├── .gitignore ├── README.md ├── bash_functions.sh └── scripts ├── insfri.sh ├── niadump.sh ├── nidecom.sh ├── nidoap.sh ├── nipak.sh └── nisig.sh /.gitignore: -------------------------------------------------------------------------------- 1 | *.swp 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Android scripts 2 | Some extremely simple scripts that I use during bug bounty hunting in Android Apps. 3 | - Some of this scripts need an ADB connection to work properly. 4 | - For now, you need to have *only one* connection on ADB. 5 | 6 | --- 7 | >### ☕ [nipak.sh](https://github.com/i5nipe/android-scripts/blob/master/scripts/nipak.sh) 8 | Extract APK file from Apps installed in the device. 9 | - Example of use: `./nipak.sh com.instagram.android` 10 | 11 | --- 12 | >### ☕ [nisig.sh](https://github.com/i5nipe/android-scripts/blob/master/scripts/nisig.sh) 13 | Sign APK files. 14 | - Example of use: `./nisig.sh modApp.apk` 15 | - Dependencies: `jarsigner`, `keytool` 16 | 17 | --- 18 | >### ☕ [insfri.sh](https://github.com/i5nipe/android-scripts/blob/master/scripts/insfri.sh) 19 | Download and start frida server on the device. 20 | - Dependencies: `xz-utils`, `frida` 21 | 22 | --- 23 | >### ☕ [nidoap.sh](https://github.com/i5nipe/android-scripts/blob/master/scripts/nidoap.sh) 24 | Read a list of package names and open the page of Play Store to download the App. 25 | - Example of use: `./nidoap.sh packages.txt` or `./nidoap.sh com.instagram.android` 26 | 27 | --- 28 | >### ☕ [nidecom.sh](https://github.com/i5nipe/android-scripts/blob/master/scripts/nidecom.sh) 29 | Decompile all *.apk files from the current folder with apktool. 30 | 31 | --- 32 | >### ☕ [niadump.sh](https://github.com/i5nipe/android-scripts/blob/master/scripts/niadump.sh) 33 | Automation for *PASSIVE* analysis of Android communication. 34 | - Need tcpdump binary in "/data/local/tmp/tcpdump" 35 | -------------------------------------------------------------------------------- /bash_functions.sh: -------------------------------------------------------------------------------- 1 | PURPLE="\033[01;35m" 2 | GRAY="\033[1;37m" 3 | NC="\033[0m" 4 | 5 | # Read a list of package names and open the page of Play Store to download the App. 6 | function nidoap() { 7 | list="$1" 8 | 9 | if [ "$#" -eq 0 ] || [ "$1" = "-h" ]; then 10 | 11 | echo -e "${PURPLE}Nidoap${NC} - Read a list of package names and open the page on Google ${GRAY}Play Store.${NC}" 12 | echo "Usage: nidoap [package | file with packages]" 13 | echo "Ex: nidoap com.instagram.android" 14 | else 15 | 16 | # Check if file exists 17 | if test -f "$1"; then 18 | 19 | while read line; do 20 | echo -e "${PURPLE}[*]${GRAY} Opening ${PURPLE}$line" 21 | DeepLink=$(adb /dev/null) 22 | 23 | echo -e "${PURPLE}[*] ${GRAY}Press Enter to continue" 24 | read nothing /dev/null) 30 | fi 31 | fi 32 | } 33 | 34 | # Extract APK file from Apps installed in the device. 35 | function nipak() { 36 | if [ "$#" -eq 0 ] || [ "$1" = "-h" ]; then 37 | 38 | echo -e "${PURPLE}Nipak${NC} -${GRAY}Extract APK${NC} from Apps installed in the device" 39 | echo "Usage: nipak [ package ]" 40 | echo "Ex: nipak com.instagram.android" 41 | exit 42 | else 43 | caminho=$(adb shell pm path $1 | grep base.apk | cut -d ":" -f 2) 44 | adb pull $caminho 45 | mv base.apk $1.apk 46 | fi 47 | } 48 | 49 | # Decompile all *.apk files from the current folder with apktool. 50 | function nidecom() { 51 | apks=$(find . -type f -name \*.apk) 52 | 53 | echo "$apks" | while read line;do 54 | echo -e "${PURPLE}[$(date '+%R')] - Decompiling${GRAY} $line ${NC}" 55 | apktool d "$line" 56 | done 57 | } 58 | -------------------------------------------------------------------------------- /scripts/insfri.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Download and start frida server on the device connected via ADB 4 | 5 | PURPLE="\033[01;35m" 6 | GRAY="\033[1;37m" 7 | NC="\033[0m" 8 | 9 | # TODO: if frida is not installed? 10 | versionFridaDesktop=`frida --version` 11 | 12 | 13 | # Archs expected: arm, arm64, x86, x86_64 14 | # TODO: if adb are not connected? 15 | # TODO: if the return of getprop is different of the used on the frida repo? 16 | archPro=`adb shell getprop ro.product.cpu.abi` 17 | 18 | urlFridaServer=`echo https://github.com/frida/frida/releases/download/$versionFridaDesktop/frida-server-$versionFridaDesktop-android-$archPro.xz` 19 | 20 | FridaServerFilename=`echo "frida-server-$versionFridaDesktop-android-$archPro.xz"` 21 | 22 | 23 | echo -e "${PURPLE}[*]${GRAY} Downloading ${PURPLE}$FridaServerFilename${NC}\n" 24 | curl -L "$urlFridaServer" -o "$FridaServerFilename" 25 | 26 | 27 | unxz "$FridaServerFilename" 28 | unxzFile=`echo ${FridaServerFilename::-3}` 29 | 30 | adb push $unxzFile /data/local/tmp/frida-server 31 | rm $unxzFile 32 | adb shell chmod +x /data/local/tmp/frida-server 33 | 34 | echo -e "${PURPLE}[*]${GRAY} Starting frida-server${NC}" 35 | adb shell /data/local/tmp/frida-server & 36 | -------------------------------------------------------------------------------- /scripts/niadump.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Automation for PASSIVE analysis of android communication. 3 | # Need tcpdump binary in "/data/local/tmp/tcpdump". 4 | 5 | PURPLE="\033[01;35m" 6 | GRAY="\033[1;37m" 7 | NC="\033[0m" 8 | 9 | if test "$1" = "-h" ;then 10 | echo "Usage of niadump" 11 | echo -e "-h \t Show this help message." 12 | echo -e "-p \t Extract and delete /sdcard/out.pcap file from android." 13 | exit 14 | fi 15 | if test "$1" = "-p" ; then 16 | echo -e "${GRAY}[*]${PURPLE} Transferring${GRAY} /sdcard/out.pcap${NC}" 17 | adb pull /sdcard/out.pcap 18 | 19 | echo -e "${GRAY}[*]${PURPLE} Erasing${GRAY} /sdcard/out.pcap${NC}" 20 | adb shell su -c rm /sdcard/out.pcap 21 | 22 | echo -e "\n${GRAY}[*]${PURPLE} Opening WireShark${NC}" 23 | nohup wireshark -r out.pcap > /dev/null 2>&1& 24 | exit 1 25 | fi 26 | 27 | echo -e "${GRAY}[*]${PURPLE} Erasing${GRAY} /sdcard/out.pcap" 28 | adb shell su -c rm /sdcard/out.pcap 29 | 30 | echo -e "\n${GRAY}[*]${PURPLE} Starting tcpdump${NC}" 31 | adb shell su -c /data/local/tmp/tcpdump -i any -p -v -s 0 -w /sdcard/out.pcap 32 | 33 | 34 | -------------------------------------------------------------------------------- /scripts/nidecom.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Decompile all *.apk files from the current folder with apktool. 3 | 4 | PURPLE="\033[01;35m" 5 | GRAY="\033[1;37m" 6 | NC="\033[0m" 7 | 8 | 9 | apks=$(find . -type f -name \*.apk) 10 | 11 | echo "$apks" | while read line;do 12 | echo -e "${PURPLE}[$(date '+%R')] - Decompiling${GRAY} $line ${NC}" 13 | apktool d "$line" 14 | done 15 | -------------------------------------------------------------------------------- /scripts/nidoap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Read a list of package names and open the page of Play Store to download the App. 3 | 4 | 5 | PURPLE="\033[01;35m" 6 | GRAY="\033[1;37m" 7 | NC="\033[0m" 8 | 9 | list="$1" 10 | 11 | if [ "$#" -eq 0 ] || [ "$1" = "-h" ]; then 12 | 13 | echo -e "${PURPLE}Nidoap${NC} - Read a list of package names and open the page on Google ${GRAY}Play Store.${NC}" 14 | echo "Usage: nidoap [package | file with packages]" 15 | echo "Ex: nidoap com.instagram.android" 16 | exit 17 | fi 18 | 19 | 20 | # Check if file exists 21 | if test -f "$1"; then 22 | 23 | while read line; do 24 | echo -e "${PURPLE}[*]${GRAY} Opening ${PURPLE}$line" 25 | DeepLink=$(adb /dev/null) 26 | 27 | echo -e "${PURPLE}[*] ${GRAY}Press Enter to continue" 28 | read nothing /dev/null) 34 | fi 35 | -------------------------------------------------------------------------------- /scripts/nipak.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Extract APK file from Apps installed in the device. 3 | 4 | PURPLE="\033[01;35m" 5 | GRAY="\033[1;37m" 6 | NC="\033[0m" 7 | 8 | 9 | if [ "$#" -eq 0 ] || [ "$1" = "-h" ]; then 10 | 11 | echo -e "${PURPLE}Nipak${NC} -${GRAY}Extract APK${NC} from Apps installed in the device" 12 | echo "Usage: nipak [ package ]" 13 | echo "Ex: nipak com.instagram.android" 14 | exit 15 | fi 16 | 17 | caminho=$(adb shell pm path $1 | grep base.apk | cut -d ":" -f 2) 18 | adb pull $caminho 19 | mv base.apk $1.apk 20 | -------------------------------------------------------------------------------- /scripts/nisig.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Sign APK files 3 | 4 | if [ "$1" == "" ] 5 | then 6 | echo "Usage: $0 aplication.apk" 7 | else 8 | #echo "Name of the file:" 9 | #read name 10 | name="sig_key" 11 | 12 | #echo "Password(min: 6 caracters):" 13 | pass="Default123" 14 | 15 | echo "Generating signature file..." 16 | keytool -genkey -keystore $name.jks -storepass $pass -storetype jks -alias $name -keyalg rsa -dname "CN=NIPE" -keypass $pass 17 | 18 | echo "Signing apk" 19 | jarsigner -keystore $name.jks -storepass $pass -storetype jks -sigalg sha1withrsa -digestalg sha1 $1 $name 20 | 21 | echo "Verifying signature" 22 | jarsigner -verify -certs -verbose $1 23 | fi 24 | --------------------------------------------------------------------------------