appknox / afe Goto Github PK

View Code? Open in Web Editor NEW

182.0 182.0 78.0 76.81 MB

Android Framework for Exploitation, is a framework for exploiting android based devices

License: GNU General Public License v3.0

Python 57.97% Shell 21.50% Java 3.96% PHP 1.05% Smali 13.12% Makefile 1.18% Batchfile 1.22%

afe's Introduction

appknox

Appknox Opensource Collective

afe's People

Stargazers

Watchers

Forkers

subho007 adi0x90 srclib gauravkumarrajoura chiehwen dj1970uk jeev1992 ajay656-hash the-darknight trooper123 adi1391 japaks illuminati23 wenjammer letroll omrano softctrl 300000 zoebalimaknojia antojoseph thoughtmaker blaquee anwarmohamed zigmos blackfa1con ali-zohrevand mrtigercn kynigos tempbottle davedacoda debug-orz gabberbaby pandazheng intointel tamerplatform marouaben sunilgarg7 vijo tharani29 mumer92 k5h4tr1y4 ajgappmark sushiomsky gfxox3jj3cqr0rmy decept1c0n dromero1452 shuixi2013 laudarch enovella v0re greenpoison necessaryevilz320 decolnz shubhams32 iamtutu johnhonai houcy scrack nicetester h0r57 vaginessa hydrapsy atingtot jevey warlock0007 i-tamizhan startion2007 ro9ueadmin quemandoacromo rootorben prayog-lab ninovalboskoni hartl3y94 richard6666

afe's Issues

Android Unprotected Exported Activity

The Android application exports Activity for use by other applications,
but does not properly restrict which applications can launch the
component or access the data it contains.

1:None
 - Exported activity at com.flipkart.android.activity.HomeFragmentHolderActivity

Android Unprotected Exported Receiver

The Android application exports Receiver for use by other applications,
but does not properly restrict which applications can launch the
component or access the data it contains.

1:None
 - Exported receiver at com.flipkart.android.campaignmanager.ReferrerReceiver

2:None
 - Exported receiver at com.tune.TuneTracker

Android Unprotected Exported Service

The Android application exports Service for use by other applications,
but does not properly restrict which applications can launch the
component or access the data it contains.

1:None
 - Exported service at com.flipkart.accountManager.account.AuthenticatorService

2:None
 - Exported service at com.google.firebase.messaging.FirebaseMessagingService

3:None
 - Exported service at com.google.firebase.iid.FirebaseInstanceIdService

Broken HostnameVerifier for SSL

Implements naive hostname verification. This HostnameVerifier breaks
certificate validation!

1:None
 - Custom HostnameVerifiers is implemented in class com.e.a.a.d.b and naive hostname verification is performed. This HostnameVerifier breaks certificate validation.

bluebox google issue

PoC here
https://plus.google.com/113331808607528811927/posts/GxDA6111vYy

https://gist.github.com/poliva/36b0795ab79ad6f14fd8

Application Logs

Application was found to be writing logs to the system logs

1:None
 - Log message tagged 'ParseHelper': 'cannot add relative layout rules when container is not relative'

2:None
 - Log message tagged 'Lcom/flipkart/android/proteus/ProteusConstants;->isLoggingEnabled()Z': 'Lcom/flipkart/android/proteus/parser/ParseHelper;->parseFloat(Ljava/lang/String;)F'

3:None
 - Log message tagged 'Lcom/flipkart/android/proteus/ProteusConstants;->isLoggingEnabled()Z': 'Landroid/view/View;->getLayoutParams()Landroid/view/ViewGroup$LayoutParams;'

4:None
 - Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'

5:None
 - Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'

6:None
 - Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'

7:None
 - Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'

8:None
 - Log message tagged 'ViewParser': 'margins can only be applied to views with parent ViewGroup'

Unprotected Services

A service was found to be shared with other apps on the device without
an intent filter or a permission requirement therefore leaving it
accessible to any other application on the device.

1:None
 - com.google.firebase.messaging.FirebaseMessagingService

2:None
 - com.google.firebase.iid.FirebaseInstanceIdService

postdata.py not found

Hi,

First of all I would like to thank you about the wonderful framework.

I folllowed the manual and also some online videos and managed to reach upo to the point that I am about to start the reverse handler however I getting this error.

Success
Starting: Intent { cmp=com.xysecv3/.Xysecv3Activity }
Starting listener, press Ctrl+C to exit listener
python: can't open file 'postdata.py': [Errno 2] No such file or directory

The code that is calling the postdata.py as you know exists at the modules/malware/run.sh
I tried to find that file with no luck and also I browsed the code from previous commits but there is no where.

Best regards
Stergios

Insufficient Transport Layer Protection

Insufficient transport layer protection issues happen when the data is
sent from the mobile app to the server over unsecure channels. Whether
the data is transmitted through the carrier network or through WiFi, it
will end up through the Internet either way before it could reach the
remote server. There are several ways where unprotected data transmitted
over the network could be sniffed; things like routers, proxies, cell
towers, are some of the few ways data could be sniffed while in transit.

1:None
 - Socket opened at Lcom/e/a/a/a/q;->b
Connection not secure

2:None
 - Socket opened at Lcom/e/a/a/a/p;->a
Connection not secure

3:None
 - Socket opened at Lcom/e/a/a/a/p;->d
Connection not secure

4:None
 - Socket opened at Lcom/e/a/a/a/p;->f
Connection not secure

Unprotected Exported Activities

The Android application exports Activity for use by other applications,
but does not properly restrict which applications can launch the
component or access the data it contains.

1:None
 - Unprotected activity: com.flipkart.android.SplashActivity

App Extending WebViewClient

The default handling of WebViewClient should handle the
onReceivedSSLError properly, which might break certificate validation

1:None
 - WebViewClient extended in com.facebook.internal.WebDialog$DialogWebViewClient Naive SSL error handling implemented

2:None
 - WebViewClient extended in com.flipkart.android.fragments.WebViewFragment$b Naive SSL error handling implemented

Derived Crypto Keys

Traces of Crypto Keys which might be intermediate keys used when loading
the different libraries.

1:None
 - AES implemented at Lcom/flipkart/android/t/b;->a

Remote Code Execution through JavascriptInterface

Application seems to use JavascriptInterface. An attacker can use it to
do a Remote Code Execution on your application and steal sensitive
informations.

1:None
 - com/flipkart/android/fragments/WebViewFragment;->enablePaymentHandler

2:None
 - com/flipkart/android/fragments/WebViewFragment;->onCreateView

3:None
 - com/flipkart/android/fragments/WebViewFragment;->onCreateView

Insufficient Transport Layer Protection

1:None
 - This application opens a socket and connects to it, which might be insecured, defined at Lcom/e/a/a/a/q;->b

2:None
 - This application opens a socket and connects to it, which might be insecured, defined at Lcom/e/a/a/a/p;->a

3:None
 - This application opens a socket and connects to it, which might be insecured, defined at Lcom/e/a/a/a/p;->d

4:None
 - This application opens a socket and connects to it, which might be insecured, defined at Lcom/e/a/a/a/p;->f

Integration with AndroRAT

An open source project on Android malwares by Robert David.

The source is located here - https://github.com/wcb972/androrat

Integration of the malware and the server within AFE.