search

redballoonsecurity / ofrak

OFRAK: unpack, modify, and repack binaries.
https://ofrak.com
Other
1.86k stars 127 forks source link

apktool is_tool_installed() not working correctly. #388

Closed sprout42 closed 11 months ago

sprout42 commented 11 months ago

What is the problem? (Here is where you provide a complete Traceback.) The dependency check for apktool using the --help argument does not result in a successful return code which prevents a properly installed apktool from being detected.

$ ofrak deps --missing-only
[ ] apktool
        https://ibotpeaches.github.io/Apktool/
        [ApkPacker, ApkUnpacker]
[ ] binwalk
        https://github.com/ReFirmLabs/binwalk
        [BinwalkAnalyzer]
[ ] java
        https://openjdk.org/projects/jdk/11/
        [ApkPacker]
[ ] python-lzo
        https://github.com/jd-boyd/python-lzo
        [UbiPacker, UbiIdentifier, UbifsUnpacker, UbiUnpacker, UbiAnalyzer, UbifsIdentifier, UbifsAnalyzer]

$ apktool --help
Unrecognized option: --help
Apktool v2.5.0-dirty - a tool for reengineering Android apk files
with smali v2.4.0-debian and baksmali v2.4.0-debian
Copyright 2010 Ryszard Wiśniewski <brut.alll@gmail.com>
Copyright 2010 Connor Tumbleson <connor.tumbleson@gmail.com>

usage: apktool
 -advance,--advanced   prints advance information.
 -version,--version    prints the version then exits
usage: apktool if|install-framework [options] <framework.apk>
 -p,--frame-path <dir>   Stores framework files into <dir>.
 -t,--tag <tag>          Tag frameworks using <tag>.
usage: apktool d[ecode] [options] <file_apk>
 -f,--force              Force delete destination directory.
 -o,--output <dir>       The name of folder that gets written. Default is apk.out
 -p,--frame-path <dir>   Uses framework files located in <dir>.
 -r,--no-res             Do not decode resources.
 -s,--no-src             Do not decode sources.
 -t,--frame-tag <tag>    Uses framework files tagged by <tag>.
usage: apktool b[uild] [options] <app_path>
 -f,--force-all          Skip changes detection and build all files.
 -o,--output <dir>       The name of apk that gets written. Default is dist/name.apk
 -p,--frame-path <dir>   Uses framework files located in <dir>.

For additional info, see: https://ibotpeaches.github.io/Apktool/ 
For smali/baksmali info, see: https://github.com/JesusFreke/smali

Please provide some information about your environment.

$ python3 -c "import sys;print(sys.executable)" /usr/bin/python3

- `apktool` installed through `apt`
- `ofrak` installed through `pip` in a clean virtual environment

python -m pip freeze aiohttp==3.8.6 aiohttp-cors==0.7.0 aiosignal==1.3.1 async-timeout==4.0.3 attrs==23.1.0 beartype==0.12.0 black==23.3.0 cffi==1.16.0 charset-normalizer==3.3.0 click==8.1.7 cstruct==5.2 fdt==0.3.3 frozenlist==1.4.0 gitdb==4.0.10 GitPython==3.1.32 idna==3.4 immutabledict==2.2.0 importlib-metadata==6.8.0 intervaltree==3.1.0 jefferson==0.4.5 keystone-engine==0.9.2 lief==0.12.3 lzallright==0.2.3 multidict==6.0.4 mypy-extensions==1.0.0 ofrak==3.2.0.post0 ofrak-io==1.1.0 ofrak-patch-maker==4.0.2 ofrak-type==2.2.0 orjson==3.8.14 packaging==23.2 pathspec==0.11.2 pefile==2023.2.7 platformdirs==3.11.0 pycdlib==1.12.0 pycparser==2.21 python-magic==0.4.27 reedsolo==1.7.0 smmap==5.0.1 sortedcontainers==2.2.2 synthol==0.1.1 tomli==2.0.1 typeguard==2.13.3 typing-inspect==0.7.1 typing_extensions==4.8.0 ubi-reader==0.8.5 xattr==0.10.1 yarl==1.9.2 zipp==3.17.0


**If you've discovered it, what is the root cause of the problem?**
The `--help` option provided as the `install_check_arg` isn't supported by `apktool`resulting in a return code of 1 from the `apktool`
https://github.com/redballoonsecurity/ofrak/blob/6aa48f99a63a0a5f8fd37101f16d1b38172a1305/ofrak_core/ofrak/core/apk.py#L25C86-L25C94

$ apktool --help > /dev/null Unrecognized option: --help $ echo $? 1

If the tool is run with no arguments it will return a success value of 0

$ apktool > /dev/null $ echo $? 0


**How often does the issue happen?**
every time

**What are the steps to reproduce the issue?**
1. install `apktool` through apt
2. install `ofrak`
3. run `ofrak deps --missing-only` 

**How would you implement this fix?**
change the `"--help"` `install_check_arg` to an empty string:

APKTOOL = ComponentExternalTool("apktool", "https://ibotpeaches.github.io/Apktool/", "")



**Are there any (reasonable) alternative approaches?**
This seems pretty simple and straight forward.

**Are you interested in implementing it yourself?**
Not at the moment.
rbs-jacob commented 11 months ago

Thanks again for reporting this!