APKLeaks - Scanning APK file for URIs, endpoints & secrets.

Overview

APKLeaks

version contributions

Scanning APK file for URIs, endpoints & secrets.

APKLeaks


Installation

It's fairly simple to install APKLeaks:

from PyPi

$ pip3 install apkleaks

from Source

Clone repository and install requirements:

$ git clone https://github.com/dwisiswant0/apkleaks
$ cd apkleaks/
$ pip3 install -r requirements.txt

from Docker

Pull the Docker image by running:

$ docker pull dwisiswant0/apkleaks:latest

Dependencies

APKLeaks using jadx disassembler to decompile APK file. If it doesn't exist in your environment, it'll ask you to download.

Usage

Simply,

$ apkleaks -f ~/path/to/file.apk
# from Source
$ python3 apkleaks.py -f ~/path/to/file.apk
# or with Docker
$ docker run -it --rm -v /tmp:/tmp dwisiswant0/apkleaks:latest -f /tmp/file.apk

Options

Here are all the options it supports.

Argument Description Example
-f, --file APK file to scanning apkleaks -f file.apk
-o, --output Write to file results (random if not set) apkleaks -f file.apk -o results.txt
-p, --pattern Path to custom patterns JSON apkleaks -f file.apk -p custom-rules.json
-a, --args Disassembler arguments apkleaks -f file.apk --args="--deobf --log-level DEBUG"
--json Save as JSON format apkleaks -f file.apk -o results.json --json

Output

In general, if you don't provide -o argument, then it will generate results file automatically.

NOTE: By default it will also save the results in text format, use --json argument if you want JSON output format.

Pattern

Custom patterns can be added with the following argument to provide sensitive search rules in the JSON file format: --pattern /path/to/custom-rules.json. If not set, it'll use default patterns from regexes.json file.

Example patterns file:

// custom-rules.json
{
  "Amazon AWS Access Key ID": "AKIA[0-9A-Z]{16}",
  ...
}
$ apkleaks -f /path/to/file.apk -p rules.json -o ~/Documents/apkleaks-results.txt

Arguments (disassembler)

We give user complete discretion to pass the disassembler arguments. For example, if you want to activate threads in jadx decompilation process, you can add it with -a/--args argument, example: --args="--threads-count 5".

$ apkleaks -f /path/to/file.apk -a "--deobf --log-level DEBUG"

NOTE: Please pay attention to the default disassembler arguments we use to prevent collisions.

License

apkleaks is distributed under Apache 2.

Acknowledments

Since this tool includes some contributions, and I'm not an asshole, I'll publically thank the following users for their helps and resources:

Comments
  • PermissionError: [WinError 32] The process cannot access the file because it is being used by another process:

    PermissionError: [WinError 32] The process cannot access the file because it is being used by another process:

    After issue #37 was fixed, I cloned the repo and tried testing it again.

    Here's the command I entered: python .\apkleaks.py -f <path-to-apk>\app-armeabi-v7a-release.apk

    Here's the output:

         _    ____  _  ___               _
        / \  |  _ \| |/ / |    ___  __ _| | _____
       / _ \ | |_) | ' /| |   / _ \/ _` | |/ / __|
      / ___ \|  __/| . \| |__|  __/ (_| |   <\__ \
     /_/   \_\_|   |_|\_\_____\___|\__,_|_|\_\___/
     v2.3.0
     --
     Scanning APK file for URIs, endpoints & secrets
     (c) 2020-2021, dwisiswant0
    
    ** Decompiling APK...
    The filename, directory name, or volume label syntax is incorrect.
    
    ** Scanning against 'com.<package-name>'
    Traceback (most recent call last):
      File ".\apkleaks.py", line 5, in <module>
        main()
      File "C:\Users\username\Documents\apkleaks\apkleaks\cli.py", line 38, in main
        init.cleanup()
      File "C:\Users\username\Documents\apkleaks\apkleaks\apkleaks.py", line 144, in cleanup
        os.remove(self.output)
    PermissionError: [WinError 32] The process cannot access the file because it is being used by another process: 'C:\\Users\\username\\AppData\\Local\\Temp\\apkleaks-fimv9xye.txt'
    
    bug 
    opened by masteradit 21
  • Empty results in Windows

    Empty results in Windows

    I just called python apkleaks.py -f app.apk -o app.txt and got:

    Scanning APK file for URIs, endpoints & secrets (c) 2020-2021, dwisiswant0 ←[0m ←[94m** Decompiling APK... ←[0mINFO - loading ... INFO - processing ... ERROR - finished with errors, count: 3

    The app.txt file is completly empty. What could be the problem?

    OS: Windows 10 Python: 3.8.0

    bug 
    opened by fuuman 8
  • ERROR:  No module named apk_parse.apk

    ERROR: No module named apk_parse.apk

    Hi, i'm having this error while trying to run the script:

    python2 apkleaks.py -h

    Traceback (most recent call last): File "apkleaks.py", line 2, in from apk_parse.apk import APK ImportError: No module named apk_parse.apk

    Where can i find this "apk_parse.apk" file ?

    Thanks

    question 
    opened by DIEGOD79 7
  • json.decoder.JSONDecodeError: Expecting property name enclosed in double quotes: line 62 column 1 (char 4619)

    json.decoder.JSONDecodeError: Expecting property name enclosed in double quotes: line 62 column 1 (char 4619)

    I ran apkleaks with this command: sudo python3 apkleaks.py -f ../myapp.apk but I got this error:

    ` ** Decompiling APK... ERROR - Incorrect arguments: File not found /usr/share/jadx/bin/../myapp.apk

    ** Scanning against 'com.flightio.app'

    ** Done with nothing. ¯_(ツ)_/¯ Traceback (most recent call last): File "/home/majidmc2/Desktop/apkleaks/apkleaks.py", line 5, in main() File "/home/majidmc2/Desktop/apkleaks/apkleaks/cli.py", line 36, in main init.scanning() File "/home/majidmc2/Desktop/apkleaks/apkleaks/apkleaks.py", line 124, in scanning regex = json.load(regexes) File "/usr/lib/python3.9/json/init.py", line 293, in load return loads(fp.read(), File "/usr/lib/python3.9/json/init.py", line 346, in loads return _default_decoder.decode(s) File "/usr/lib/python3.9/json/decoder.py", line 337, in decode obj, end = self.raw_decode(s, idx=_w(s, 0).end()) File "/usr/lib/python3.9/json/decoder.py", line 353, in raw_decode obj, end = self.scan_once(s, idx) json.decoder.JSONDecodeError: Expecting property name enclosed in double quotes: line 62 column 1 (char 4619) `

    bug 
    opened by majidmc2 5
  • Refactor code quality issues

    Refactor code quality issues

    Hey, I work at DeepSource, I ran DeepSource analysis on my fork of the repo and found some improvements in the codebase, opening this PR so you can assess if our platform is right and helpful for you; happy to provide the tweaks separately otherwise.

    Following are the changes-

    • Removed length check in favour of truthiness of the object
    • Removed unused imports
    • Removed unnecessary return statement
    • Use sys.exit() calls
    • Add .deepsource.toml file for continuous analysis on bug risks/performance/code-quality issues on new changes.

    Note: I've fixed a few issues for now. You can find and fix other issues here.

    opened by saif-deepsource 5
  • Issue with requirements.txt (numpy) installation

    Issue with requirements.txt (numpy) installation

    I've been trying to install APKLeaks but having some run time installation error while installing the requirement.text. It seems there's some error with numpy cause it's failing to build and clean wheel again and again.

    I even tried updating numpy to the latest version and re-installing too but there's no success. Please find the entire error here: https://ghostbin.co/paste/ojqknqs/raw

    opened by mdisrail2468 4
  • Can't create directory/permission denied

    Can't create directory/permission denied

    When i use --outpot, i get this error: PermissionError: [Errno 13] Permission denied: 'C:\\Users\\sezer\\Desktop\\folder'

    When use just -f file.apk, i get this one:

    ERROR - Error saving class: com.things.thing
    jadx.core.utils.exceptions.JadxRuntimeException: 
    Can't create directory C:\Users\sezer\AppData\Local\Temp\apkleaks-woqqyysy\sources\com\exampleapk\module\ui\main\api\data\aux
    ______________________________________________________________________________________________
    PermissionError: [WinError 32] The process cannot access the file because it is being used by another process: 'C:\\Users\\sezer\\AppData\\Local\\Temp\\apkleaks-3hmqctov.txt'
    

    I tried use on admin mode too but still same.

    opened by srzern 3
  • ApkLeaks does not decompile all DEX files

    ApkLeaks does not decompile all DEX files

    The code reveals that ApkLeaks only decompiles classes.dex, omitting any other DEX files: https://github.com/dwisiswant0/apkleaks/blob/master/apkleaks/apkleaks.py#L92

    Since jadx is able to decompile an entire APK file, I suggest to pass the following arguments to jadx:

    args = [self.jadx, self.file, "-d", self.tempdir, "--deobf"]
    
    opened by U039b 3
  • The filename, directory name, or volume label syntax is incorrect

    The filename, directory name, or volume label syntax is incorrect

    I used the following command,

    python apkleaks.py -f testapp.apk

    but it gives error :

    ←[0m ←[94m** Decompiling APK... ←[0mThe filename, directory name, or volume label syntax is incorrect.

    ** Scanning against 'instagram.photo.video.downloader.repost.insta'

    ** Done with nothing. ¯_(ツ)_/¯

    opened by adapana 3
  • Can't able to run apkleaks.py

    Can't able to run apkleaks.py

    Getting following Error first

    Traceback (most recent call last):
      File "apkleaks.py", line 2, in <module>
        from apkleaks.apkleaks import APKLeaks
      File "/mnt/f/InfoSec/Tools/apkleaks/apkleaks/apkleaks.py", line 2, in <module>
        from apkleaks.colors import clr
    ImportError: No module named colors
    
    opened by YashGoti 3
  • re.error: missing : at position 31

    re.error: missing : at position 31

    i am running my kali linux on wsl i am getting this type of error

    └─# apkleaks -f ../com.example.client.apk _ ____ _ ___ _ / \ | _ | |/ / | ___ __ | | _____ / _ \ | |) | ' /| | / _ / ` | |/ / __| / ___ | /| . | || __/ (| | <__
    // __| ||_____|_,|_|__/ v2.5.0

    Scanning APK file for URIs, endpoints & secrets (c) 2020-2021, dwisiswant0

    Can't find jadx binary. Do you want to download jadx? (Y/n) y

    ** Downloading jadx...

    ** Decompiling APK... INFO - loading ... INFO - processing ... ERROR - finished with errors, count: 17

    ** Scanning against 'com.example.client'

    ** Done with nothing. ¯_(ツ)_/¯ Traceback (most recent call last): File "/usr/local/bin/apkleaks", line 33, in sys.exit(load_entry_point('apkleaks==2.5.0', 'console_scripts', 'apkleaks')()) File "/usr/local/lib/python3.9/dist-packages/apkleaks-2.5.0-py3.9.egg/apkleaks/cli.py", line 36, in main init.scanning() File "/usr/local/lib/python3.9/dist-packages/apkleaks-2.5.0-py3.9.egg/apkleaks/apkleaks.py", line 132, in scanning thread = threading.Thread(target = self.extract, args = (name, util.finder(pattern, self.tempdir))) File "/usr/local/lib/python3.9/dist-packages/apkleaks-2.5.0-py3.9.egg/apkleaks/utils.py", line 18, in finder matcher = re.compile(pattern) File "/usr/lib/python3.9/re.py", line 252, in compile return _compile(pattern, flags) File "/usr/lib/python3.9/re.py", line 304, in _compile p = sre_compile.compile(pattern, flags) File "/usr/lib/python3.9/sre_compile.py", line 764, in compile p = sre_parse.parse(p, flags) File "/usr/lib/python3.9/sre_parse.py", line 948, in parse p = _parse_sub(source, state, flags & SRE_FLAG_VERBOSE, 0) File "/usr/lib/python3.9/sre_parse.py", line 443, in _parse_sub itemsappend(_parse(source, state, verbose, nested + 1, File "/usr/lib/python3.9/sre_parse.py", line 805, in _parse flags = _parse_flags(source, state, char) File "/usr/lib/python3.9/sre_parse.py", line 913, in _parse_flags raise source.error(msg, len(char)) re.error: missing : at position 31

    bug 
    opened by arijitdirghanji 2
  • Fixes #61, and other improvements.

    Fixes #61, and other improvements.

    • Fixes #61
    • This PR also makes it so that we automatically get the absolute path of the file that's passed as an argument with -f/--file. This makes apkleaks easier to use, since we now won't need to manually get the absolute path of the apk's we want to scan.
    • I also made the output of apkleaks easier to grep.

    When installing apkleaks from PyPi on Windows, jadx.bat was installed in the path C:\Program Files\Python39\Lib\site-packages\jadx\bin\jadx.bat. This caused #61, because apkleaks was trying to run C:/Program Files/Python39/Lib/site-packages/jadx/bin/jadx.bat Aurora.Droid.ver.1.0.8.build.8.apk -d C:\Users\REDACTED\AppData\Local\Temp\apkleaks-t996o3tz without quoting the jadx.bat path.

    opened by ItsIgnacioPortal 0
  • Update the docker (latest) to have 2.6.1

    Update the docker (latest) to have 2.6.1

    dwisiswant0/apkleaks:latest

    is 2.6.0, not the latest version

    I do not think I can PR this,

    If possible please update the docker file to run from 2.6.1 ❤️

    opened by cln-io 0
  • ERROR - finished with errors, count: 146

    ERROR - finished with errors, count: 146

    v2.6.1

    Scanning APK file for URIs, endpoints & secrets (c) 2020-2021, dwisiswant0  ** Decompiling APK... INFO - loading ... INFO - processing ... ERROR - finished with errors, count: 146

    opened by fhartavi 0
  • It's possible to make apkleaks save output of jadx instead of create Temporary Dir

    It's possible to make apkleaks save output of jadx instead of create Temporary Dir

    It's possible to make apkleaks save output of jadx , I tried using --output-dir-src and --output-dir-res with -a but apkleaks search only through -d dir and -d dir here is Temporary Dir so It's will be awesome if you make it not temporary dir so later we can use output of jadx

    opened by 0xAwali 1
  • 'C:/Program' is not recognized as an internal or external command, operable program or batch file.

    'C:/Program' is not recognized as an internal or external command, operable program or batch file.

    Issue exists on Apkleaks v2.6.1, running on Windows 10, with python 3.9.0.

    This is probably because of the space in name of the Program Files folder. The error message appears after ** Decompiling APK...

    opened by ItsIgnacioPortal 5
Releases(v2.6.1)
  • v2.6.1(Aug 10, 2021)

  • v2.6.0(Aug 9, 2021)

    Changelog

    Minor

    77a3fa49d3c3145d8f7e467fab8a102205082f33 Added patterns:

    • GitHub Access Token
    • Discord BOT Token
    • JSON Web Token
    • MAC Address
    • CTF Flags:
      • DEF CON (Order Of the Overflow)
      • HackerOne
      • TryHackMe
      • HackTheBox
    Source code(tar.gz)
    Source code(zip)
  • v2.5.2(Jun 27, 2021)

    Changelog

    Patch

    • Fix incompatible issue on Windows (#40)
    • Replace all inline-flags PCRE pattern
    • Remove Vault Token pattern due to false-positive
    • Add kotlin to blacklist LinkFinder as class name
    • Stripping secrets result of LinkFinder
    Source code(tar.gz)
    Source code(zip)
  • v2.5.1(Jun 16, 2021)

  • v2.5.0(Jun 12, 2021)

    DEPRECATED! USE THE ABOVE VERSION INSTEAD.


    Changelog

    Minor

    Added patterns:

    • Facebook Secret Key
    • Facebook ClientID
    • Twitter ClientID
    • Twitter Secret Key
    • Artifactory API Token
    • Artifactory Password
    • Authorization Basic
    • Authorization Bearer
    • Basic Auth Credentials
    • Cloudinary Basic Auth
    • Mailto
    • Vault Token

    Patch

    • Revert NotKeyHacks pattern (splitting into the different files: config/notkeyhacks.json).
    Source code(tar.gz)
    Source code(zip)
  • v2.4.0(Jun 10, 2021)

    Added patterns:

    • Sift
    • Sentry DSN
    • Intercom API Key
    • Singular Configuration
    • Adjust Configuration
    • Bitmovin API Key
    • Salesforce MarketingCloud Token
    • AppDynamics Key
    • AppCenter Secret

    Thanks to @dee__see - for curated potentially sensitive tokens, NotKeyHacks.

    Source code(tar.gz)
    Source code(zip)
Owner
dw1
Bashturbation
dw1
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

This project is no longer maintained March 2020 Update: Please go see the amazing Pysa tutorial that should get you up to speed finding security vulne

2.1k Dec 25, 2022
Blinder is a tool that will help you simplify the exploitation of blind SQL injection

Blinder Have you found a blind SQL injection? Great! Now you need to export it, but are you too lazy to sort through the values? Most likely,

10 Dec 06, 2022
TOOLS CRACK FACEBOOK

Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal

Romi Afrizal 50 Dec 26, 2022
Update of uncaptcha2 from 2019

YouTube Video Proof of Concept I created a new YouTube Video with technical Explanation for breaking Google's Audio reCAPTCHAs: Click on the image bel

Nikolai Tschacher 153 Dec 20, 2022
Evil-stalker - A simple tool written in python, it is so simple that it is based on google dorks

evil-stalker How to run First of all, you must install the necessary libraries.

rock3d 6 Nov 16, 2022
Discord-email-spammer-exploit - A discord email spammer exploit with python

Discord-email-spammer-exploit was made by Love ❌ code ✅ 🎈 ・Description First it

Rdimo 25 Aug 13, 2022
Safety checks your installed dependencies for known security vulnerabilities

Safety checks your installed dependencies for known security vulnerabilities. By default it uses the open Python vulnerability database Safety DB, but

pyup.io 1.4k Dec 30, 2022
This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.

RemoteMouse-3.008-Exploit The RemoteMouse application is a program for remotely controlling a computer from a phone or tablet. This exploit allows to

Podalirius 25 Dec 04, 2022
Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket.

PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket

Oliver Lyak 140 Dec 27, 2022
This tool ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes.

This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information

Telefónica 66 Nov 08, 2022
The probability of having the password you want in the PassMaker is +90%!!

PasswordMaker Strong listing password Introduction The probability of having the password you want in the tool is +90%!! How to Install Open the termi

MasterBurnt 4 Sep 05, 2021
Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source

Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg

m4ll0k (mallok) 1.8k Jan 04, 2023
A Tool to find subdomains from hackerone reports.

Hactivity A Tool to find subdomains from Hackerone reports of a given company or a search term (xss, ssrf, etc). It can also print out URL and Title o

Stinger 15 Jul 24, 2022
A windows post exploitation tool that contains a lot of features for information gathering and more.

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

29 Nov 20, 2022
python script for hack gmail account using brute force attack

#Creator: johnry #coded by john ry GBrute python script for hack gmail account using brute force attack Commands apt update && apt upgrade git clone h

6 Dec 09, 2022
This tool allows to automatically test for Content Security Policy bypass payloads.

CSPass This tool allows to automatically test for Content Security Policy bypass payloads. Usage [cspass]$ ./cspass.py -h usage: cspass.py [-h] [--no-

Ruulian 30 Nov 22, 2022
A Python replicated exploit for Webmin 1.580 /file/show.cgi Remote Code Execution

CVE-2012-2982 John Hammond | September 4th, 2021 Checking searchsploit for Webmin 1.580 I only saw a Metasploit module for the /file/show.cgi Remote C

John Hammond 25 Dec 08, 2022
CVE 2020-14871 Solaris exploit

CVE 2020-14871 Solaris exploit This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems. The act

Robin Massink 2 Oct 25, 2022
Show apps recorded storage files by jailbreak

0x101 Show registered storage files of apps by jailbreak Legal disclaimer: Usage of insTof for attacking targets without prior mutual consent is illeg

0x 4 Oct 24, 2022
CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection

CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection Usage usage: cve-2021-26084_confluence_rce.py [-h] --url URL [--cmd CMD] [--shell] CVE-2021-2

r0cky 92 Jul 20, 2022