adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

26 Commits

Author SHA1 Message Date
Tim W 64695f1354 initial commit 2019-08-24 13:42:22 +08:00
Tim W 08c196c5d5 show the output of apktool if injection fails 2018-10-05 14:11:36 +08:00
Green-m 2529fdf322 Fix issue #8887, when injecting into an existing .apk file on windows 2018-08-10 05:43:26 -04:00
Tim c3fa30707d fix #8879, fix APK injection edge cases 2017-09-11 12:03:20 +08:00
Tim 601131f236 hook Application class if found 2017-03-01 19:22:42 +08:00
Tim ee8b70e0df fix permission shuffling 2017-03-01 14:38:47 +08:00
Tim 063d999a64 randomize the payload, service and broadcast receiver names 2017-03-01 14:20:31 +08:00
Tim 64e7f13067 improve error detection 2017-01-19 16:40:35 +07:00
Tim c1e30b632b fix #7725, inject into the Activity constructor 2017-01-19 16:24:26 +07:00
Tim f8f764aefc fix #7617, invalid register when hooking smali code 2017-01-19 14:52:30 +07:00
Tim daae46d37b Fixes #7552, fix apk injection into proguarded apks 2016-11-21 15:05:59 +08:00
h00die cd01b07682 Land #7565 
Lands print_bad and vprint_bad from todb-r7
 2016-11-18 13:29:39 -05:00
Brian Yip 927e195e28 Generate payload apk from permissionless apk 2016-11-16 00:48:10 -04:00
Tod Beardsley 1deacad2be Add a print_bad alias for print_error 
Came up on Twitter, where Justin may have been trolling a little:

https://twitter.com/jstnkndy/status/798671298302017536

We have a `print_good` method, but not a `print_bad`, which seems a
little weird for Ruby -- opposite methods should be intuitive as Justin
is implying.

Anyway, I went with alias_method, thanks to the compelling argument at

https://github.com/bbatsov/ruby-style-guide#alias-method

...since Metasploit is all about the singleton, and didn't want to risk
some unexpected scoping thing.

Also dang, we define the `print_` methods like fifty billion times!
Really should fix that some day.
 2016-11-15 19:20:42 -06:00
dana-at-cp c0e839dfd9 Fixes keytool bug in APK inject code 2016-11-11 06:12:47 -08:00
dana-at-cp b8e30a241e Copy original cert data into new signing cert created for APK injection 2016-10-20 08:43:45 -07:00
dana-at-cp d7ac8eba45 Create new signing certificate with dname value copied from original certificate. 2016-10-15 14:05:53 -07:00
Brent Cook e5ac3eda61 Land #7362, Fix apk injection script to include android payload service and broadcast receivers 2016-10-11 07:54:10 -05:00
dana-at-cp b06a3d3c68 Refactor code that calls zipalign on injected APK 2016-09-29 07:49:50 -07:00
dana-at-cp e8d99fb3f5 Run zipalign as last step during APK injection process 
Running zipalign on an APK after signing and before distribution
is considered general best practice. Also, properly aligning an APK
makes it less likely to be flagged as suspicious by mobile security
solutions.

More on zipalign from Google:

https://developer.android.com/studio/command-line/zipalign.html
 2016-09-28 20:05:17 -07:00
Tim a39c4965e4 fix apk injection script to include payload service and receivers 2016-09-26 19:50:10 +08:00
Tim 9ebe18d096 automatically generate keystore for apk signing 2016-09-01 10:19:58 +01:00
Tim 5d0e868fd6 facebook.orca fixes 2015-12-24 12:21:08 +00:00
Tim 69b65e7d39 fix error handling 2015-12-24 09:13:56 +00:00
Tim eeea4bde9d integrate ./msfvenom -x for android payloads 2015-12-22 15:58:27 +00:00
Tim 662a6dfd53 ¯\_(ツ)_/¯ 2015-12-22 14:49:00 +00:00