shroudedcode / apk-mitm Goto Github PK

View Code? Open in Web Editor NEW

3.5K 43.0 328.0 250 KB

🤖 A CLI application that automatically prepares Android APK files for HTTPS inspection

Home Page: https://npm.im/apk-mitm

License: MIT License

JavaScript 0.34% TypeScript 99.66%

cli reverse-engineering android apk mitm certificate-pinning apktool man-in-the-middle

apk-mitm's People

Contributors

Stargazers

Watchers

Forkers

mmillerxyz peterg75 longjohncoder fo0nikens jermainlaforce m00zh33 akshayjaing kimsang3006 goncalopalaio nickjacob crackercat wannabe99 hadryan manchdev imloama bbhunter gavz puujee0238 tchigher jzarca01 hazer sohambakore biniamf hello-xbugs chouaibhm ylmrx g33kyshivam chanpu9 freemanzyq dhayalanb alainmuller bravery9 irk3n-dev hbxc0re huvuqu c002 h4xl0r johndoex1 seabreg usman75 sontt9 minkione virgilcj jas-patel pandapentest ninovalboskoni djgrasss ashr reversetools 5l1v3r1 shahid1996 jarlob s3gm3nt4ti0nf4ult jinnu92 adelittle proteanblank modulexcite rythmosadvisory mmg1 vikashpatty m4rm0k nhattm3006 codehunt2 gunngrave v0re usahapintar khoabk12 vdajon polling-repo-continua mreetyunjaya texervn ameg-yag kar10s lizhengdao skippynor an0nym0u5101 fuck2ky pu55yf3r hamburgerearmuffs gdraperi balramrexwal frk001 do-web android-toolkits xxxman2008 kakuye lynx4 qiyue2588 meafs mayank160920 rc014 stevieg27 kofro wuying283 marz-hunter loctv williamtran29 rajeshr34 yuceloztas gfdac

apk-mitm's Issues

error: Resource entry network_security_config is already defined

Used this apk https://apkpure.com/fr/starbucks-france/com.starbucks.fr/download?from=details (version 2.0.7)
with latest version of apk-mitm

Error: Command failed with exit code 1: java -jar /Users/jeremie/.npm/_npx/29950/lib/node_modules/apk-mitm/jar/apktool.jar build /private/var/folders/m1/_v6rkfw9115byzhb4nfk2vzr0000gn/T/591646000946a41ea7940be58e0284a7/decode --output /private/var/folders/m1/_v6rkfw9115byzhb4nfk2vzr0000gn/T/591646000946a41ea7940be58e0284a7/tmp.apk

 W: /private/var/folders/m1/_v6rkfw9115byzhb4nfk2vzr0000gn/T/591646000946a41ea7940be58e0284a7/decode/res/values/xmls.xml:4: error: Resource entry network_security_config is already defined.
W: res/xml/network_security_config.xml:0: Originally defined here.
W: 
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [/var/folders/m1/_v6rkfw9115byzhb4nfk2vzr0000gn/T/brut_util_Jar_15094341727105803434.tmp, p, --forced-package-id, 127, --min-sdk-version, 19, --target-sdk-version, 28, --version-code, 1267, --version-name, 2.0.7, --no-version-vectors, -F, /var/folders/m1/_v6rkfw9115byzhb4nfk2vzr0000gn/T/APKTOOL6502468308795034810.tmp, -e, /var/folders/m1/_v6rkfw9115byzhb4nfk2vzr0000gn/T/APKTOOL1751451533765204483.tmp, -0, arsc, -I, /Users/jeremie/Library/apktool/framework/1.apk, -S, /private/var/folders/m1/_v6rkfw9115byzhb4nfk2vzr0000gn/T/591646000946a41ea7940be58e0284a7/decode/res, -M, /private/var/folders/m1/_v6rkfw9115byzhb4nfk2vzr0000gn/T/591646000946a41ea7940be58e0284a7/decode/AndroidManifest.xml]

Cleartext traffic not allowed after patching APK

Hi,

Today I patched an APK which also has unsecured (HTTP) endpoints, and after patching the APK those API calls would be blocked by Android with ERR_CLEARTEXT_NOT_PERMITTED.

The fix was to run the script with --wait and add <base-config cleartextTrafficPermitted="true" /> to network-security-config.xml before rebuilding the APK. Could it be done automatically if the original AndroidManifest.xml enables cleartext traffic through the usesCleartextTraffic attribute?

I'm new to all of this and have no experience with Android development so not sure what else should be considered.

Thanks!

Stuck on "disabling certificate pinning"

Hey! Appreciate all your hard work making this tool. Just a quick question regarding an issue I am experiencing. I've tried a few different apks and always hang on "disabling certificate pinning". The process never completes. I am wondering whether it is just the particular apks, or something on my end.

Thanks very much.

UnsupportedClassVersionError: Unsupported major.minor version 52.0

Hello,

First, thanks for your tool! I've an error whenI try to patch an APK :

npx apk-mitm test.apk --apktool apktool_2.3.0.jar

  ╭ apk-mitm v0.6.1
  ├ apktool custom version
  ╰ uber-apk-signer v1.1.0

  Using temporary directory:
  /tmp/74eccfd812ae579e107cc604ac214bb9

  ✔ Decoding APK file
  ✔ Modifying app manifest
  ✔ Modifying network security config
  ✔ Disabling certificate pinning
  ✔ Encoding patched APK file
  ⠴ Signing patched APK file
(node:1126) UnhandledPromiseRejectionWarning: Error: Command failed with exit code 1: java -jar /usr/lib/node_modules/apk-mitm/jar/uber-apk-signer.jar --allowResign --overwrite --apks /tmp/74eccfd812ae579e107cc604ac214bb9/tmp.apk
    at makeError (/usr/lib/node_modules/apk-mitm/node_modules/execa/lib/error.js:56:11)
    at handlePromise (/usr/lib/node_modules/apk-mitm/node_modules/execa/index.js:114:26)

I tried with others version of apktool. With 2.3.2 and above I've this error:

npx apk-mitm test.apk --apktool apktool_2.3.3.jar

  ╭ apk-mitm v0.6.1
  ├ apktool custom version
  ╰ uber-apk-signer v1.1.0

  Using temporary directory:
  /tmp/2f2fba23aedf204118557b72e45c0d1a

  ✔ Decoding APK file
  ✔ Modifying app manifest
  ✔ Modifying network security config
  ✔ Disabling certificate pinning
  ❯ Encoding patched APK file
    ↓ Encoding using AAPT2 [skipped]
      → Failed, falling back to AAPT...
    ✖ Encoding using AAPT [fallback]
      → Command failed with exit code 1: java -jar apktool_2.3.3.jar build /tmp/2f2fba23aedf204118557b72e45c0d1a/decode --output /tmp/2f2fba23aedf204118557b72e45c0d
…
    Signing patched APK file

   Failed!  An error occurred:

 Error: Command failed with exit code 1: java -jar apktool_2.3.3.jar build /tmp/2f2fba23aedf204118557b72e45c0d1a/decode --output /tmp/2f2fba23aedf204118557b72e45c0d1a/tmp.apk

Do you have an idea?

Thanks

Certificate Pinning - Not Found

So This App Actually Has Certificate Pinning But When You Run it Through APK-MITM it says no certificate Pinning Method Found
When You Try to Debug the App It Sends Requests to An APi on port 433
https://www.sendspace.com/file/q3v2c2

Zoom Video Issues

This is "work in progress"
I have the feeling that something in the patching process has gone wrong.
It is an XAPK split file into 3 and the result of the patch process is a few mb smaller compared to the original.
Basically the error is the same as CandyCrush "uses its own CA list".

Within com.zipow.cmmlib.AppUtil ( AppUtil.smali) there is getCertificateFingerprintMD5 which compares the md5 hash signature of the package with a stored value in split_config.arm64_v8a.apk/lib/arm64-v8a libzLoader.so .

Evil function
com.zipow.cmmlib.AppUtil

public static String getCertificateFingerprintMD5() {
   Signature[] signatures = ZMUtils.getSignatures(VideoBoxApplication.getNonNullInstance());
   return (signatures == null || signatures.length == 0 || signatures[0] == null) ? "" : StringUtil.safeString(ZMUtils.hexDigest(signatures[0].toByteArray(), MessageDigestAlgorithms.MD5)).toLowerCase();
}

libzWebService.so includes the sha256 hashes of trustworthy public keys

The Java function isIssuedByKnownRoot (us.zoom.net.AndroidCertVerifyResult)
checks for root cas that are legimate cert pinning ca's

I am not sure how well apk-mitm deals with binary shared objects.

brut.directory.DirectoryException: Error copying file: aux.xml

@FahmiRR is getting the following error (issue split off from this comment):


  ╭ apk-mitm v0.8.0
  ├ apktool v2.4.1
  ╰ uber-apk-signer v1.1.0

  Using temporary directory:
  C:\Users\FAHMI~1.RIZ\AppData\Local\Temp\831d017b5c621c8337f5b653ea760fc1

  √ Downloading tools
  × Decoding APK file
    → I: Copying unknown files...
    Modifying app manifest
    Modifying network security config
    Disabling certificate pinning
    Encoding patched APK file
    Signing patched APK file

   Failed!  An error occurred:

I: Using Apktool 2.4.1 on gojek.apk
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: C:\Users\FAHMI~1.RIZ\AppData\Local\Temp\831d017b5c621c8337f5b653ea760fc1\framework\1.apk
I: Regular manifest package...
I: Decoding file-resources...
I: Decoding values */* XMLs...
I: Baksmaling classes.dex...
[ --- 38 more lines like this --- ]
I: Baksmaling classes40.dex...
I: Copying assets and libs...
I: Copying unknown files...
Exception in thread "main" brut.androlib.AndrolibException: brut.directory.DirectoryException: Error copying file: aux.xml
        at brut.androlib.Androlib.decodeUnknownFiles(Androlib.java:214)
        at brut.androlib.ApkDecoder.decode(ApkDecoder.java:180)
        at brut.apktool.Main.cmdDecode(Main.java:170)
        at brut.apktool.Main.main(Main.java:76)
Caused by: brut.directory.DirectoryException: Error copying file: aux.xml
        at brut.directory.DirUtil.copyToDir(DirUtil.java:91)
        at brut.directory.AbstractDirectory.copyToDir(AbstractDirectory.java:208)
        at brut.androlib.Androlib.decodeUnknownFiles(Androlib.java:207)
        ... 3 more
Caused by: java.io.FileNotFoundException: C:\Users\FAHMI~1.RIZ\AppData\Local\Temp\831d017b5c621c8337f5b653ea760fc1\decode\unknown\aux (The system cannot find the file specified)
        at java.io.FileOutputStream.open0(Native Method)
        at java.io.FileOutputStream.open(Unknown Source)
        at java.io.FileOutputStream.<init>(Unknown Source)
        at java.io.FileOutputStream.<init>(Unknown Source)
        at brut.directory.DirUtil.copyToDir(DirUtil.java:87)
        ... 5 more

Disabling certificate pinning - Failing

I'm trying to run the apt-mitm but i'm getting this error on Disabling certificate pinning step:
TypeError: applicablePatches.flatMap is not a function at Object.processSmaliFile [as default] (/usr/local/lib/node_modules/apk-mitm/dist/tasks/smali/process-file.js:26:49)

brut.directory.DirectoryException: Error copying file: ? .xml

Hi,
First of all thanks for the work done, I have the following problem, could you please tell me what it could be?
I copy this from the directory (The full logs of all commands are available here)

I: Using Apktool 2.5.0 on com.someone.apk
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: C:\Users\Username~1\AppData\Local\Temp\apk-mitm-bfe4ff5a1e08401512e8dbdf0609e3cf\framework\1.apk
I: Regular manifest package...
I: Decoding file-resources...
I: Decoding values */* XMLs...
I: Baksmaling classes.dex...
I: Copying assets and libs...
I: Copying unknown files...
Exception in thread "main" brut.androlib.AndrolibException: brut.directory.DirectoryException: Error copying file: ?	 .xml
	at brut.androlib.Androlib.decodeUnknownFiles(Androlib.java:216)
	at brut.androlib.ApkDecoder.decode(ApkDecoder.java:180)
	at brut.apktool.Main.cmdDecode(Main.java:179)
	at brut.apktool.Main.main(Main.java:82)
Caused by: brut.directory.DirectoryException: Error copying file: ?	 .xml
	at brut.directory.DirUtil.copyToDir(DirUtil.java:91)
	at brut.directory.AbstractDirectory.copyToDir(AbstractDirectory.java:208)
	at brut.androlib.Androlib.decodeUnknownFiles(Androlib.java:209)
	... 3 more
Caused by: java.io.IOException: The filename, directory name, or volume label syntax is incorrect 
	at java.io.WinNTFileSystem.canonicalize0(Native Method)
	at java.io.WinNTFileSystem.canonicalize(Unknown Source)
	at java.io.File.getCanonicalPath(Unknown Source)
	at brut.util.BrutIO.sanitizeUnknownFile(BrutIO.java:90)
	at brut.directory.DirUtil.copyToDir(DirUtil.java:84)
	... 5 more

Error while Building app

  √ Checking prerequisities
  √ Decoding APK file
  √ Applying patches
  > Encoding patched APK file
    ↓ Encoding using AAPT2 [skipped]
      → Failed, falling back to AAPT...
    × Encoding using AAPT [fallback]
      → I: Building resources...
    Signing patched APK file

   Failed!  An error occurred:

I: Using Apktool 2.5.0
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether resources has changed...
I: Building resources...
W: C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\decode\res\values\animators.xml:3: error: Found tag animator where item is expected
W:
W: C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\decode\res\values\anims.xml:3: error: Found tag anim where item is expected
W:
W: C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\decode\res\values\ids.xml:9091: error: Found tag id where item is expected
W:
W: C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\decode\res\values\layouts.xml:3791: error: Found tag layout where item is expected
W:
W: C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\decode\res\values\styles.xml:3782: error: Resource entry InThreadComposerTextArea already has bag item android:textColorHint.
W: C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\decode\res\values\styles.xml:3781: Originally defined here.
W:
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [C:\Users\Udhaya\AppData\Local\Temp\brut_util_Jar_24173194710588018797807579936311536666.tmp, p, --forced-package-id, 127, --min-sdk-version, 21, --target-sdk-version, 30, --version-code, 289692181, --version-name, 187.0.0.32.120, --no-version-vectors, -F, C:\Users\Udhaya\AppData\Local\Temp\APKTOOL4306874752780290107.tmp, -e, C:\Users\Udhaya\AppData\Local\Temp\APKTOOL8861453930364176705.tmp, -0, arsc, -I, C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\framework\1.apk, -S, C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\decode\res, -M, C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\decode\AndroidManifest.xml]

  The full logs of all commands are available here:
  C:\Users\Udhaya\AppData\Local\Temp\apk-mitm-5875c039835a01dd9b0b18b091a8b768\logs

BrutException: could not exec

First of all - Thank you for this amazing tool! It works flawlessly on two apps I already tried.
The third one runs into an issue. Would you be able to help here / point me into the right direction (looking into issues in the apk tool library you built this tool on) ?

Log1:

I: Using Apktool 2.5.0
I: Checking whether sources has changed...
I: Smaling smali folder into classes.dex...
I: Checking whether resources has changed...
I: Building resources...
W: C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\decode\res\drawable-nodpi\placeholder.png: error: failed to read PNG signature: file does not start with PNG signature.
W: C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\decode\res\drawable-nodpi\placeholder.png: error: file failed to compile.
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [C:\Users\\AppData\Local\Temp\brut_util_Jar_12710325543597105796928253852732964286.tmp, compile, --dir, C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\decode\res, --legacy, -o, C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\decode\build\resources.zip]

Log2:

I: Using Apktool 2.5.0
I: Checking whether sources has changed...
I: Checking whether resources has changed...
I: Building resources...
W: libpng error: Not a PNG file
W: ERROR: Failure processing PNG image C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\decode\res\drawable-nodpi\placeholder.png
W: C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\decode\res\values\styles.xml:318: error: Resource entry AppTheme already has bag item colorPrimary.
W: C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\decode\res\values\styles.xml:317: Originally defined here.
W: 
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [C:\Users\\AppData\Local\Temp\brut_util_Jar_2081721367269981148661765789156865749.tmp, p, --forced-package-id, 127, --min-sdk-version, 23, --target-sdk-version, 30, --version-code, 113, --version-name, 11.3, --no-version-vectors, -F, C:\Users\\AppData\Local\Temp\APKTOOL8040330427725333163.tmp, -e, C:\Users\\AppData\Local\Temp\APKTOOL5450990596732677343.tmp, -0, arsc, -I, C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\framework\1.apk, -S, C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\decode\res, -M, C:\Users\\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\decode\AndroidManifest.xml]

Log3:

I: Using Apktool 2.5.0 on _11_3.apk
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: C:\Users\AppData\Local\Temp\apk-mitm-e0aca39ecedcc4a02dfbff425e785cac\framework\1.apk
I: Regular manifest package...
I: Decoding file-resources...
W: Cant find 9patch chunk in file: "drawable-xhdpi-v4/com_facebook_tooltip_blue_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-mdpi-v4/common_google_signin_btn_icon_dark_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-mdpi-v4/common_google_signin_btn_icon_light_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-mdpi-v4/com_facebook_tooltip_black_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-mdpi-v4/common_google_signin_btn_text_light_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-hdpi-v4/common_google_signin_btn_text_light_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-xhdpi-v4/common_google_signin_btn_icon_dark_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-xxhdpi-v4/common_google_signin_btn_icon_light_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-xxhdpi-v4/common_google_signin_btn_text_light_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-xhdpi-v4/common_google_signin_btn_icon_light_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-xxhdpi-v4/common_google_signin_btn_icon_dark_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-mdpi-v4/com_facebook_tooltip_blue_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-xxhdpi-v4/common_google_signin_btn_text_dark_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-hdpi-v4/com_facebook_tooltip_black_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-hdpi-v4/common_google_signin_btn_icon_light_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-xhdpi-v4/common_google_signin_btn_text_dark_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-hdpi-v4/common_google_signin_btn_icon_dark_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-hdpi-v4/common_google_signin_btn_text_dark_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-mdpi-v4/common_google_signin_btn_text_dark_normal_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-hdpi-v4/com_facebook_tooltip_blue_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-xhdpi-v4/com_facebook_tooltip_black_background.9.png". Renaming it to *.png.
W: Cant find 9patch chunk in file: "drawable-xhdpi-v4/common_google_signin_btn_text_light_normal_background.9.png". Renaming it to *.png.
I: Decoding values */* XMLs...
I: Baksmaling classes.dex...
I: Copying assets and libs...
I: Copying unknown files...
I: Copying original files...
I: Copying META-INF/services directory

Struck at disabling certificate pinning step for 48 hours

encode error with famous Tiktok Apk.

i'm using "npx apk-mitm" commond . and installed apk-mitm from npm. it should be the latest release ,i think.

I try to use apk-mitm to repack Tiktok Apk . but failed.

Test machine:
Ubuntu server 18.04
JAVA:
openjdk version "1.8.0_275"
OpenJDK Runtime Environment (build 1.8.0_275-8u275-b01-0ubuntu1~18.04-b01)
OpenJDK 64-Bit Server VM (build 25.275-b01, mixed mode)
Nodejs:
v10.23.0 with npm 6.14.8

I attached the logs and the apk ( please change the extension name) for your reference .

Thank you in advance .

logs.zip

Fails on encoding (building resources part)

Please try latest Instagram or TikTok app and see if you succeed.

My Environment
Mac 10.15.7
╭ apk-mitm v0.9.0
├ apktool v2.4.1
╰ uber-apk-signer v1.1.0

Thanks.

return-void not accepted in function getAcceptedIssuers()

Hi,

Thanks for the tool, I am trying to use it but I got the following error:

java.lang.VerifyError: Verifier rejected class redacted_name:java.security.cert.X509Certificate[] package.name.of.class$subclass.getAcceptedIssuers() failed to verify java.security.cert.X509Certificate return-void not expected.

Is there anything I can do?

Error while encoding

✔ Decoding APK file
  ✔ Modifying app manifest
  ✔ Modifying network security config
  ✔ Disabling certificate pinning
  ❯ Encoding patched APK file
    ↓ Encoding using AAPT2 [skipped]
      → Failed, falling back to AAPT...
    ✖ Encoding using AAPT [fallback]
      → I: Building resources...
    Signing patched APK file

   Failed!  An error occurred:

 Error: Command failed with exit code 1: java -jar /home/provious/.npm/_npx/30859/lib/node_modules/apk-mitm/jar/apktool.jar build /tmp/77eca03adabb59c0655d6505b9e08d30/decode --output /tmp/77eca03adabb59c0655d6505b9e08d30/tmp.apk
W: /tmp/77eca03adabb59c0655d6505b9e08d30/decode/AndroidManifest.xml:2: error: No resource identifier found for attribute 'compileSdkVersion' in package 'android'
W: 
W: /tmp/77eca03adabb59c0655d6505b9e08d30/decode/AndroidManifest.xml:2: error: No resource identifier found for attribute 'compileSdkVersionCodename' in package 'android'
W: 
W: /tmp/77eca03adabb59c0655d6505b9e08d30/decode/AndroidManifest.xml:14: error: No resource identifier found for attribute 'appComponentFactory' in package 'android'
W: 
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [/tmp/brut_util_Jar_16292214656890575585.tmp, p, --forced-package-id, 127, --min-sdk-version, 21, --target-sdk-version, 28, --version-code, 1487, --version-name, 5.7, --no-version-vectors, -F, /tmp/APKTOOL10364285201621465561.tmp, -e, /tmp/APKTOOL5984856679963748565.tmp, -0, arsc, -I, /home/provious/.local/share/apktool/framework/1.apk, -S, /tmp/77eca03adabb59c0655d6505b9e08d30/decode/res, -M, /tmp/77eca03adabb59c0655d6505b9e08d30/decode/AndroidManifest.xml]
I: Using Apktool 2.4.1
I: Checking whether sources has changed...
I: Checking whether resources has changed...
I: Building resources...

 W: /tmp/77eca03adabb59c0655d6505b9e08d30/decode/AndroidManifest.xml:2: error: No resource identifier found for attribute 'compileSdkVersion' in package 'android'
W: 
W: /tmp/77eca03adabb59c0655d6505b9e08d30/decode/AndroidManifest.xml:2: error: No resource identifier found for attribute 'compileSdkVersionCodename' in package 'android'
W: 
W: /tmp/77eca03adabb59c0655d6505b9e08d30/decode/AndroidManifest.xml:14: error: No resource identifier found for attribute 'appComponentFactory' in package 'android'
W: 
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [/tmp/brut_util_Jar_16292214656890575585.tmp, p, --forced-package-id, 127, --min-sdk-version, 21, --target-sdk-version, 28, --version-code, 1487, --version-name, 5.7, --no-version-vectors, -F, /tmp/APKTOOL10364285201621465561.tmp, -e, /tmp/APKTOOL5984856679963748565.tmp, -0, arsc, -I, /home/provious/.local/share/apktool/framework/1.apk, -S, /tmp/77eca03adabb59c0655d6505b9e08d30/decode/res, -M, /tmp/77eca03adabb59c0655d6505b9e08d30/decode/AndroidManifest.xml]

Error: Command failed with exit code 1: java -jar /root/.cache/apk-mitm/apktool-v2.4.1.jar build

Getting the following Issue .The App is supplied via a .xapk extension

  ╭ apk-mitm v0.7.1
  ├ apktool v2.4.1
  ╰ uber-apk-signer v1.1.0
  
  Using temporary directory:
  /tmp/6c4b6d953f036593bf5f9ab677558088

  ✔ Extracting APKs
  ✔ Finding base APK path
  ❯ Patching base APK
    ✔ Downloading tools
    ✔ Decoding APK file
    ✔ Modifying app manifest
    ✔ Modifying network security config
    ✔ Disabling certificate pinning
    ❯ Encoding patched APK file
      ↓ Encoding using AAPT2 [skipped]
        → Failed, falling back to AAPT...
      ✖ Encoding using AAPT [fallback]
        → I: Building resources...
      Signing patched APK file
    Signing APKs
    Compressing APKs

   Failed!  An error occurred:

 Error: Command failed with exit code 1: java -jar /root/.cache/apk-mitm/apktool-v2.4.1.jar build /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/decode --output /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/tmp.apk --frame-path /tmp/6c4b6d953f036593bf5f9ab677558088/framework
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
W: /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/decode/AndroidManifest.xml:62: Tag <uses-permission> attribute name has invalid character '-'.
W: /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/decode/AndroidManifest.xml:63: Tag <uses-permission> attribute name has invalid character '-'.
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [/tmp/brut_util_Jar_485912746666702922.tmp, p, --forced-package-id, 127, --min-sdk-version, 21, --target-sdk-version, 29, --version-code, 6013, --version-name, 6.0.13, --no-version-vectors, -F, /tmp/APKTOOL14002601331462194736.tmp, -e, /tmp/APKTOOL12807168895037400079.tmp, -0, arsc, -I, /tmp/6c4b6d953f036593bf5f9ab677558088/framework/1.apk, -S, /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/decode/res, -M, /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/decode/AndroidManifest.xml]
I: Using Apktool 2.4.1
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether resources has changed...
I: Building resources...

 Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
W: /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/decode/AndroidManifest.xml:62: Tag <uses-permission> attribute name has invalid character '-'.
W: /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/decode/AndroidManifest.xml:63: Tag <uses-permission> attribute name has invalid character '-'.
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [/tmp/brut_util_Jar_485912746666702922.tmp, p, --forced-package-id, 127, --min-sdk-version, 21, --target-sdk-version, 29, --version-code, 6013, --version-name, 6.0.13, --no-version-vectors, -F, /tmp/APKTOOL14002601331462194736.tmp, -e, /tmp/APKTOOL12807168895037400079.tmp, -0, arsc, -I, /tmp/6c4b6d953f036593bf5f9ab677558088/framework/1.apk, -S, /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/decode/res, -M, /tmp/6c4b6d953f036593bf5f9ab677558088/base-apk/decode/AndroidManifest.xml]

javax.net.ssl.SSLPeerUnverifiedException: Hostname not verified

Patching succeeded, showing warning about Android App Bundle
2.I exported via SAI, patched resulting .apks, installed resulting .apks, and it app itself works, however MITM does not, seemingly there is some pinning that was missed by the apk-mitm (I noticed that briefly it has shown "no pinning detected").

How can I export log/debug that? So far I identified in logcat:

 Root cause (1 of 1)
 javax.net.ssl.SSLPeerUnverifiedException: Hostname foo.com not verified:
     certificate: sha256/[...]
     DN: CN=foo.com,OU=UNTRUSTED SandroProxy,O=UNTRUSTED SandroProxy
     subjectAltNames: []
 	at okhttp3.internal.connection.RealConnection.b(SourceFile:22)
 	at okhttp3.internal.connection.RealConnection.f(SourceFile:9)
 	at okhttp3.internal.connection.RealConnection.connect(SourceFile:15)
 	at okhttp3.internal.connection.ExchangeFinder.c(SourceFile:32)
 	at okhttp3.internal.connection.ExchangeFinder.d(SourceFile:1)
 	at okhttp3.internal.connection.ExchangeFinder.b(SourceFile:6)
 	at okhttp3.internal.connection.Transmitter.e(SourceFile:5)
 	at okhttp3.internal.connection.ConnectInterceptor.intercept(SourceFile:5)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:1)
 	at okhttp3.internal.cache.CacheInterceptor.intercept(SourceFile:22)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:1)
 	at okhttp3.internal.http.BridgeInterceptor.intercept(SourceFile:22)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
 	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(SourceFile:6)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:1)
 	at com.myapp.base.network.interceptor.ImageProfilingNetworkInterceptor.intercept(SourceFile:5)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:1)
 	at com.myapp.base.network.interceptor.ImageCacheInterceptor.intercept(SourceFile:3)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
 	at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:1)
 	at okhttp3.RealCall.e(SourceFile:13)
 	at okhttp3.RealCall$AsyncCall.execute(SourceFile:2)
 	at okhttp3.internal.NamedRunnable.run(SourceFile:3)
 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
 	at java.lang.Thread.run(Thread.java:764)

Originally posted by @anilatx in #23 (comment)

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found

First i will upload the apk
https://www.virustotal.com/gui/file/d2fd0492c673dba01efd106a246ec8486ada85b23b7705d24e069ee910b33c44/detection
and the link
https://mega.nz/file/hogAza4R#pbbfGAKIlkzjwRDKcS8qKQzK8bXMTtAvjoZI05rW8tE

Hello, so i basically found this for be able to see HTTPS traffic in android 7.0 and above.

Im using a Pocophone f1 with custom pixel rom. full rooted .

I downloaded and run the command.

npx apk-mitm test.apk

  ╭ apk-mitm v0.8.0
  ├ apktool v2.4.1
  ╰ uber-apk-signer v1.1.0

  Using temporary directory:
  C:\Users\LOCALH~1\AppData\Local\Temp\73f987887a918a71caaa00af34688d5b

  √ Downloading tools
  √ Decoding APK file
  √ Modifying app manifest
  √ Modifying network security config
  ↓ Disabling certificate pinning [skipped]
    → No certificate pinning logic found.
  √ Encoding patched APK file
  √ Signing patched APK file

   Done!  Patched file: ./test-patched.apk

after this i installed the patched apk via adb

adb install Tribal-patched.apk
Performing Streamed Install
Success

But when running and trying to debugging HTTPS traffic im getting.

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found

The app needs to have certificate pinning cause witouth any mitm it works good(im using charles if that matters)

Instagram latest does not work: Resource error

Do you have any insights on how to fix this issue?

encoding-aapt.failed.log
encoding-aapt2.failed.log

syntax error in encoding

I tried using your program under a x64 Arch installation and on a raspberry pi (both times using openjdk 11). The error report below is from the raspberry pi. The apk was the latest tiktok apk. I'd be very grateful if you could help me solve this error.

➜  ~ npx apk-mitm android.apk
npx: installed 139 in 20.205s

  ╭ apk-mitm v0.6.2
  ├ apktool v2.4.1
  ╰ uber-apk-signer v1.1.0

  Using temporary directory:
  /tmp/7aef2cab1cc5ca0794c0f29396515b6c

  ✔ Decoding APK file
  ✔ Modifying app manifest
  ✔ Modifying network security config
  ✔ Disabling certificate pinning
  ❯ Encoding patched APK file
    ↓ Encoding using AAPT2 [skipped]
      → Failed, falling back to AAPT...
    ✖ Encoding using AAPT [fallback]
      → Command failed with exit code 1: java -jar /home/pi/.npm/_npx/18012/lib/node_modules/a
…
    Signing patched APK file

   Failed!  An error occurred:

 Error: Command failed with exit code 1: java -jar /home/pi/.npm/_npx/18012/lib/node_modules/apk-mitm/jar/apktool.jar build /tmp/7aef2cab1cc5ca0794c0f29396515b6c/decode --output /tmp/7aef2cab1cc5ca0794c0f29396515b6c/tmp.apk

 brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 2): [/tmp/brut_util_Jar_11860541976089287700.tmp, p, --forced-package-id, 127, --min-sdk-version, 16, --target-sdk-version, 28, --version-code, 2021407050, --version-name, 14.7.5, --no-version-vectors, -F, /tmp/APKTOOL15023095336353795217.tmp, -e, /tmp/APKTOOL8221647891385303484.tmp, -0, arsc, -I, /home/pi/.local/share/apktool/framework/1.apk, -S, /tmp/7aef2cab1cc5ca0794c0f29396515b6c/decode/res, -M, /tmp/7aef2cab1cc5ca0794c0f29396515b6c/decode/AndroidManifest.xml]     
W: /tmp/brut_util_Jar_11860541976089287700.tmp: 2: /tmp/brut_util_Jar_11860541976089287700.tmp: Syntax error: "(" unexpected

Add CLI option to automatically replace Google Maps API key with provided key

First of all, this is a really excellent tool you've built and I want to say thank you.

Feature request:
It's not always obvious that an app uses Google Maps without first using the app. This leads to some repeated work:

patch app
install app on device
test patched app and discover it uses Google Maps
uninstall app
patch app again using --wait option
replace Google Maps API key in manifest
install app on device
test app again

It would be great if there was a way to pass a Google Maps API key as a CLI option and automatically replace the Google Maps API key in AndroidManifest.xml with this key (if it exists).

Code E404

Hi,

This maybe will be a newbie mistake as this is my first time using node.js and tried to follow some instruction that required me to modify my apk

I already had Node.js version 12+ and Java 8+ installed and I have been trying to modify my 'gojek.apk'

D:\my\directory\to\apk>npx apk-mitm gojek.apk
npm ERR! code E404
npm ERR! 404 Not Found - GET https://registry.npmjs.org/@tybys%2fcross-zip - Not found
npm ERR! 404
npm ERR! 404  '@tybys/cross-zip@^3.0.4' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404 It was specified as a dependency of 'apk-mitm'
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\fahmi.rizaldi\AppData\Roaming\npm-cache\_logs\2020-08-06T08_58_33_260Z-debug.log
Install for [ 'apk-mitm@latest' ] failed with code 1

Is there anything I did incorrectly?

Thanks

Vimeo App not properly patched

I ran your script with https://apkpure.com/de/vimeo/com.vimeo.android.videoapp/download?from=details
and installed the patched apk on my phone.
Connecting to Akamai as CDN for the videos was intercepted but the api.vimeo.com which is used for login and other related functions still failed with a shady error , which roughly translates to "we don't know what went wrong".
Connecting without SSL MITM worked fine.

Certificate pinning removal not working under Windows

Please take a look at different result on Windows with same apk file.

There are two issues with current apk-mitm running in Windows.

Glob pattern only support posix path i.e forward-slashes which is different from Windows path conventions, therefore it won't be able to find any .smali files in the directory.

const smaliFiles = await globby(path.join(directoryPath, 'smali*/**/*.smali'))

METHOD_PATTERNS is derived from regex which matches Linux's new line character LF but if you decode an apk on Windows, it will have CRLF as new line character so the regex won't be able to find the match of method signatures.

Originally posted by @amsharma44 in APKLab/APKLab#37 (comment)

Not work with dragon city game

This game: https://m.apkpure.com/vn/dragon-city/es.socialpoint.DragonCity
Patched by apk-mitm but still can't capture any packet from this game.

"Resource entry already has bag item" error when re-encoding TikTok

When I try to use your tool for tiktok it says that :


  ↓ Disabling certificate pinning [skipped]
    → No certificate pinning logic found.
  > Encoding patched APK file
    ↓ Encoding using AAPT2 [skipped]
      → Failed, falling back to AAPT...
    × Encoding using AAPT [fallback]
      → I: Building resources...
    Signing patched APK file

   Failed!  An error occurred:

Error: Command failed with exit code 1: java -jar C:\Users\axel\AppData\Roaming\npm\node_modules\apk-mitm\jar\apktool.jar build C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\decode --output C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\tmp.apk
W: C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\decode\res\values-v21\styles.xml:269: error: Resource entry jb already has bag item android:windowContentTransitions.
W: C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\decode\res\values-v21\styles.xml:268: Originally defined here.
W:
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [C:\Users\axel\AppData\Local\Temp\brut_util_Jar_186089372504418090.tmp, p, --forced-package-id, 127, --min-sdk-version, 16, --target-sdk-version, 28, --version-code, 2021505420, --version-name, 15.5.42, --no-version-vectors, -F, C:\Users\axel\AppData\Local\Temp\APKTOOL24414687017095161.tmp, -e, C:\Users\axel\AppData\Local\Temp\APKTOOL1542037057808252243.tmp, -0, arsc, -I, C:\Users\axel\AppData\Local\apktool\framework\1.apk, -S, C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\decode\res, -M, C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\decode\AndroidManifest.xml]
I: Using Apktool 2.4.1
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether resources has changed...
I: Building resources...

 W: C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\decode\res\values-v21\styles.xml:269: error: Resource entry jb already has bag item android:windowContentTransitions.
W: C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\decode\res\values-v21\styles.xml:268: Originally defined here.
W:
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [C:\Users\axel\AppData\Local\Temp\brut_util_Jar_186089372504418090.tmp, p, --forced-package-id, 127, --min-sdk-version, 16, --target-sdk-version, 28, --version-code, 2021505420, --version-name, 15.5.42, --no-version-vectors, -F, C:\Users\axel\AppData\Local\Temp\APKTOOL24414687017095161.tmp, -e, C:\Users\axel\AppData\Local\Temp\APKTOOL1542037057808252243.tmp, -0, arsc, -I, C:\Users\axel\AppData\Local\apktool\framework\1.apk, -S, C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\decode\res, -M, C:\Users\axel\AppData\Local\Temp\9dfa59c4aa7e8d231e346c4464da0cba\decode\AndroidManifest.xml]

Support proxies

Hello,

Could support be added to check for environment variables for a proxy server? I'm in an environment that requires the use of a proxy server.

Thanks

objection: join forces?

I'm not sure if you are aware.
There is a tool https://github.com/sensepost/objection. It does similar patching and support both apk and ipa. It's written on a different language (python) but has more functions (frida integration etc).

So I was wondering, why don't you push your hard work to them and create a single place for all mitm tricks?

Invalid chunk type error

For some reason some APKS give this error, all I know is that the APK has some kind of obfuscation. IDK if this can be bypassed.

@edit i will try to fork and bypass it later.

vitor@vitor:~/bugbounty/projects/toketiko$ sudo apk-mitm TikTok\ Lite_v18.0.3_apkpure.com.apk 

  ╭ apk-mitm v0.12.0
  ├ apktool v2.5.0
  ╰ uber-apk-signer v1.2.1
  
  Using temporary directory:
  /tmp/apk-mitm-2a8ca65845dd7e990dda2c7babdafe45

  ✔ Downloading tools
  ✖ Decoding APK file
    → I: Loading resource table...
    Applying patches
    Encoding patched APK file
    Signing patched APK file

   Failed!  An error occurred:

I: Using Apktool 2.5.0 on TikTok Lite_v18.0.3_apkpure.com.apk
I: Loading resource table...
Exception in thread "main" brut.androlib.AndrolibException: Invalid chunk type: expected=0x00000200, got=0x00000203
	at brut.androlib.res.decoder.ARSCDecoder.checkChunkType(ARSCDecoder.java:544)
	at brut.androlib.res.decoder.ARSCDecoder.readTablePackage(ARSCDecoder.java:88)
	at brut.androlib.res.decoder.ARSCDecoder.readTableHeader(ARSCDecoder.java:82)
	at brut.androlib.res.decoder.ARSCDecoder.decode(ARSCDecoder.java:48)
	at brut.androlib.res.AndrolibResources.getResPackagesFromApk(AndrolibResources.java:790)
	at brut.androlib.res.AndrolibResources.loadMainPkg(AndrolibResources.java:67)
	at brut.androlib.res.AndrolibResources.getResTable(AndrolibResources.java:59)
	at brut.androlib.Androlib.getResTable(Androlib.java:66)
	at brut.androlib.ApkDecoder.setTargetSdkVersion(ApkDecoder.java:236)
	at brut.androlib.ApkDecoder.decode(ApkDecoder.java:118)
	at brut.apktool.Main.cmdDecode(Main.java:179)
	at brut.apktool.Main.main(Main.java:82)

Add support for arm64 aarch64 systems

Since it uses nodejs and node is available on termux pleasee make apk-mitm work on termux

Corrupted Apktool framework files cause building to fail

Because of what could be such a mistake?

invalid resource directory name: <tmp_dir>/decode/res navigation

$ time npx apk-mitm com.app.apk
npx: installed 126 in 7.604s

╭ apk-mitm v0.8.1
├ apktool v2.4.1
╰ uber-apk-signer v1.1.0

Using temporary directory:
/tmp/0f0f18ca6cfc48d6408bf653a3d7f380

✔ Downloading tools
✔ Decoding APK file
✔ Modifying app manifest
✔ Modifying network security config
✔ Disabling certificate pinning
❯ Encoding patched APK file
↓ Encoding using AAPT2 [skipped]
→ Failed, falling back to AAPT...
✖ Encoding using AAPT [fallback]
→ I: Building resources...
Signing patched APK file

Failed! An error occurred:

I: Using Apktool 2.4.1
I: Checking whether sources has changed...
[..]
I: Checking whether sources has changed...
I: Checking whether resources has changed...
I: Building resources...
W: invalid resource directory name: <tmp_dir>/decode/res navigation
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [/tmp/brut_util_Jar_7304193504753124805.tmp, p, --forced-package-id, 127, --min-sdk-version, 23, --target-sdk-version, 28, --version-code, 11210064, --version-name, 11.21.0, --no-version-vectors, -F, /tmp/APKTOOL785641988018945239.tmp, -e, /tmp/APKTOOL5119916685202249141.tmp, -0, arsc, -I, <tmp_dir>/framework/1.apk, -S, <tmp_dir>/decode/res, -M, <tmp_dir>/decode/AndroidManifest.xml]

I checked and aapt2 fails on invalid references and names that include '$', but following solves it:

apktool --use-aapt2 --no-res

Could apk-mitm use no-res, or does it need patching resources?

Support for apps using Android App Bundle

Using the same app I got patched from the previous issue I'm facing this error
I'm using a rooted Oneplus one with android 9

adb install Uber_v4.279.10002_apkpure.com-patched.apk
Performing Streamed Install
adb: failed to install Uber_v4.279.10002_apkpure.com-patched.apk: Failure [INSTALL_FAILED_NO_MATCHING_ABIS: Failed to extract native libraries, res=-113]

Error when decoding TikTok

I get the following errors when I try to patch the latest tiktok:

npx apk-mitm tiktok-10-0-4.apk
npx: installed 139 in 7.834s

  ╭ apk-mitm v0.6.2
  ├ apktool v2.4.1
  ╰ uber-apk-signer v1.1.0

  Using temporary directory:
  C:\cygwin\tmp\99c476153a366865c82410ec6e6432aa

[12:41:37] Decoding APK file [started]
[12:41:37] → Using Apktool 2.4.1 on tiktok-10-0-4.apk
[12:41:37] → Loading resource table...
[12:41:39] Decoding APK file [failed]
[12:41:39] → Command failed with exit code 1: java -jar C:\Users\User\AppData\Roaming\npm-cache\_npx\30608\node_modules\apk-mitm\jar\apktool.jar decode C:\cygwin\home\User\node\tiktok\apk\tiktok-10-0-4.apk --output C:\cygwin\tmp\99c476153a366865c82410ec6e6432aa\decode

   Failed!  An error occurred:

 Error: Command failed with exit code 1: java -jar C:\Users\User\AppData\Roaming\npm-cache\_npx\30608\node_modules\apk-mitm\jar\apktool.jar decode C:\cygwin\home\User\node\tiktok\apk\tiktok-10-0-4.apk --output C:\cygwin\tmp\99c476153a366865c82410ec6e6432aa\decode

 Exception in thread "main" brut.androlib.AndrolibException: Invalid chunk type: expected=0x00000200, got=0x00000203
        at brut.androlib.res.decoder.ARSCDecoder.checkChunkType(ARSCDecoder.java:542)
        at brut.androlib.res.decoder.ARSCDecoder.readTablePackage(ARSCDecoder.java:88)
        at brut.androlib.res.decoder.ARSCDecoder.readTableHeader(ARSCDecoder.java:82)
        at brut.androlib.res.decoder.ARSCDecoder.decode(ARSCDecoder.java:48)
        at brut.androlib.res.AndrolibResources.getResPackagesFromApk(AndrolibResources.java:786)
        at brut.androlib.res.AndrolibResources.loadMainPkg(AndrolibResources.java:67)
        at brut.androlib.res.AndrolibResources.getResTable(AndrolibResources.java:59)
        at brut.androlib.Androlib.getResTable(Androlib.java:66)
        at brut.androlib.ApkDecoder.setTargetSdkVersion(ApkDecoder.java:236)
        at brut.androlib.ApkDecoder.decode(ApkDecoder.java:118)
        at brut.apktool.Main.cmdDecode(Main.java:170)
        at brut.apktool.Main.main(Main.java:76)

Removing Root detection

To install proxy cas devices are rooted.
Banking apps and other apps try to detect if they run on a rooted device and either open nag screens or do not work at all. Maybe that could be something to make analysis easier.

error: invalid value for type 'layout'. Expected a reference.

Here some logs


   Failed!  An error occurred:

 Error: Command failed: java -jar C:\Users\Mastercho\AppData\Roaming\npm\node_modules\apk-mitm\jar\apktool.jar build C:\Users\MASTER~1\AppData\Local\Temp\0034fb560faa867748c450aa2405ed3e\decode --output C:\Users\MASTER~1\AppData\Local\Temp\0034fb560faa867748c450aa2405ed3e\unsigned.apk --use-aapt2
W: C:\Users\MASTER~1\AppData\Local\Temp\0034fb560faa867748c450aa2405ed3e\decode\res\values\layouts.xml:3: error: invalid value for type 'layout'. Expected a reference.

Can be something wrong with java? Java version is 8u231

How to deal with system applications in odex/vdex format?

Sometimes i have applications that are shipped by the device vendor as system applications that do pinning but have no apk available.
you can adb pull the system-apps but you end up with an oat folder having a vdex and an odex file for every system application.
How do we streamline the process of pulling and patching these files and install them back on the device without wiping their user data?

Disabling certificate pinning → contents.matchAll is not a function

  ╭ apk-mitm v0.11.1
  ├ apktool v2.5.0
  ╰ uber-apk-signer v1.2.1
  
  Using temporary directory:
  /tmp/apk-mitm-de00bd5101216addae0234f5e2d63d22

  ✔ Downloading tools
  ✔ Decoding APK file
  ❯ Applying patches
    ✔ Modifying app manifest
    ✔ Replacing network security config
    ✖ Disabling certificate pinning
      → contents.matchAll is not a function
    Encoding patched APK file
    Signing patched APK file

   Failed!  An error occurred:

TypeError: contents.matchAll is not a function
    at Object.parseSmaliHead [as default] (/usr/local/lib/node_modules/apk-mitm/dist/tasks/smali/parse-head.js:14:41)
    at Object.processSmaliFile [as default] (/usr/local/lib/node_modules/apk-mitm/dist/tasks/smali/process-file.js:20:43)

  The full logs of all commands are available here:
  /tmp/apk-mitm-de00bd5101216addae0234f5e2d63d22/logs

Giving error, while Building Resources phase

I am using this command:

npx apk-mitm app-release.apk

Error logs are below:

Error: Command failed: java -jar /usr/local/lib/node_modules/apk-mitm/jar/apktool.jar build /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode --output /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/unsigned.apk --use-aapt2
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/layouts.xml:3: error: invalid value for type 'layout'. Expected a reference.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6060: error: resource 'drawable/$avd_hide_password__0' has invalid entry name '$avd_hide_password__0'. Invalid character '$avd_hide_password__0'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6061: error: resource 'drawable/$avd_hide_password__1' has invalid entry name '$avd_hide_password__1'. Invalid character '$avd_hide_password__1'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6062: error: resource 'drawable/$avd_hide_password__2' has invalid entry name '$avd_hide_password__2'. Invalid character '$avd_hide_password__2'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6063: error: resource 'drawable/$avd_show_password__0' has invalid entry name '$avd_show_password__0'. Invalid character '$avd_show_password__0'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6064: error: resource 'drawable/$avd_show_password__1' has invalid entry name '$avd_show_password__1'. Invalid character '$avd_show_password__1'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6065: error: resource 'drawable/$avd_show_password__2' has invalid entry name '$avd_show_password__2'. Invalid character '$avd_show_password__2'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6071: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__10__0' has invalid entry name '$$fingerprint_dialog_error_to_fp__10__0'. Invalid character '$$fingerprint_dialog_error_to_fp__10__0'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6072: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__10__1' has invalid entry name '$$fingerprint_dialog_error_to_fp__10__1'. Invalid character '$$fingerprint_dialog_error_to_fp__10__1'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6073: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__10__2' has invalid entry name '$$fingerprint_dialog_error_to_fp__10__2'. Invalid character '$$fingerprint_dialog_error_to_fp__10__2'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6074: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__10__3' has invalid entry name '$$fingerprint_dialog_error_to_fp__10__3'. Invalid character '$$fingerprint_dialog_error_to_fp__10__3'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6075: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__11__0' has invalid entry name '$$fingerprint_dialog_error_to_fp__11__0'. Invalid character '$$fingerprint_dialog_error_to_fp__11__0'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6076: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__11__1' has invalid entry name '$$fingerprint_dialog_error_to_fp__11__1'. Invalid character '$$fingerprint_dialog_error_to_fp__11__1'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6077: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__12__0' has invalid entry name '$$fingerprint_dialog_error_to_fp__12__0'. Invalid character '$$fingerprint_dialog_error_to_fp__12__0'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6078: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__12__1' has invalid entry name '$$fingerprint_dialog_error_to_fp__12__1'. Invalid character '$$fingerprint_dialog_error_to_fp__12__1'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6079: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__12__2' has invalid entry name '$$fingerprint_dialog_error_to_fp__12__2'. Invalid character '$$fingerprint_dialog_error_to_fp__12__2'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6080: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__12__3' has invalid entry name '$$fingerprint_dialog_error_to_fp__12__3'. Invalid character '$$fingerprint_dialog_error_to_fp__12__3'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6081: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__1__0' has invalid entry name '$$fingerprint_dialog_error_to_fp__1__0'. Invalid character '$$fingerprint_dialog_error_to_fp__1__0'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6082: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__1__1' has invalid entry name '$$fingerprint_dialog_error_to_fp__1__1'. Invalid character '$$fingerprint_dialog_error_to_fp__1__1'.
W: /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res/values/public.xml:6083: error: resource 'drawable/$$fingerprint_dialog_error_to_fp__2__0' has invalid entry name '$$fingerprint_dialog_error_to_fp__2__0'. Invalid character '$$fingerprint_dialog_error_to_fp__2__0'.
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1): [/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/brut_util_Jar_3385594703786753249.tmp, compile, --dir, /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/res, --legacy, -o, /private/var/folders/1n/70zjlg_92y5dsf_rdgyr6hbh0000gn/T/d6fee2ca20bd6ff3d1ac54ceab1b4597/decode/build/resources.zip]

ApkTool - Version

Is it Possible to Make an Option that let's me Choose what version of apktool to be used in the process, because when I try to patch an app it shows an error in the decompilation stage, it's using the apktool 2.4.* I think, but when I use my apktool 2.3 to decompile it works perfect

Cannot read property '1' of null

Hi,

When I am trying to run mitm, I am getting the following error. Any leads?

PS C:\WINDOWS\system32> apk-mitm C:\Users\Spartan\Desktop\ig\123.apk

  ╭ apk-mitm v1.0.0
  ├ apktool v2.5.0
  ╰ uber-apk-signer v1.2.1

  Using temporary directory:
  C:\Users\Spartan\AppData\Local\Temp\apk-mitm-2be1f9e9eb89c90c804fb17571202453

  > Checking prerequisities
    √ Checking Node.js version
    × Checking Java version
      → Cannot read property '1' of null
      Downloading tools
    Decoding APK file
    Applying patches
    Encoding patched APK file
    Signing patched APK file

   Failed!  An error occurred:

TypeError: Cannot read property '1' of null
    at Object.getJavaVersion [as default] (C:\Users\Spartan\AppData\Roaming\npm\node_modules\apk-mitm\dist\utils\get-java-version.js:8:57)
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
    at async Task.task (C:\Users\Spartan\AppData\Roaming\npm\node_modules\apk-mitm\dist\tasks\check-prerequisites.js:21:38)

  The full logs of all commands are available here:
  C:\Users\Spartan\AppData\Local\Temp\apk-mitm-2be1f9e9eb89c90c804fb17571202453\logs

PS C:\WINDOWS\system32> java -version
java version "15" 2020-09-15
Java(TM) SE Runtime Environment (build 15+36-1562)
Java HotSpot(TM) 64-Bit Server VM (build 15+36-1562, mixed mode, sharing)

Also the logs folder it is indicating to check does not exist. Only the folder apk-mitm-2be1f9e9eb89c90c804fb17571202453 is there but it is empty.

TypeError: contents.matchAll is not a function

Im trying to patch the Lidl Plus App https://play.google.com/store/apps/details?id=com.lidl.eci.lidlplus&hl=de&gl=US
I pulled the App from my Genymotion through ADB (.\adb.exe pull /data/app/com.lidl.eci.lidlplus-1/base.apk)

Logfiles:

Any idea how to fix it?

MVGO, mparticle sub module still pinned

If you run APK MitM on the 1.1.0 xapk of de.mvg.mvgshare connections to their fraud protection identity.mparticle.com still fail due to an unknown cert.
Crawling the code right now

apktool downloading

I have already apktool on my device, why to download it again?
what should I do to avoid downloading it?

signatures are inconsistent (can't install xapk)

Victim: Zedge
Where to get xapk:
get version armeabi-v7a from https://apkpure.com/vn/zedge%E2%84%A2-wallpapers-ringtones/net.zedge.android/variant/7.8.3-XAPK
I call above downloaded file: zedge.v7a.xapk
Steps:
-- run apk-mitm zedge.v7a.xapk, a patched file will be created (its name is zedge.v7a-patched.xapk)
-- rename patched file to zedge.v7a-patched.xapk.zip, extract it to folder zedge.v7a-patched.xapk.zip
-- cd to zedge.v7a-patched.xapk.zip folder
-- install to android device, run adb install-multiple net.zedge.android.apk config.xxhdpi.apk config.en.apk config.armeabi_v7a.apk
Final log:
adb: failed to finalize session
Failure [INSTALL_FAILED_INVALID_APK: /data/app/vmdl411721873.tmp/config.xxhdpi.apk signatures are inconsistent]

The same error with all files exclude base file net.zedge.android.apk

How can I fix it?

Thank you

ENOENT: no such file or directory,

Error: ENOENT: no such file or directory, open '/tmp/54f37e5561c01f9cc2323574d7b732b9/decode/res/xml/network_security_config.xml
getting this erorr all the time and the directory actually opens it happens on the nextwork security config uartions stage

spawn java ENOENT

I tried to run using Ubuntu 18.04.4 LTS and node v14.8.0 but facing this issues?

npx apk-mitm gojek.apk
npx: installed 126 in 10.666s

  ╭ apk-mitm v0.8.1
  ├ apktool v2.4.1
  ╰ uber-apk-signer v1.1.0
  
  Using temporary directory:
  /tmp/a44a4322cefea81b10cd872b953467c3

  ✔ Downloading tools
  ✖ Decoding APK file
    → spawn java ENOENT
    Modifying app manifest
    Modifying network security config
    Disabling certificate pinning
    Encoding patched APK file
    Signing patched APK file

   Failed!  An error occurred:

Command failed with ENOENT: java -jar /home/nbnfi/.cache/apk-mitm/apktool-v2.4.1.jar decode /home/nbnfi/Downloads/gojek.apk --output <tmp_dir>/decode --frame-path <tmp_dir>/framework
spawn java ENOENT

Anyone can help? Thanks a lot!

Can't see traffic of Apple TV app

The main code of my apk i want to inspect traffic seems to be written in javascript with webpack. I patched apk with apk-mitm but no http/https traffic will be intercepted. Seems modify AndroidManifest, injecting ssl certificate is useless here or can anybody help in this case?

\assets\app : 2.js 2.js.LICENSE.txt app.js app.js.LICENSE.txt main.js

CandyCrushSaga errors

CandyCrushSaga by King has trouble connecting to mobilecrush.king.com.
HTTPCanary claims "taget app used the non-system ca certificate list" even though apk-mitm patched the apk.

shroudedcode / apk-mitm Goto Github PK

apk-mitm's People

Contributors

Stargazers

Watchers

Forkers

apk-mitm's Issues

Recommend Projects

Recommend Topics

Recommend Org

Jobs