Closed aoprea1982 closed 4 years ago
Additional information
I build the CPU specific apk from the source in the newest Android Studio. It resolved the issue that i had with OMTG_DATAST_001_SharedPreferences which showed MODE_WORLD_READABLE no longer supported
when using https://github.com/OWASP/MSTG-Hacking-Playground/releases/download/1.0/MSTG-Android-Java.apk
but
this issue remains could not find "libnative.so"
splits { abi { enable true reset() include 'x86', 'x86_64', 'armeabi', 'armeabi-v7a', 'mips', 'mips64', 'arm64-v8a' universalApk true } }
I used arm64-v8a.apk.
"libnative.so" is included in the debug .apk https://github.com/OWASP/MSTG-Hacking-Playground/tree/master/Android/MSTG-Android-Java-App/app but not in the release apk https://github.com/OWASP/MSTG-Hacking-Playground/releases
Is there a reason for this choice? OMTG_DATAST_001_SQLite_Encrypte needs the "libnative.so" library to work.
Thanks!
Hi @aoprea1982. Thanks for pointing out. Not sure why this was missed back then. The native library should of course also be part of the release build. In the meanwhile you can use the debug version, once I have some time I will replace the release version with the libnative.so.
Hi @sushi2k
Thank you for the reply.
Using the debug apk also not working with OMTG_DATAST_001_SQLite_Encrypted in the end it asks for "libutils.so"
Also the debug version (app-arm-debug.apk) has the answer inside before running the Activity.
Thanks!
Hi @sushi2k
Thank you for the reply.
Using the debug apk also not working with OMTG_DATAST_001_SQLite_Encrypted in the end it asks for "libutils.so"
Also the debug version (app-arm-debug.apk) has the answer inside before running the Activity.
Thanks!
I was just building the project and updating also to androidx libraries, but I am also getting the libnative.so missing error. For some reason the library is not created anymore. Need to dig a bit deeper.
Thanks again for raising @aoprea1982. I just fixed it https://github.com/OWASP/MSTG-Hacking-Playground/pull/28.
You can download the APK here https://github.com/OWASP/MSTG-Hacking-Playground/releases/tag/1.1. Let me know if there are still issues. I tested it on two devices (Google Pixel 3 and Xiaomi) and was working.
OMTG_DATAST_001_SQLite_Encrypted crashing in Nexus5X 7.1.1 and genymotion 9.0
logcat
AndroidRuntime: Shutting down VM ACRA caught a UnsatisfiedLinkError for sg.vp.owasp_mobile.omtg_android : java.lang.UnsatisfiedLinkError: dalvik.system.PathClassLoader[DexPathList[[zip file "/data/app/sg.vp.owasp_mobile.omtg_android-gzd4nYb_MOhksMCvv3KBDQ==/base.apk"],nativeLibraryDirectories=[/data/app/sg.vp.owasp_mobile.omtg_android-gzd4nYb_MOhksMCvv3KBDQ==/lib/x86, /system/lib, /system/vendor/lib]]] couldn't find "libnative.so"
The issue is similar for both physical device and emulator.
There is no libnative.so in the repository. Physical device: use releases .apk , emulator: build it
Please let me know if more information is needed?
Thanks, Tsubasa