search

sensepost / objection

📱 objection - runtime mobile exploration
GNU General Public License v3.0
7.46k stars 854 forks source link

Support for split APKs #358

Closed 036 closed 3 years ago

036 commented 4 years ago

Is your feature request related to a problem? Please describe. It would be really helpful to have support for split APKs. I'm fully aware that there are external libraries that attempt to achieve this however it would be handy to have this built into Objection. More and more APKs nowadays are split.

Describe the solution you'd like Be able to have split APKs resigned together.

Describe alternatives you've considered I've used this previously which works well

https://github.com/NickstaDB/patch-apk

It would be great to see similar functionality built within Objection.

leonjza commented 4 years ago

I would definitely recommend patch-apk by @NickstaDB for split APKs. For now we could try and detect split APKs in objection and recommend patch-apk until that ability lands natively. PR's welcome!

NickstaDB commented 4 years ago

Yeah I'd love to incorporate the split APK stuff directly into objection but it feels like a massive hack. It was thrown together to satisfy an immediate requirement rather than based on thorough research and testing. Not so keen to dump such a potential mess into objection without (a) confidence that it works well and (b) spending some time working out how to cleanly integrate the functionality into objection.

If someone beats me to it, awesome, if not it's definitely something on the to-do list but I'm making no promises as to when!

mtschirs commented 4 years ago

I gave it a try and submitted pull request #375

The idea is to simply inject the agent launcher into the APK with the main activity (usually base.apk) and then use a new command 'objection signapk' to just sign the remaining split APKs (usually split_config.*.apk).

It is possible to check if an APK is a split APK via aapt/aapt2 by searching for a splits0.xml resource (not sure if it is always there) or an android:isSplitRequired attribute in the AndroidManifest.xml (aapt dump xmltree base.apk AndroidManifest.xml | grep android:isSplitRequired). Therefore, the 'objection patchapk' command could warn the user if the current APK is a split APK and recommend the 'objection signapk' command.

Unfortunately, it is not possible to automatically identify the names of the remaining split APKs. Therefore, I currently chose to implement an additional 'objection signapk' command which requires some user interaction (typing in the remaining split APKs).

However, if the names of the split APKs could always be assumed to follow the same pattern - split_config.*.apk and base.apk - this could be automated further.