' under the tag 'ViewParser' was logged
7:None
- A message 'margins can only be applied to views with parent ViewGroup' under the tag 'ViewParser' was logged
8:None
- A message 'margins can only be applied to views with parent ViewGroup' under the tag 'ViewParser' was logged
Application seems to use JavascriptInterface
. An attacker can use it to
do a Remote Code Execution on your application and steal sensitive
informations.
1:None
- com/flipkart/android/fragments/WebViewFragment;->enablePaymentHandler
2:None
- com/flipkart/android/fragments/WebViewFragment;->onCreateView
3:None
- com/flipkart/android/fragments/WebViewFragment;->onCreateView
The Android application exports Activity for use by other applications,
but does not properly restrict which applications can launch the
component or access the data it contains.
1:None
- Exported activity at com.flipkart.android.activity.HomeFragmentHolderActivity
Insufficient transport layer protection issues happen when the data is
sent from the mobile app to the server over unsecure channels. Whether
the data is transmitted through the carrier network or through WiFi, it
will end up through the Internet either way before it could reach the
remote server. There are several ways where unprotected data transmitted
over the network could be sniffed; things like routers, proxies, cell
towers, are some of the few ways data could be sniffed while in transit.
1:None
- Socket opened at Lcom/e/a/a/a/q;->b
Connection not secure
2:None
- Socket opened at Lcom/e/a/a/a/p;->a
Connection not secure
3:None
- Socket opened at Lcom/e/a/a/a/p;->d
Connection not secure
4:None
- Socket opened at Lcom/e/a/a/a/p;->f
Connection not secure
The Android application exports Service for use by other applications,
but does not properly restrict which applications can launch the
component or access the data it contains.
1:None
- Exported service at com.flipkart.accountManager.account.AuthenticatorService
2:None
- Exported service at com.google.firebase.messaging.FirebaseMessagingService
3:None
- Exported service at com.google.firebase.iid.FirebaseInstanceIdService
An open source project on Android malwares by Robert David.
The source is located here - https://github.com/wcb972/androrat
Integration of the malware and the server within AFE.
Implements naive hostname verification. This HostnameVerifier breaks
certificate validation!
1:None
- Custom HostnameVerifiers is implemented in class com.e.a.a.d.b and naive hostname verification is performed. This HostnameVerifier breaks certificate validation.
The Android application exports Receiver for use by other applications,
but does not properly restrict which applications can launch the
component or access the data it contains.
1:None
- Exported receiver at com.flipkart.android.campaignmanager.ReferrerReceiver
2:None
- Exported receiver at com.tune.TuneTracker
The default handling of WebViewClient should handle the
onReceivedSSLError properly, which might break certificate validation
1:None
- WebViewClient is extended in class com.facebook.internal.WebDialog$DialogWebViewClientNaive SSL error handling is implemented. This WebViewClient breaks certificate validation.
2:None
- WebViewClient is extended in class com.flipkart.android.fragments.WebViewFragment$bNaive SSL error handling is implemented. This WebViewClient breaks certificate validation.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.