odensc / janus Goto Github PK
View Code? Open in Web Editor NEWPython script to create an Android APK exploiting the Janus vulnerability.
License: MIT License
Python script to create an Android APK exploiting the Janus vulnerability.
License: MIT License
I tried it on a vulnerable apk. I generated the .dex file with msfvenom than I used this tool to inject my payload.dex. However, if I analyze the generated apk with jadx-gui, I cannot find any references to my evil payload (metasploit). Do you know why? Am I doing something wrong?
I joined "Hello world" .dex file to DIVA.apk (https://github.com/payatu/diva-android) and other apps and tested on Android Emulator 6.0.
Output application couldn't run and failed with messages:
04-24 00:09:29.595 3821 3834 D DefContainer: Copying /data/local/tmp/diva-hack1.apk to base.apk
04-24 00:09:29.681 1899 1923 I PackageManager.DexOptimizer: Running dexopt (dex2oat) on: /data/app/vmdl92185492.tmp/base.apk pkg=jakhar.aseem.diva isa=x86 vmSafeMode=false debuggable=true oatDir = /data/app/vmdl92185492.tmp/oat
04-24 00:09:30.811 1899 1923 V BackupManagerService: restoreAtInstall pkg=jakhar.aseem.diva token=5 restoreSet=0
04-24 00:09:36.495 1899 3352 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=jakhar.aseem.diva/.MainActivity (has extras)} from uid 10009 on display 0
04-24 00:09:36.517 1899 2142 I ActivityManager: Start proc 4567:jakhar.aseem.diva/u0a65 for activity jakhar.aseem.diva/.MainActivity
04-24 00:09:36.564 4580 4580 W dex2oat : /system/bin/dex2oat --runtime-arg -classpath --runtime-arg --instruction-set=x86 --instruction-set-features=smp,ssse3,-sse4.1,-sse4.2,-avx,-avx2 --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/app/jakhar.aseem.diva-1/base.apk --oat-file=/data/dalvik-cache/x86/data@[email protected]@[email protected]
04-24 00:09:36.565 4580 4580 E dex2oat : Failed to create oat file: /data/dalvik-cache/x86/data@[email protected]@[email protected]: Permission denied
04-24 00:09:36.571 4567 4567 W art : Failed execv(/system/bin/dex2oat --runtime-arg -classpath --runtime-arg --instruction-set=x86 --instruction-set-features=smp,ssse3,-sse4.1,-sse4.2,-avx,-avx2 --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/app/jakhar.aseem.diva-1/base.apk --oat-file=/data/dalvik-cache/x86/data@[email protected]@[email protected]) because non-0 exit status
04-24 00:09:36.579 4567 4567 E AndroidRuntime: Process: jakhar.aseem.diva, PID: 4567
04-24 00:09:36.579 4567 4567 E AndroidRuntime: java.lang.RuntimeException: Unable to get provider jakhar.aseem.diva.NotesProvider: java.lang.ClassNotFoundException: Didn't find class "jakhar.aseem.diva.NotesProvider" on path: DexPathList[[zip file "/data/app/jakhar.aseem.diva-1/base.apk"],nativeLibraryDirectories=[/data/app/jakhar.aseem.diva-1/lib/x86, /data/app/jakhar.aseem.diva-1/base.apk!/lib/x86, /vendor/lib, /system/lib]]
04-24 00:09:36.579 4567 4567 E AndroidRuntime: Caused by: java.lang.ClassNotFoundException: Didn't find class "jakhar.aseem.diva.NotesProvider" on path: DexPathList[[zip file "/data/app/jakhar.aseem.diva-1/base.apk"],nativeLibraryDirectories=[/data/app/jakhar.aseem.diva-1/lib/x86, /data/app/jakhar.aseem.diva-1/base.apk!/lib/x86, /vendor/lib, /system/lib]]
04-24 00:09:36.579 4567 4567 E AndroidRuntime: Suppressed: java.lang.ClassNotFoundException: jakhar.aseem.diva.NotesProvider
04-24 00:09:36.580 1899 3352 W ActivityManager: Force finishing activity jakhar.aseem.diva/.MainActivity
04-24 00:09:36.893 1899 3352 I WindowManager: Screenshot max retries 4 of Token{7e43c3 ActivityRecord{8676372 u0 jakhar.aseem.diva/.MainActivity t14 f}} appWin=Window{6c2683b u0 Starting jakhar.aseem.diva} drawState=3
04-24 00:09:37.396 1899 1913 W ActivityManager: Activity pause timeout for ActivityRecord{8676372 u0 jakhar.aseem.diva/.MainActivity t14 f}
04-24 00:09:39.272 1899 1910 I ActivityManager: Process jakhar.aseem.diva (pid 4567) has died
What is the problem?
Thanks!
Your code looks very similar to the style of fictional character Matilda "Mattie" Hawkins from the British TV series, Humans ;)
The code from this repository was briefly shown at the end of the fourth episode of season three. It was accompanied with the dialog that the code's style match to code unseen in a previous episode.
I was quite excited when a search picked up this code and also saw that it was for an exploit for Android given the TV show focuses on humanoid androids called Synthetics ;)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.