ch0pin / medusa Goto Github PK

Freestyle Libre 3
is still figuring out that the device is rooted even when we use the anti_debug helper or the Magisk Deny List

Maybe they are going for the applist or do other shenanigans

Maybe it is worth looking at
https://github.com/Dr-TSNG/Hide-My-Applist
https://github.com/Dr-TSNG/ApplistDetector
and Shamiko
to find more places to patch and detect detection?

Why do I get this error when trying to load this malware?

medusa>run -n 0
An error occurred: unable to find process with name 'system_server'

It's a sample of Android/Ermac: e578094837ef57de94414604d6a39a7966929dc04a693f20244db66fecdfdc98.

Setup: Linux, Android 13 emulator with malware installed, latest medusa from git.

ubuntu 20.04
Python 3.8.10
first,I use the list command to see all package in my phone:

the list command only showe third part packages, how can I get all the packages in the phone, including system app, platform app ?

Hi,

I would like to contribute to this repository, and I believe that others would like to do that as well.

My suggestion is to create a Gitflow workflow, which creates a workflow branching (creates a few more branches like develop) to enable others to contribute without messing arond with the master branch. More details on - https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

Intallation for MacOs

brew install git-flow

Initialization of the Git workflow

git flow init

Usage

Switch to the develop branch

git checkout develop

Do whatever changes you need to do, and perform a push to the repo.

git push -u origin develop

Note: Don't forget to pull any changes before making your own.

You'll notice that all changes are made in the develop branch, but the master will remain untouched (unless you want to merge the changes).

agent.zip

Just wanted to check if the lack of a LICENSE file is intentional or an oversight? If the latter, it would be great to get clarity on the license terms under which the code is released. Thanks!

Medusa used to list only 3rd party packages, which IMHO was a good idea because you don't have all the standard Android processes. This has been modified and now we get all packages :( To get only 3rd party packages, you should modify this line with pm list packages -3.

    def refreshPackages(self):
        self.packages = []
        for line in os.popen('adb -s {} shell pm list packages'.format(self.device.id)):
            self.packages.append(line.split(':')[1].strip('\n'))

Note the code documentation always talks about "third party packages" which is not consistent with doing pm list packages without the -3:

                        - run -n     [package num]  : Initiate a Frida session and spawn the 3rd party package 
...
                        - list                      : List 3rd party packages
...                        
    def do_list(self,line) -> None:
        """
        List installed 3rd party applications of the android device 
        """
...

However, maybe some users want all packages. Then, it would be helpful to have 2 different commands, perhaps list and list3. Beware that run -n <NUM> runs a package based on its listed number, so the number has to be the same with list or list3 and not a mere counter.

http_comnunications/
i think that should be communications instead

I am trying to analyze an application that doesn't have any activity mentioned in the manifest file or anything. I think medusa depends on the starting activity to analyze the app. So is there a way to analyze these special type of apps.

test

It seems that run and run -f cannot hook the subprocess of an application.

I'm on windows 11, Python version 3.10.7. Created venv and got no error while pip install -r requirements.txt

Traceback (most recent call last): File "C:\Users\auser\Downloads\Compressed\medusa-master\medusa.py", line 4, in <module> from libraries.dumper import dump_pkg ModuleNotFoundError: No module named 'libraries'

Hi, I am also tried with pyreadline in windows, but still i am unable to run medusa.

what i done :
First installed pyreadline
pip install pyreadline
Then imported pyreadline like this below one in both python files(medusa.py & apkutils.py)
import pyreadline as redline

This are the error logs:
Traceback (most recent call last): File "C:\Users\Administrator\Desktop\MobileTools\medusa-master\medusa.py", line 6, in <module> from libraries.defs import * File "C:\Users\Administrator\Desktop\MobileTools\medusa-master\libraries\defs.py", line 17, in <module> if 'libedit' in readline.__doc__: TypeError: argument of type 'NoneType' is not iterable

Please look out this issue.

I am new to medusa. I wanted to test the strace feature. I tried to run strace as follows:

medusa> strace com.example.myapp
Spawned package : com.example.myapp on pid 21251
----- Credits @FrenchYeti -----
[i] Type 'e' to exit the strace 
Type 'e' to exit:e

medusa>

Running the strace command launches the app. After interacting with the app for a while, I don't see any log in the terminal. How can I see the strace log ? Thanks.

Unity based applications have their own additional certificate checks like described for example in https://docs.unity3d.com/ScriptReference/Networking.CertificateHandler.ValidateCertificate.html

Your various unpinning modules are nice, but the universal and the specific ones both don't cover the Unity methods yet.
Would be nice if you could extend your toolset.

Hi, When i am trying to use medusa in windows 10, I am getting error.
Error:
Readline module not supported, so please consider this issue, and give us alternative option for this.

Many of users are using windows OS, if this issue is solved, it would be great for us to do pentest :)

When trying the InstallBurpCert feature with mango, the URL address that makes it possible to download the Medusa agent appears to be unreachable.

Log:

mango➤installagent
[?] Medusa Agent has not been downloaded, do you want to do it now ? (Y/n) Y
2024-01-03 23:01:04,638 - DEBUG - connectionpool.py:1019 -> _new_conn : Starting new HTTPS connection (1): github.com:443
2024-01-03 23:01:05,250 - DEBUG - connectionpool.py:474 -> _make_request : https://github.com:443 "GET /Ch0pin/mango/raw/main/agent.apk HTTP/1.1" 404 None

File: libraries/libmango.py
String: MEDUSA_AGENT_URL = "https://github.com/Ch0pin/mango/raw/main/agent.apk"

If I use any module and compile. when trying to run the app (i.e com.instagram.android)
I will get the error
invalid redefinition of a variable

medusa➤run -f com.instagram.android
Spawned package : com.instagram.android on pid 4754
script(line 6656): SyntaxError: invalid redefinition of a variable

in the past it used to work and I don't recall changing anything, also tried recloning Medusa, but nothing helps
any suggestions?

python medusa.py
Traceback (most recent call last): File "C:\Users\Bruno Pio\Desktop\medusa-master\medusa.py", line 6, in <module> from libraries.defs import * File "C:\Users\Bruno Pio\Desktop\medusa-master\libraries\defs.py", line 16, in <module> if 'libedit' in readline.__doc__: TypeError: argument of type 'NoneType' is not iterable

python apkutils.py
File "C:\Users\Bruno Pio\Desktop\medusa-master\apkutils.py", line 9, in <module> import pty File "C:\Program Files\Python\lib\pty.py", line 12, in <module> import tty File "C:\Program Files\Python\lib\tty.py", line 5, in <module> from termios import * ModuleNotFoundError: No module named 'termios'

Due to certain apps detecting the frida default port, is it possible to add support for devices running frida on a different port?

frida/frida#70 (comment)

hello, no matter which apk i run, it shows “ No availlable info”。

The de_reflector_2.med needs to be updated.
Error:

-----De reflection script by @0xabc0-------------------------------------
------------Error Log start-------------
Error: loadDex(): has more than one overload, use .overload(<signature>) to choose from:
        .overload('java.lang.String', 'java.lang.String', 'int')
        .overload('java.lang.String', 'java.lang.String', 'int', 'java.lang.ClassLoader', '[Ldalvik.system.DexPathList$Element;')
------------Error Log EOF---------------
[+] write catched
--------------------------START STACK-------------------------------------
Traceback (most recent call last):
  File "/home/er/Desktop/Penvs/venvMedusa/lib/python3.8/site-packages/frida/core.py", line 458, in _on_message
    callback(message, data)
  File "/home/er/datools/medusa/medusa.py", line 902, in my_message_handler
    self.fill_app_info(message["payload"])
  File "/home/er/datools/medusa/medusa.py", line 891, in fill_app_info
    self.app_info = json.loads(data)
  File "/usr/lib/python3.8/json/__init__.py", line 357, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python3.8/json/decoder.py", line 337, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib/python3.8/json/decoder.py", line 355, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

Tried to install it with a few different python versions (3.10, 3.11, 3.9, 3.8) all of them returned the same error initially:

Afterwards I changed the readline version to 6.2.4.1 and it couldn't install it, with the following error:

Commit d3349c0 renders existing Mango databases incompatible due an extra added column. To keep using the existing databases update them as follows:

ALTER TABLE "main"."Application" ADD COLUMN framework TEXT;
 
UPDATE "main"."Application" SET "framework"="None Detected";

I have successfully had the framework in my computer. Medusa could see the device and list the installed packages. So far so good. After any run attempt the shell hangs in idle for so long without any response.

To what I understood by looking at the results, the application can not be spawned by the medusa over the frida and agent... no idea why.

(I was able to spawn for checking frida, its working fine, manually able to spawn it with the frida inside medusa virtual)

Is there any solution/suggestion for virtual phone devices ?

I noticed that translator module does not load the local library utils.google_trans_new, but uses instead the one downloaded from requirements.txt.
I was having some issues in loading this module because it was using .cn domain instead .com (I don't know why but the library downloaded uses this suffix as default).
Two solutions:

• use utils.google_trans_new and remove the dependency
• intatiate translator = google_translator(url_suffix='com')

I can work on it, based on the preferred solution.

I'm on windows 11, Python version 3.10.7. Created venv and got no error while pip install -r requirements.txt

Traceback (most recent call last): File "C:\Users\auser\Downloads\Compressed\medusa-master\medusa.py", line 1431, in <module> if 'libedit' in readline.__doc__: TypeError: argument of type 'NoneType' is not iterable

I'm attempting to extract a Java cipher created by native code through JNI. The cipher 1 and 2 modules both crash the app with the following error:

09-10 02:47:00.087 15355 15355 F libc    : Fatal signal 6 (SIGABRT), code -1 (SI_QUEUE) in tid 15355 (ockly.smartlock), pid 15355 (ockly.smartlock)
09-10 02:47:00.335 15460 15460 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
09-10 02:47:00.335 15460 15460 F DEBUG   : Build fingerprint: 'Xiaomi/evolution_raphael/raphael:13/TP1A.220905.004/joey09070237:userdebug/release-keys'
09-10 02:47:00.335 15460 15460 F DEBUG   : Revision: '0'
09-10 02:47:00.335 15460 15460 F DEBUG   : ABI: 'arm64'
09-10 02:47:00.335 15460 15460 F DEBUG   : Timestamp: 2022-09-10 02:47:00.150194701+1000
09-10 02:47:00.335 15460 15460 F DEBUG   : Process uptime: 32s
09-10 02:47:00.335 15460 15460 F DEBUG   : Cmdline: com.lockly.smartlock
09-10 02:47:00.335 15460 15460 F DEBUG   : pid: 15355, tid: 15355, name: ockly.smartlock  >>> com.lockly.smartlock <<<
09-10 02:47:00.335 15460 15460 F DEBUG   : uid: 10142
09-10 02:47:00.335 15460 15460 F DEBUG   : signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------
09-10 02:47:00.335 15460 15460 F DEBUG   : Abort message: 'JNI DETECTED ERROR IN APPLICATION: java_array == null
09-10 02:47:00.335 15460 15460 F DEBUG   :     in call to GetArrayLength
09-10 02:47:00.335 15460 15460 F DEBUG   :     from java.lang.String com.pg.lockly.key.KeyManager.c(android.content.Context, java.lang.String)'
09-10 02:47:00.336 15460 15460 F DEBUG   :     x0  0000000000000000  x1  0000000000003bfb  x2  0000000000000006  x3  0000007ff2d90cb0
09-10 02:47:00.336 15460 15460 F DEBUG   :     x4  5151441f43445342  x5  5151441f43445342  x6  5151441f43445342  x7  7f7f7f7f7f7f7f7f
09-10 02:47:00.336 15460 15460 F DEBUG   :     x8  00000000000000f0  x9  0000007883cc5b10  x10 0000000000000001  x11 0000007883d3abe0
09-10 02:47:00.336 15460 15460 F DEBUG   :     x12 000000788d34a430  x13 0000000007816658  x14 0000000007816518  x15 0004dd4d066d05fe
09-10 02:47:00.336 15460 15460 F DEBUG   :     x16 0000007883daba40  x17 0000007883d84c60  x18 0000000000000000  x19 0000000000003bfb
09-10 02:47:00.336 15460 15460 F DEBUG   :     x20 0000000000003bfb  x21 00000000ffffffff  x22 0000000000000000  x23 00000077e3bd3000
09-10 02:47:00.336 15460 15460 F DEBUG   :     x24 00000077c9b9ae50  x25 0000007ff2d90eb0  x26 00000077e39c7eb8  x27 00000077e39c80e8
09-10 02:47:00.336 15460 15460 F DEBUG   :     x28 000000788d5a6000  x29 0000007ff2d90d30
09-10 02:47:00.336 15460 15460 F DEBUG   :     lr  0000007883d2b788  sp  0000007ff2d90c90  pc  0000007883d2b7b4  pst 0000000000000000
09-10 02:47:00.336 15460 15460 F DEBUG   : backtrace:
09-10 02:47:00.336 15460 15460 F DEBUG   :       #00 pc 000000000008d7b4  /apex/com.android.runtime/lib64/bionic/libc.so (abort+164) (BuildId: a43465f08784f70d77ac238baab9dee2)
09-10 02:47:00.336 15460 15460 F DEBUG   :       #01 pc 0000000000000108  <anonymous:786f330000>

This is the error I get when I try to use it:

Error: java.lang.ClassNotFoundException: Didn't find class "okio.ByteString" on path: DexPathList[[zip file "/data/app/com.nslah.ieg.tzzi.hkb-Y9Z6MzBn4tinDfbGgmDy5g==/base.apk"],nativeLibraryDirectories=[/data/app/com.nslah.ieg.tzzi.hkb-Y9Z6MzBn4tinDfbGgmDy5g==/lib/x86_64, /system/lib64, /system/product/lib64]]
    at <anonymous> (frida/node_modules/frida-java-bridge/lib/env.js:124)
    at <anonymous> (frida/node_modules/frida-java-bridge/lib/class-factory.js:502)
    at value (frida/node_modules/frida-java-bridge/lib/class-factory.js:945)
    at value (frida/node_modules/frida-java-bridge/lib/class-factory.js:950)
    at _make (frida/node_modules/frida-java-bridge/lib/class-factory.js:165)
    at use (frida/node_modules/frida-java-bridge/lib/class-factory.js:62)
    at use (frida/node_modules/frida-java-bridge/index.js:258)
    at <anonymous> (/script1.js:1290)
    at <anonymous> (frida/node_modules/frida-java-bridge/lib/vm.js:12)
    at _performPendingVmOps (frida/node_modules/frida-java-bridge/index.js:250)
    at <anonymous> (frida/node_modules/frida-java-bridge/index.js:242)
    at apply (native)
    at ne (frida/node_modules/frida-java-bridge/lib/class-factory.js:673)
    at <anonymous> (frida/node_modules/frida-java-bridge/lib/class-factory.js:651)

• Sample: c1642ac3f729701223043b16ac2c6c5f64adc7080f474c181067b0f1335218f2

Error logs:

raceback (most recent call last): File "C:\Users\Administrator\Desktop\MobileTools\MEDUSA\apkutils.py", line 10, in <module> import pty File "C:\Program Files\Python\lib\pty.py", line 12, in <module> import tty File "C:\Program Files\Python\lib\tty.py", line 5, in <module> from termios import * ModuleNotFoundError: No module named 'termios'

Hello,
I am trying to run python3 medusa.py, and get this error:

Traceback (most recent call last):
File "/Users/myuser/workspace/git/Ch0pin/medusa/medusa.py", line 4, in
import cmd2
ModuleNotFoundError: No module named 'cmd2'

Any solution?

Hi, first of all thanks for this tool. I was reading the code, and noticed there's some room for improvements.

Few examples:

def isNewInstallation():
	if (os.path.exists(rootDir)==False):
		myPrint("Thank you for installing APKEnum", "OUTPUT_WS")
		os.mkdir(rootDir)
		return True
	else:
		return False

The above function could be rewritten for easier readability like this:

def isNewInstallation():
        if os.path.exists(rootDir):
                return False

	myPrint("Thank you for installing APKEnum", "OUTPUT_WS")
	os.mkdir(rootDir)
	return True

Class parenthesis are redundant in python3, and since medusa doesn't support python2 they are no longer needed:

class nativeHandler() -> class nativeHandler

The parenthesis here are also redundant:

if(type=="INFO"):
	print(bcolors.INFO+bcolors.BOLD+text+bcolors.ENDC)
	return

Could just be:

if type == "INFO":
	print(bcolors.INFO+bcolors.BOLD+text+bcolors.ENDC)
	return

And a lot more..I think it'd be better to have well formatted code that follows the best practices. LMK if you care about this at all, and I can create some PRs.

Greetings!

While using medusa I encountered an error which prevented me from using a mod combination I wanted.

The error is:

script(line 1250): SyntaxError: invalid redefinition of a variable

I was using the following mods at the time:

Current Mods:
0) helpers/anti_debug
1) JNICalls/FindClass
2) code_loading/native_libs
3) code_loading/dump_dex

I cloned at commit 676cbb8.

Regards,
Iscle

which version of frida server it supports

Mango does not launch. This is running from a Python virtual environment where I did pip3 install -r requirements.txt
I have python 3.10

$ python3 mango.py 
Traceback (most recent call last):
  File "/home/axelle/softs/medusa/mango.py", line 1, in <module>
    from androguard.misc import AnalyzeAPK
  File "/home/axelle/softs/medusa/venv/lib/python3.10/site-packages/androguard/misc.py", line 1, in <module>
    from androguard.session import Session
  File "/home/axelle/softs/medusa/venv/lib/python3.10/site-packages/androguard/session.py", line 5, in <module>
    from androguard.core.analysis.analysis import Analysis
  File "/home/axelle/softs/medusa/venv/lib/python3.10/site-packages/androguard/core/analysis/analysis.py", line 11, in <module>
    import networkx as nx
  File "/home/axelle/softs/medusa/venv/lib/python3.10/site-packages/networkx/__init__.py", line 59, in <module>
    from networkx import utils
  File "/home/axelle/softs/medusa/venv/lib/python3.10/site-packages/networkx/utils/__init__.py", line 2, in <module>
    from networkx.utils.decorators import *
  File "/home/axelle/softs/medusa/venv/lib/python3.10/site-packages/networkx/utils/decorators.py", line 1, in <module>
    import bz2
  File "/usr/local/lib/python3.10/bz2.py", line 17, in <module>
    from _bz2 import BZ2Compressor, BZ2Decompressor
ModuleNotFoundError: No module named '_bz2'

This is pip3 list:

$ pip3 list
Package           Version
----------------- ---------
androguard        3.3.5
asn1crypto        1.5.1
asttokens         2.1.0
attrs             22.1.0
backcall          0.2.0
certifi           2022.9.24
chardet           4.0.0
click             8.0.3
cmd2              2.3.3
colorama          0.4.4
contourpy         1.0.6
cycler            0.11.0
decorator         5.1.1
executing         1.2.0
fonttools         4.38.0
frida             15.1.13
future            0.18.2
google-trans-new  1.1.9
idna              2.10
ipython           8.6.0
jedi              0.18.1
kiwisolver        1.4.4
lxml              4.9.1
matplotlib        3.6.2
matplotlib-inline 0.1.6
networkx          2.8.8
numpy             1.23.4
packaging         21.3
parso             0.8.3
pexpect           4.8.0
pickleshare       0.7.5
Pillow            9.3.0
pip               22.3.1
prompt-toolkit    3.0.32
ptyprocess        0.7.0
pure-eval         0.2.2
pydot             1.4.2
Pygments          2.13.0
pyparsing         3.0.9
pyperclip         1.8.2
python-dateutil   2.8.2
readline          6.2.4.1
requests          2.25.1
setuptools        58.1.0
six               1.16.0
stack-data        0.6.1
traitlets         5.5.0
urllib3           1.26.12
wcwidth           0.2.5

Using Python 3.10, Mango fails with a Python error (see issue #30) , and worse Medusa creates a core dump (see issue #31 ). On some OS, Python 3.10 is now the default python version, so it would be nice that it is supported.

Meanwhile, I have a workaround: creation of a Dockerfile using Python 3.8.
See below. There are currently a few patches to do on requirements.txt (missing google_trans_new + bad version of readline), but probably those will be fixed soon (see issue #29 ).

FROM alpine/git as clone
WORKDIR /opt
RUN git clone https://github.com/ch0pin/medusa

FROM python:3.8-bullseye
RUN mkdir -p /opt/medusa
COPY --from=clone /opt/medusa /opt/medusa
WORKDIR /opt/medusa
RUN apt-get update && apt-get install -yqq android-tools-adb
RUN pip install --upgrade pip && pip install wheel
RUN cd /opt/medusa && sed -i 's/readline==6.2.4.2/readline/g' requirements.txt && echo "google_trans_new" >> requirements.txt && pip install -r requirements.txt
EXPOSE 5554
EXPOSE 5555
EXPOSE 5900
EXPOSE 5037

CMD [ "python3",  "medusa.py" ]

Then, build the docker image: docker build -t medusa:2022.11 .
Then, run the docker image. docker run --rm -it --name medusa --net=host medusa:2022.11 . Do not forget --net=host to share access to your local Android emulator.

Another solution is probably to create a Python virtual environment using Python 3.8 (virtualenv -p /usr/bin/python3.8 venv). It failed on my OS for obscure reasons, probably a messy config on my side.

I can't find things like the Xiaomi Marketplace or hook the System Updater , either it is not there or it says "no frontend", which for a XIamoi System Update is not true.
The google PlayStore is calling out to other services and does not all http requests to the backend servers.

Hello

First I got this error
C:\Users\Hoxar46\Downloads\medusa-master\medusa-master>python3 medusa.py Traceback (most recent call last): File "C:\Users\Hoxar46\Downloads\medusa-master\medusa-master\medusa.py", line 1997, in <module> if 'libedit' in readline.__doc__: TypeError: argument of type 'NoneType' is not iterable

I tried to install pyreadline as per your suggestion after this i got below error

My python version
C:\Users\Hoxar46\Downloads\medusa-master\medusa-master>python3 --version Python 3.10.11

C:\Users\Hoxar46\Downloads\medusa-master\medusa-master>python3 medusa.py Traceback (most recent call last): File "C:\Users\Hoxar46\Downloads\medusa-master\medusa-master\medusa.py", line 2, in <module> import subprocess, platform, os, sys, readline, time, argparse, requests, re File "C:\Users\Hoxar46\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\site-packages\readline.py", line 34, in <module> rl = Readline() File "C:\Users\Hoxar46\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\site-packages\pyreadline\rlmain.py", line 422, in __init__ BaseReadline.__init__(self) File "C:\Users\Hoxar46\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\site-packages\pyreadline\rlmain.py", line 62, in __init__ mode.init_editing_mode(None) File "C:\Users\Hoxar46\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\site-packages\pyreadline\modes\emacs.py", line 633, in init_editing_mode self._bind_key('space', self.self_insert) File "C:\Users\Hoxar46\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\site-packages\pyreadline\modes\basemode.py", line 162, in _bind_key if not callable(func): File "C:\Users\Hoxar46\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\site-packages\pyreadline\py3k_compat.py", line 8, in callable return isinstance(x, collections.Callable) AttributeError: module 'collections' has no attribute 'Callable'

On Linux, I got this error "No module named 'readline'" when launching medusa.py. It can be solved by adding readline to the list of requirements.txt.

Error:

$ python3 medusa.py 
Readline features including tab completion have been disabled because
no supported version of readline was found. To resolve this, install
pyreadline on Windows or gnureadline on Mac.

Traceback (most recent call last):
  File "/home/axelle/softs/medusa/medusa.py", line 6, in <module>
    import readline
ModuleNotFoundError: No module named 'readline'

Quick Solution: pip3 install readline.
Better solution: add it to requirements.txt

A great feature mango could have is to pull, patch and install bundled apks. More specifically

• pull base.apk and all the split_config* apks
• patch base.apk and sign all the split_config* apks with the same key
• install-multiple apks (base + split_config)

Nowadays having bundled apks is quite common and this feature could greatly improve the usage surface.
Let me know if this feature could be useful, I can work on that

modules/cordova/cordova_enable_debugging.med miss '}'

I run medusa.py, it launches all right, but when I try to attach to the emulator, I get a core dump:

Available devices:

0) Device(id="local", name="Local System", type='local')
1) Device(id="socket", name="Local Socket", type='remote')
2) Device(id="emulator-5554", name="Android Emulator 5554", type='usb')

Enter the index of the device to use: 2
double free or corruption (out)
Aborted (core dumped)

• I am using Python 3.10
• The issue occurs with Frida 15.1.13 and 16.0.2. I have tested Frida on its own and it works, I can hook no problem.
• The Android emulator is Android 10.
• This is on Linux Mint 21

I am testing the modules under the file_system category. The scenario I am trying to test is to see whether the medusa modules can log a PDF file download operation done by a browser. I tested a browser using the following modules:

medusa> use file_system/file_write 

Current Mods:
0) file_system/get_catch_directory
1) file_system/input_output
2) file_system/file_write

If I test with all file_system modules, the browser crashes on launch, so I picked the above three. After launching the browser (using run -f), I can see file writes logged by medusa, but cannot see any log for the PDF download operation. I suspect the browser may have forked a process to do the download. Any suggestions on how to use file_system modules if some operation may happen in a forked process ?