search

bytedance / appshark

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
Apache License 2.0
1.49k stars 165 forks source link

SignInfo没有具体实现 #58

Open firmianay opened 9 months ago

firmianay commented 9 months ago

师傅,这个是没写还是开源删掉了,有没有建议的实现方式?

@Serializable
data class BasicInfo(
    var AppInfo: AppInfo? = null,
    var ComponentsInfo: MutableMap<String, MutableMap<String, ComponentDescription>>? = null,
    var PermissionInfo: MutableList<String>? = null,
    var SignInfo: SignInfo? = null,
    var JSNativeInterface: List<String>? = null
)

@Serializable
data class SignInfo(
    @SerialName("Is signed v1") var isSignedV1: Boolean,
    @SerialName("Is signed v2") var isSignedV2: Boolean,
    @SerialName("Is signed v3") var isSignedV3: Boolean,
    var certs: MutableList<Cert>,
    var pkeys: MutableList<String>
)
nkbai commented 9 months ago

这些主要是通过Manifest获取的,有一部分没有开源。

firmianay commented 9 months ago

SignInfo不在Manifest里吧,是调shell脚本用apksigner实现的吗?