search

shroudedcode / apk-mitm

🤖 A CLI application that automatically prepares Android APK files for HTTPS inspection
https://npm.im/apk-mitm
MIT License
3.78k stars 344 forks source link

Invalid chunk type error #48

Closed VitorBlog closed 3 years ago

VitorBlog commented 3 years ago

For some reason some APKS give this error, all I know is that the APK has some kind of obfuscation. IDK if this can be bypassed.

@edit i will try to fork and bypass it later.

vitor@vitor:~/bugbounty/projects/toketiko$ sudo apk-mitm TikTok\ Lite_v18.0.3_apkpure.com.apk 

  ╭ apk-mitm v0.12.0
  ├ apktool v2.5.0
  ╰ uber-apk-signer v1.2.1

  Using temporary directory:
  /tmp/apk-mitm-2a8ca65845dd7e990dda2c7babdafe45

  ✔ Downloading tools
  ✖ Decoding APK file
    → I: Loading resource table...
    Applying patches
    Encoding patched APK file
    Signing patched APK file

   Failed!  An error occurred:

I: Using Apktool 2.5.0 on TikTok Lite_v18.0.3_apkpure.com.apk
I: Loading resource table...
Exception in thread "main" brut.androlib.AndrolibException: Invalid chunk type: expected=0x00000200, got=0x00000203
    at brut.androlib.res.decoder.ARSCDecoder.checkChunkType(ARSCDecoder.java:544)
    at brut.androlib.res.decoder.ARSCDecoder.readTablePackage(ARSCDecoder.java:88)
    at brut.androlib.res.decoder.ARSCDecoder.readTableHeader(ARSCDecoder.java:82)
    at brut.androlib.res.decoder.ARSCDecoder.decode(ARSCDecoder.java:48)
    at brut.androlib.res.AndrolibResources.getResPackagesFromApk(AndrolibResources.java:790)
    at brut.androlib.res.AndrolibResources.loadMainPkg(AndrolibResources.java:67)
    at brut.androlib.res.AndrolibResources.getResTable(AndrolibResources.java:59)
    at brut.androlib.Androlib.getResTable(Androlib.java:66)
    at brut.androlib.ApkDecoder.setTargetSdkVersion(ApkDecoder.java:236)
    at brut.androlib.ApkDecoder.decode(ApkDecoder.java:118)
    at brut.apktool.Main.cmdDecode(Main.java:179)
    at brut.apktool.Main.main(Main.java:82)
shroudedcode commented 3 years ago

This is an issue with Apktool that has already been fixed, but that hasn't been released yet (which is why apk-mitm doesn't ship it yet). What you can do is build Apktool yourself and then run apk-mitm with the --apktool <path-to-jar> flag to make it use the custom version.

VitorBlog commented 3 years ago

Solved, thx.

VitorBlog commented 3 years ago

For the lazy people, here is my build: apktool-cli-all.zip