APKLeaks - Scanning APK file for URIs, endpoints & secrets.

Overview

APKLeaks

version contributions

Scanning APK file for URIs, endpoints & secrets.

APKLeaks


Installation

It's fairly simple to install APKLeaks:

from PyPi

$ pip3 install apkleaks

from Source

Clone repository and install requirements:

$ git clone https://github.com/dwisiswant0/apkleaks
$ cd apkleaks/
$ pip3 install -r requirements.txt

from Docker

Pull the Docker image by running:

$ docker pull dwisiswant0/apkleaks:latest

Dependencies

APKLeaks using jadx disassembler to decompile APK file. If it doesn't exist in your environment, it'll ask you to download.

Usage

Simply,

$ apkleaks -f ~/path/to/file.apk
# from Source
$ python3 apkleaks.py -f ~/path/to/file.apk
# or with Docker
$ docker run -it --rm -v /tmp:/tmp dwisiswant0/apkleaks:latest -f /tmp/file.apk

Options

Here are all the options it supports.

Argument Description Example
-f, --file APK file to scanning apkleaks -f file.apk
-o, --output Write to file results (random if not set) apkleaks -f file.apk -o results.txt
-p, --pattern Path to custom patterns JSON apkleaks -f file.apk -p custom-rules.json
-a, --args Disassembler arguments apkleaks -f file.apk --args="--deobf --log-level DEBUG"
--json Save as JSON format apkleaks -f file.apk -o results.json --json

Output

In general, if you don't provide -o argument, then it will generate results file automatically.

NOTE: By default it will also save the results in text format, use --json argument if you want JSON output format.

Pattern

Custom patterns can be added with the following argument to provide sensitive search rules in the JSON file format: --pattern /path/to/custom-rules.json. If not set, it'll use default patterns from regexes.json file.

Example patterns file:

// custom-rules.json
{
  "Amazon AWS Access Key ID": "AKIA[0-9A-Z]{16}",
  ...
}
$ apkleaks -f /path/to/file.apk -p rules.json -o ~/Documents/apkleaks-results.txt

Arguments (disassembler)

We give user complete discretion to pass the disassembler arguments. For example, if you want to activate threads in jadx decompilation process, you can add it with -a/--args argument, example: --args="--threads-count 5".

$ apkleaks -f /path/to/file.apk -a "--deobf --log-level DEBUG"

NOTE: Please pay attention to the default disassembler arguments we use to prevent collisions.

License

apkleaks is distributed under Apache 2.

Acknowledments

Since this tool includes some contributions, and I'm not an asshole, I'll publically thank the following users for their helps and resources:

Comments
  • PermissionError: [WinError 32] The process cannot access the file because it is being used by another process:

    PermissionError: [WinError 32] The process cannot access the file because it is being used by another process:

    After issue #37 was fixed, I cloned the repo and tried testing it again.

    Here's the command I entered: python .\apkleaks.py -f <path-to-apk>\app-armeabi-v7a-release.apk

    Here's the output:

         _    ____  _  ___               _
        / \  |  _ \| |/ / |    ___  __ _| | _____
       / _ \ | |_) | ' /| |   / _ \/ _` | |/ / __|
      / ___ \|  __/| . \| |__|  __/ (_| |   <\__ \
     /_/   \_\_|   |_|\_\_____\___|\__,_|_|\_\___/
     v2.3.0
     --
     Scanning APK file for URIs, endpoints & secrets
     (c) 2020-2021, dwisiswant0
    
    ** Decompiling APK...
    The filename, directory name, or volume label syntax is incorrect.
    
    ** Scanning against 'com.<package-name>'
    Traceback (most recent call last):
      File ".\apkleaks.py", line 5, in <module>
        main()
      File "C:\Users\username\Documents\apkleaks\apkleaks\cli.py", line 38, in main
        init.cleanup()
      File "C:\Users\username\Documents\apkleaks\apkleaks\apkleaks.py", line 144, in cleanup
        os.remove(self.output)
    PermissionError: [WinError 32] The process cannot access the file because it is being used by another process: 'C:\\Users\\username\\AppData\\Local\\Temp\\apkleaks-fimv9xye.txt'
    
    bug 
    opened by masteradit 21
  • Empty results in Windows

    Empty results in Windows

    I just called python apkleaks.py -f app.apk -o app.txt and got:

    Scanning APK file for URIs, endpoints & secrets (c) 2020-2021, dwisiswant0 ←[0m ←[94m** Decompiling APK... ←[0mINFO - loading ... INFO - processing ... ERROR - finished with errors, count: 3

    The app.txt file is completly empty. What could be the problem?

    OS: Windows 10 Python: 3.8.0

    bug 
    opened by fuuman 8
  • ERROR:  No module named apk_parse.apk

    ERROR: No module named apk_parse.apk

    Hi, i'm having this error while trying to run the script:

    python2 apkleaks.py -h

    Traceback (most recent call last): File "apkleaks.py", line 2, in from apk_parse.apk import APK ImportError: No module named apk_parse.apk

    Where can i find this "apk_parse.apk" file ?

    Thanks

    question 
    opened by DIEGOD79 7
  • json.decoder.JSONDecodeError: Expecting property name enclosed in double quotes: line 62 column 1 (char 4619)

    json.decoder.JSONDecodeError: Expecting property name enclosed in double quotes: line 62 column 1 (char 4619)

    I ran apkleaks with this command: sudo python3 apkleaks.py -f ../myapp.apk but I got this error:

    ` ** Decompiling APK... ERROR - Incorrect arguments: File not found /usr/share/jadx/bin/../myapp.apk

    ** Scanning against 'com.flightio.app'

    ** Done with nothing. ¯_(ツ)_/¯ Traceback (most recent call last): File "/home/majidmc2/Desktop/apkleaks/apkleaks.py", line 5, in main() File "/home/majidmc2/Desktop/apkleaks/apkleaks/cli.py", line 36, in main init.scanning() File "/home/majidmc2/Desktop/apkleaks/apkleaks/apkleaks.py", line 124, in scanning regex = json.load(regexes) File "/usr/lib/python3.9/json/init.py", line 293, in load return loads(fp.read(), File "/usr/lib/python3.9/json/init.py", line 346, in loads return _default_decoder.decode(s) File "/usr/lib/python3.9/json/decoder.py", line 337, in decode obj, end = self.raw_decode(s, idx=_w(s, 0).end()) File "/usr/lib/python3.9/json/decoder.py", line 353, in raw_decode obj, end = self.scan_once(s, idx) json.decoder.JSONDecodeError: Expecting property name enclosed in double quotes: line 62 column 1 (char 4619) `

    bug 
    opened by majidmc2 5
  • Refactor code quality issues

    Refactor code quality issues

    Hey, I work at DeepSource, I ran DeepSource analysis on my fork of the repo and found some improvements in the codebase, opening this PR so you can assess if our platform is right and helpful for you; happy to provide the tweaks separately otherwise.

    Following are the changes-

    • Removed length check in favour of truthiness of the object
    • Removed unused imports
    • Removed unnecessary return statement
    • Use sys.exit() calls
    • Add .deepsource.toml file for continuous analysis on bug risks/performance/code-quality issues on new changes.

    Note: I've fixed a few issues for now. You can find and fix other issues here.

    opened by saif-deepsource 5
  • Issue with requirements.txt (numpy) installation

    Issue with requirements.txt (numpy) installation

    I've been trying to install APKLeaks but having some run time installation error while installing the requirement.text. It seems there's some error with numpy cause it's failing to build and clean wheel again and again.

    I even tried updating numpy to the latest version and re-installing too but there's no success. Please find the entire error here: https://ghostbin.co/paste/ojqknqs/raw

    opened by mdisrail2468 4
  • Can't create directory/permission denied

    Can't create directory/permission denied

    When i use --outpot, i get this error: PermissionError: [Errno 13] Permission denied: 'C:\\Users\\sezer\\Desktop\\folder'

    When use just -f file.apk, i get this one:

    ERROR - Error saving class: com.things.thing
    jadx.core.utils.exceptions.JadxRuntimeException: 
    Can't create directory C:\Users\sezer\AppData\Local\Temp\apkleaks-woqqyysy\sources\com\exampleapk\module\ui\main\api\data\aux
    ______________________________________________________________________________________________
    PermissionError: [WinError 32] The process cannot access the file because it is being used by another process: 'C:\\Users\\sezer\\AppData\\Local\\Temp\\apkleaks-3hmqctov.txt'
    

    I tried use on admin mode too but still same.

    opened by srzern 3
  • ApkLeaks does not decompile all DEX files

    ApkLeaks does not decompile all DEX files

    The code reveals that ApkLeaks only decompiles classes.dex, omitting any other DEX files: https://github.com/dwisiswant0/apkleaks/blob/master/apkleaks/apkleaks.py#L92

    Since jadx is able to decompile an entire APK file, I suggest to pass the following arguments to jadx:

    args = [self.jadx, self.file, "-d", self.tempdir, "--deobf"]
    
    opened by U039b 3
  • The filename, directory name, or volume label syntax is incorrect

    The filename, directory name, or volume label syntax is incorrect

    I used the following command,

    python apkleaks.py -f testapp.apk

    but it gives error :

    ←[0m ←[94m** Decompiling APK... ←[0mThe filename, directory name, or volume label syntax is incorrect.

    ** Scanning against 'instagram.photo.video.downloader.repost.insta'

    ** Done with nothing. ¯_(ツ)_/¯

    opened by adapana 3
  • Can't able to run apkleaks.py

    Can't able to run apkleaks.py

    Getting following Error first

    Traceback (most recent call last):
      File "apkleaks.py", line 2, in <module>
        from apkleaks.apkleaks import APKLeaks
      File "/mnt/f/InfoSec/Tools/apkleaks/apkleaks/apkleaks.py", line 2, in <module>
        from apkleaks.colors import clr
    ImportError: No module named colors
    
    opened by YashGoti 3
  • re.error: missing : at position 31

    re.error: missing : at position 31

    i am running my kali linux on wsl i am getting this type of error

    └─# apkleaks -f ../com.example.client.apk _ ____ _ ___ _ / \ | _ | |/ / | ___ __ | | _____ / _ \ | |) | ' /| | / _ / ` | |/ / __| / ___ | /| . | || __/ (| | <__
    // __| ||_____|_,|_|__/ v2.5.0

    Scanning APK file for URIs, endpoints & secrets (c) 2020-2021, dwisiswant0

    Can't find jadx binary. Do you want to download jadx? (Y/n) y

    ** Downloading jadx...

    ** Decompiling APK... INFO - loading ... INFO - processing ... ERROR - finished with errors, count: 17

    ** Scanning against 'com.example.client'

    ** Done with nothing. ¯_(ツ)_/¯ Traceback (most recent call last): File "/usr/local/bin/apkleaks", line 33, in sys.exit(load_entry_point('apkleaks==2.5.0', 'console_scripts', 'apkleaks')()) File "/usr/local/lib/python3.9/dist-packages/apkleaks-2.5.0-py3.9.egg/apkleaks/cli.py", line 36, in main init.scanning() File "/usr/local/lib/python3.9/dist-packages/apkleaks-2.5.0-py3.9.egg/apkleaks/apkleaks.py", line 132, in scanning thread = threading.Thread(target = self.extract, args = (name, util.finder(pattern, self.tempdir))) File "/usr/local/lib/python3.9/dist-packages/apkleaks-2.5.0-py3.9.egg/apkleaks/utils.py", line 18, in finder matcher = re.compile(pattern) File "/usr/lib/python3.9/re.py", line 252, in compile return _compile(pattern, flags) File "/usr/lib/python3.9/re.py", line 304, in _compile p = sre_compile.compile(pattern, flags) File "/usr/lib/python3.9/sre_compile.py", line 764, in compile p = sre_parse.parse(p, flags) File "/usr/lib/python3.9/sre_parse.py", line 948, in parse p = _parse_sub(source, state, flags & SRE_FLAG_VERBOSE, 0) File "/usr/lib/python3.9/sre_parse.py", line 443, in _parse_sub itemsappend(_parse(source, state, verbose, nested + 1, File "/usr/lib/python3.9/sre_parse.py", line 805, in _parse flags = _parse_flags(source, state, char) File "/usr/lib/python3.9/sre_parse.py", line 913, in _parse_flags raise source.error(msg, len(char)) re.error: missing : at position 31

    bug 
    opened by arijitdirghanji 2
  • Fixes #61, and other improvements.

    Fixes #61, and other improvements.

    • Fixes #61
    • This PR also makes it so that we automatically get the absolute path of the file that's passed as an argument with -f/--file. This makes apkleaks easier to use, since we now won't need to manually get the absolute path of the apk's we want to scan.
    • I also made the output of apkleaks easier to grep.

    When installing apkleaks from PyPi on Windows, jadx.bat was installed in the path C:\Program Files\Python39\Lib\site-packages\jadx\bin\jadx.bat. This caused #61, because apkleaks was trying to run C:/Program Files/Python39/Lib/site-packages/jadx/bin/jadx.bat Aurora.Droid.ver.1.0.8.build.8.apk -d C:\Users\REDACTED\AppData\Local\Temp\apkleaks-t996o3tz without quoting the jadx.bat path.

    opened by ItsIgnacioPortal 0
  • Update the docker (latest) to have 2.6.1

    Update the docker (latest) to have 2.6.1

    dwisiswant0/apkleaks:latest

    is 2.6.0, not the latest version

    I do not think I can PR this,

    If possible please update the docker file to run from 2.6.1 ❤️

    opened by cln-io 0
  • ERROR - finished with errors, count: 146

    ERROR - finished with errors, count: 146

    v2.6.1

    Scanning APK file for URIs, endpoints & secrets (c) 2020-2021, dwisiswant0  ** Decompiling APK... INFO - loading ... INFO - processing ... ERROR - finished with errors, count: 146

    opened by fhartavi 0
  • It's possible to make apkleaks save output of jadx instead of create Temporary Dir

    It's possible to make apkleaks save output of jadx instead of create Temporary Dir

    It's possible to make apkleaks save output of jadx , I tried using --output-dir-src and --output-dir-res with -a but apkleaks search only through -d dir and -d dir here is Temporary Dir so It's will be awesome if you make it not temporary dir so later we can use output of jadx

    opened by 0xAwali 1
  • 'C:/Program' is not recognized as an internal or external command, operable program or batch file.

    'C:/Program' is not recognized as an internal or external command, operable program or batch file.

    Issue exists on Apkleaks v2.6.1, running on Windows 10, with python 3.9.0.

    This is probably because of the space in name of the Program Files folder. The error message appears after ** Decompiling APK...

    opened by ItsIgnacioPortal 5
Releases(v2.6.1)
  • v2.6.1(Aug 10, 2021)

  • v2.6.0(Aug 9, 2021)

    Changelog

    Minor

    77a3fa49d3c3145d8f7e467fab8a102205082f33 Added patterns:

    • GitHub Access Token
    • Discord BOT Token
    • JSON Web Token
    • MAC Address
    • CTF Flags:
      • DEF CON (Order Of the Overflow)
      • HackerOne
      • TryHackMe
      • HackTheBox
    Source code(tar.gz)
    Source code(zip)
  • v2.5.2(Jun 27, 2021)

    Changelog

    Patch

    • Fix incompatible issue on Windows (#40)
    • Replace all inline-flags PCRE pattern
    • Remove Vault Token pattern due to false-positive
    • Add kotlin to blacklist LinkFinder as class name
    • Stripping secrets result of LinkFinder
    Source code(tar.gz)
    Source code(zip)
  • v2.5.1(Jun 16, 2021)

  • v2.5.0(Jun 12, 2021)

    DEPRECATED! USE THE ABOVE VERSION INSTEAD.


    Changelog

    Minor

    Added patterns:

    • Facebook Secret Key
    • Facebook ClientID
    • Twitter ClientID
    • Twitter Secret Key
    • Artifactory API Token
    • Artifactory Password
    • Authorization Basic
    • Authorization Bearer
    • Basic Auth Credentials
    • Cloudinary Basic Auth
    • Mailto
    • Vault Token

    Patch

    • Revert NotKeyHacks pattern (splitting into the different files: config/notkeyhacks.json).
    Source code(tar.gz)
    Source code(zip)
  • v2.4.0(Jun 10, 2021)

    Added patterns:

    • Sift
    • Sentry DSN
    • Intercom API Key
    • Singular Configuration
    • Adjust Configuration
    • Bitmovin API Key
    • Salesforce MarketingCloud Token
    • AppDynamics Key
    • AppCenter Secret

    Thanks to @dee__see - for curated potentially sensitive tokens, NotKeyHacks.

    Source code(tar.gz)
    Source code(zip)
Owner
dw1
Bashturbation
dw1
This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.

RemoteMouse-3.008-Exploit The RemoteMouse application is a program for remotely controlling a computer from a phone or tablet. This exploit allows to

Podalirius 25 Dec 04, 2022
对naabu的端口扫描结果,调用nmap进行指纹识别

naabu2nmap 对naabu的端口扫描结果,调用nmap进行指纹识别

Se7en 12 Nov 22, 2022
Lite version of my Gatekeeper backdoor for public use.

MayorSec Backdoor Fully functioning bind-type backdoor This backdoor is a fully functioning bind shell and lite version of my full functioning Gatekee

Joe Helle 56 Mar 25, 2022
Proof of Concept Exploit for vCenter CVE-2021-21972

CVE-2021-21972 Proof of Concept Exploit for vCenter CVE-2021-21972

Horizon 3 AI Inc 210 Dec 31, 2022
Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)

使用方法&免责声明 该脚本为Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)。 使用方法:Python CVE-2020-17519.py urls.txt urls.txt 中每个url为一行,漏洞地址输出在vul.txt中 影响版本: Apache Flink 1

45 Sep 21, 2022
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口

Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。

s7ck Team 764 Jan 05, 2023
Python & JavaScript Obfuscator made in Python 3.

Python Code Obfuscator A script that converts code into full on random numerical expressions. Simple Scripts: Python Mode... Input: Function that deco

rzx. 1 Dec 29, 2021
This is a Crypto asset tracker that I built to aid my personal journey in cryptocurrencies.

Wallet Tracker This is a Crypto asset tracker that I built to aid my personal journey in cryptocurrencies. build docker build -t wallet-tracker . run

2 Mar 21, 2022
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3

Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR

Pushpender Singh 9 Dec 12, 2022
A guide to building basic malware in Python by implementing a keylogger application

Keylogger-Malware-Project A guide to building basic malware in Python by implementing a keylogger application. If you want even more detail on the Pro

Noah Davis 1 Jan 11, 2022
信息收集自动化工具

水泽-信息收集自动化工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:Ske 团队:0x727,未来一段时间将陆续开源工具,地址:https://github.com/0x727 定位:协助

0x727 2.7k Jan 09, 2023
✨ Powerfull & Universal Link Bypasser ✨

✨ Powerfull & Universal Link Bypasser ✨

Vodkarm06 4 Jun 03, 2022
simple python keylogger

HELLogger simple python keylogger DISCLAIMERS: DON'T DO BAD THINGS. THIS PROGRAM IS MEANT FOR PERSONAL USES ONLY. USE IT ONLY IN COMPUTERS WHERE YOU H

Arya 10 Nov 10, 2022
This is an injection tool that can inject any xposed modules apk into the debug android app

This is an injection tool that can inject any xposed modules apk into the debug android app, the native code in the xposed module can also be injected.

Windy 32 Nov 05, 2022
Fetch Chrome, Firefox, WiFi password and system info

DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO

Genos 59 Nov 17, 2022
A fast sub domain brute tool for pentesters

subDomainsBrute 1.4 A fast sub domain brute tool for pentesters. It works with P

Oliver 2 Oct 18, 2022
Malware Configuration And Payload Extraction

CAPE: Malware Configuration And Payload Extraction CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of mal

Kevin O'Reilly 1k Dec 30, 2022
IDA loader for Apple's iBoot, SecureROM and AVPBooter

IDA iBoot Loader IDA loader for Apple's iBoot, SecureROM and AVPBooter Installation Copy iboot-loader.py to the loaders folder in IDA directory. Credi

matteyeux 74 Dec 23, 2022
Python tool for exploiting CVE-2021-35616

OracleOTM Python tool for exploiting CVE-2021-35616 The script works in modules, which I implemented in the following order: ► Username enumeration ►

11 Dec 06, 2022
CVE-2022-22536 - SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536

CVE-2022-22536 SAP memory pipes desynchronization vulnerability(MPI) CVE-2022-22

antx 49 Nov 09, 2022