Apk-Mitm - A CLI Application That Prepares Android APK Files For HTTPS Inspection
A CLI application that automatically prepares Android APK files for HTTPS inspection
Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious.
apk-mitm automates the entire process. All you have to do is give it an APK file and apk-mitm will:- decode the APK file using Apktool
- modify the app's
AndroidManifest.xmlto make itdebuggable - modify the app's Network Security Configuration to allow user-added certificates
- insert
return-voidopcodes to disable certificate pinning logic - encode the patched APK file using Apktool
- sign the patched APK file using uber-apk-signer
apk-mitm to patch apps using Android App Bundle and rooting your phone is not required.Usage
If you have an up-to-date version of Node.js (8.2+) and Java (8+), you can run this command to patch an app:
$ npx apk-mitm <path-to-apk>example.apk, you'd run:$ npx apk-mitm example.apk
✔ Decoding APK file
✔ Modifying app manifest
✔ Modifying network security config
✔ Disabling certificate pinning
✔ Encoding patched APK file
✔ Signing patched APK file
Done! Patched APK: ./example-patched.apkexample-patched.apk file on your Android device and use a proxy like Charles or mitmproxy to look at the app's traffic.Patching App Bundles
You can also patch apps using Android App Bundle with
apk-mitm by providing it with a *.xapk file (for example from APKPure) or a *.apks file (which you can export yourself using SAI).Caveats
- If the app uses Google Maps and the map is broken after patching, then the app's API key is probably restricted to the developer's certificate. You'll have to create your own API key without restrictions and replace it in the app's
AndroidManifest.xmlfile.
- If
apk-mitmcrashes while decoding or encoding the issue is probably related to Apktool. Check their issues on GitHub to find possible workarounds. If you happen to find an Apktool version that's not affected by the issue, you can instructapk-mitmto use it by specifying the path of its JAR file through the--apktooloption.
Installation
The above example used
npx to download and execute apk-mitm without local installation. If you do want to fully install it, you can do that by running:$ npm install -g apk-mitmThanks
- Connor Tumbleson for making an awesome APK decompiler
- Patrick Favre-Bulle for making a very simple tool for signing APKs
Via: feedproxy.google.com
Apk-Mitm - A CLI Application That Prepares Android APK Files For HTTPS Inspection
Reviewed by Anónimo
on
17:59
Rating:
Reviewed by Anónimo
on
17:59
Rating:
