Git Product home page Git Product logo

apkvulcheck's Introduction

安卓漏洞扫描工具简介
0x1目前支持的漏洞类型:
1、任意文件读写漏洞
2、密钥硬编码漏洞
3、强制类型转换本地拒绝服务漏洞
4、系统组件本地拒绝服务漏洞
5、Intent Schema URL漏洞
6、Content Provider组件本地SQL注入漏洞
7、代码动态加载安全检测
8、证书弱校验
9、主机名弱校验
10、HTTPS敏感数据劫持漏洞
11、Hash算法不安全
12、AES弱加密
13、Locat泄露隐私信息
14、日志泄漏风险
15、PendingIntent误用风险
16、Intent隐式调用
17、数据库文件任意读写
18、WebView系统隐藏接口漏洞检测
19、WebView组件远程代码执行漏洞检测
20、WebView忽略SSL证书错误检测
21、WebView明文存储密码
22、SharedPreferences任意读写
23、任意文件读写
24、随机数使用不安全
25、组件权限检查
26、应用是否可调式检查
27、应用权限检查
28、应用自定义权限检查
30、应用备份漏洞检查
31、顺网恶意sdk检测
其他:恶意sdk&广告sdk等。
0x2 使用方法:

命令行参数:
args:
	--taskpath [apkpath]
	--output json/html

examples:
	python AndroidCodeCheck.py --taskpath [path to apk] --output json

0x3 报告输出
报告输出路径在report下
1、json格式
结果以json格式输出,方便和其他的系统集成。
2、html格式
请使用浏览器查看。

0x4 更新说明

2020/7/18
支持了一下python3,调整了下项目结构.

2019/3/14更新说明
支持顺网恶意sdk检测,如需检测apk中是否使用了顺网恶意sdk,请及时更新规则库。

2018/8/2更新说明
增加了对应用是否可调式的判断
2018/8/2更新说明
增加了对应用加固类型识别的插件
现在支持的识别厂商有:
娜迦
娜迦企业版
爱加密
爱加密企业版
梆梆免费版
360
通付盾
网秦
百度
阿里聚安全
腾讯
腾讯御安全
网易易盾
APKProtect
几维安全
顶像科技
盛大
瑞星

2018/8/1更新说明
增加了对manifest.xml文件的解析,据此获得apk文件的一些信息,包括:
1、包名信息
2、申请的权限信息
3、自定义的权限信息
4、组件信息,包括四大组件(activity,service,receiver,provider)
漏洞判断主要增加了:
1、针对activity,service,receiver,provider四大组件的导出属性进行判断
2、增加了备份漏洞的判断

如果你有什么建议愿意交流一下,请联系我:
qq:747289639
email:[email protected]

apkvulcheck's People

Contributors

zsdlove avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

secsystem deelmind liusec whoami-whoami gitsucce-zz webvul dstmath cclauss test123test111 banana42 shuixi2013 lifeqiuzhi520 whocare2014 orf53975 joeyxy doself yogistudio hanlen520 cc06 slowmistio 0x6b7966 blinkvoid liberatorqjw 485653 wyu0hop re13orn safebaseline xysh90hou kakakpy blueroutecn skyblueeternal trysec crackercat kuustudio goly1234 edgaraaa jerry888888 victor0013 ninovalboskoni zhou3299136 laashub-soa mmg1 yuknight wang0098 luoyeatl howsson zhangyouliang echocipher hll163 loy2000 yut0u test502git yangkf1985 bill-bil humiaochao hhqqyy jeremy-chua kangd1w2 lindatas fishso land-thedev yzcrnx vvan9 afwu xianlimei gaozzr benniedaniel hustwyk orangice1997 a099 shen771 dr0v nyzx0322 lancerandass 4everzain hexi muxi166 cjrcjr wouijvziqy xiaoqin00 williamstao andyoulovexy chgsyh cyanogencyanogen engblomjhn

apkvulcheck's Issues

代码逻辑错误

##flag逻辑判断错误,所以app均被判断为未加固。需更改else中的条件为pass
并将flag初始为 false
def packerDetector(apkpath):
packerType=""
packersign=""
flag=False
zipfiles=zipfile.ZipFile(apkpath)
nameList=zipfiles.namelist()
for fileName in nameList:
for packer in packer_features.keys():
if packer in fileName:
flag=True
packerType=packer_features[packer]
packersign=packer
break
else:
pass

TypeError: can only concatenate str (not "bytes") to str 

 ❯ python AndroidCodeCheck.py --taskpath ~/Downloads/com.wingjoy.dynastyLife.apk
[init] - Decode the AndroidManifest.xml file Successfully!
outputpath=>/tmp/hades/result/com68825
[init] - Decompile the dex file Successfully.
Traceback (most recent call last):
  File "AndroidCodeCheck.py", line 294, in <module>
    startprocess()
  File "/Users/s/Desktop/TestTools/ApkVulCheck/venv/lib/python3.8/site-packages/click/core.py", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/Users/s/Desktop/TestTools/ApkVulCheck/venv/lib/python3.8/site-packages/click/core.py", line 782, in main
    rv = self.invoke(ctx)
  File "/Users/s/Desktop/TestTools/ApkVulCheck/venv/lib/python3.8/site-packages/click/core.py", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/Users/s/Desktop/TestTools/ApkVulCheck/venv/lib/python3.8/site-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "AndroidCodeCheck.py", line 285, in startprocess
    apkAnalysis().fastScanEngine({
  File "AndroidCodeCheck.py", line 27, in wrapper
    ret=func(*args,**kwargs)
  File "AndroidCodeCheck.py", line 152, in fastScanEngine
    cptcheck.run()
  File "/Users/s/Desktop/TestTools/ApkVulCheck/plugin/manifestAnalysis.py", line 138, in run
    self.android_manifest_check()
  File "/Users/s/Desktop/TestTools/ApkVulCheck/plugin/manifestAnalysis.py", line 122, in android_manifest_check
    self.getUsesPermission(node)  # usespermission
  File "/Users/s/Desktop/TestTools/ApkVulCheck/plugin/manifestAnalysis.py", line 37, in getUsesPermission
    logging.info("- [VulScanEngine] " + "申请的权限名为:" + node.getAttribute('android:name').encode("utf-8"))
TypeError: can only concatenate str (not "bytes") to str

Undefined names: banner_begin(), banner_finished(), banner_new()

flake8 testing of https://github.com/zsdlove/ApkVulCheck on Python 3.7.0

$ flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics

./AndroidCodeCheck.py:94:2: F821 undefined name 'banner_begin'
	banner_begin()
 ^
./AndroidCodeCheck.py:112:2: F821 undefined name 'banner_begin'
	banner_begin()
 ^
./AndroidCodeCheck.py:113:2: F821 undefined name 'banner_finished'
	banner_finished()
 ^
./AndroidCodeCheck.py:382:2: F821 undefined name 'banner_new'
	banner_new()
 ^
4     F821 undefined name 'banner_begin'
4

methodCallGenerator.py

ApkVulCheck/lib/methodCallGenerator.py
332行 parser=SmaliParser("smalipath,"smali")
有错误

list index out of range

root@kali202003:~/ApkVulCheck-master# python2 AndroidCodeCheck.py --taskpath fixxB14976.apk --output json
[init] - Decode the AndroidManifest.xml file Successfully!
outputpath=>/tmp/hades/result/fixxB1497658193
Exception in thread "main" org.jf.dexlib2.dexbacked.DexBackedDexFile$NotADexFile: Invalid magic value: 64 65 78 0a 30 33 37 00
at org.jf.dexlib2.dexbacked.DexBackedDexFile.verifyMagicAndByteOrder(DexBackedDexFile.java:151)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:70)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:96)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:79)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:54)
at org.jf.baksmali.main.main(main.java:247)
[init] - Decompile the dex file Successfully.
sh: 1: lib/aapt2: Exec format error
Traceback (most recent call last):
File "AndroidCodeCheck.py", line 294, in
startprocess()
File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 829, in call
return self.main(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "AndroidCodeCheck.py", line 288, in startprocess
"output":kwargs.get("output")
File "AndroidCodeCheck.py", line 27, in wrapper
ret=func(*args,**kwargs)
File "AndroidCodeCheck.py", line 166, in fastScanEngine
apkname=os.popen("lib/aapt2 dump badging %s |grep application-label:" % filepath).read().replace("\n","").split(":")[1].replace("'","")
IndexError: list index out of range

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.