Git Product home page Git Product logo

cve-2017-13156-janus's Introduction

CVE-2017-13156-Janus 复现

攻击者利用Janus漏洞(CVE-2017-13156)可以绕过Android系统的signature scheme V1签名机制,任意修改应用代码而不影响其签名。Android的签名机制用来防护应用被篡改,正常来说,应用被修改了,需要重新对其签名,否则无法安装到设备上。应用在安装时,系统会校验apk的签名,如果签名不存在或者校验失败,系统会拒绝安装。由于攻击者不具有开发者的私钥,所以他会使用其他私钥对该应用进行重签名,这时会出现签名不一致的情况。应用校验签名,可以在一定程度上发现应用是否被篡改。但是Janus漏洞允许攻击者篡改应用而不影响签名,这样二次开发的应用可以覆盖官方应用,带来一定程度的危害。

著作权归作者所有。商业转载请联系作者获得授权,非商业转载请注明出处。

影响范围: Android 5.0-8.0

.
|____a.dex 修改的dex
|____target.apk 修改后的apk
|____app
|____janus.py 修改脚本
|____Janus.jar 修改的jar
|____cla.dex 修改的dex
|____README.md 
|____a.apk
|____f.apk
|____app-release.apk 原apk

jar:

java -jar Janus.jar Janus [dex_file] [apk_file] [output_file]
java -jar Janus.jar Janus a.dex app-release.apk a.apk

python:

python janus.py [dex_file] [apk_file] [output_file]
> python janus.py a.dex app-release.apk a.apk

尝试的步骤:
1.生成原apk
2.baksmail解压初smali 修改字符
3.重新smali打包成dex
4.使用poc生成新apk
5.加toast
6.多写点log 对比log
7.你可以先在原来的java上改,再编译一个新的apk,再用新的apk的dex注入进去看看
8.改过的dex里面弄一个特有的函数,hook就代表有执行

尝试6.0.1小米手机测试未成功 安装成功未执行代码
尝试6.0.1nexus手机测试未成功 安装成功未执行代码
尝试4.4.3sony手机测试未成功 未安装成功
猜测手机打了补丁

别人复现的
python poc
java poc
Janus签名漏洞(CVE-2017-13156)原理与利用分析
安天移动安全:Janus高危漏洞深度分析
Janus漏洞分析

cve-2017-13156-janus's People

Contributors

tea9 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.