增强现实AR>> keystore-shim>> 返回
项目作者: rednaga

项目描述 :
Shim to grab keystore backed data
高级语言: C
项目地址: git://github.com/rednaga/keystore-shim.git
创建时间: 2017-09-21T21:34:03Z
项目社区:https://github.com/rednaga/keystore-shim
开源协议:GNU General Public License v2.0
下载


keystore-shim

A “shim” for loading keystore data for later manipulation using native jni so you don’t need to bother with Dalvik/Android/Java junk.

I didn’t include much/any parsing of the keystore since that is an exercise left to the reader/coder. I only needed to confirm a few things on my end and it shouldn’t be hard for anyone who understands the code to go futher. I’m mainly open sourcing this because @nelenkov asked nicely :)
https://twitter.com/kapitanpetko/status/907772363357380608

The code look familiar? It should - I stole it from my other project https://github.com/rednaga/native-shim :D

Usage

Switch to the applications user id (on a root device, su, on a non-rooted make the application debuggable and use run-as. Then run the shim code after compiling and pushing it to the device, giving it the alias name as an argument:

What it will look like if it worked;

  1. sailfish:/ $ ./data/local/tmp/shim realkeystorename
  2. [*] keystore-snag - diff
  3.  [+] Initializing JavaVM Instance
  4.  [+] Initialization success (vm=0xec7191e0, env=0xec934230)
  5.  [+] Found 'java.security.KeyStore' class (0xdb9)
  6.  [+] Found getDefaultType method (0x702e3f4c)
  7.  [+] Found default type of [ BKS ]
  8.  [+] Found getInstance method (0x702e3f6c)
  9.  [+] Retreived instance (0xdd5)
  10.  [+] Found getEntry method (0x702e40cc)
  11.  [+] Got KeyStore data (0xdf9)

You’ll get an error if the KeyStore data isn’t found.

  1. sailfish:/ $ ./data/local/tmp/shim fakekeystorename                                                                                                      
  2. [*] keystore-snag - diff
  3.  [+] Initializing JavaVM Instance
  4.  [+] Initialization success (vm=0xe76991e0, env=0xe78b4230)
  5.  [+] Found 'java.security.KeyStore' class (0xdb9)
  6.  [+] Found getDefaultType method (0x702e3f4c)
  7.  [+] Found default type of [ BKS ]
  8.  [+] Found getInstance method (0x702e3f6c)
  9.  [+] Retreived instance (0xdd5)
  10.  [+] Found getEntry method (0x702e40cc)
  11.  [!] Error getting KeyStore data!

Disclaimer

This code is meant for education and research purposes only. Do as you please with it, but accept any and all responsibility for your actions. The tools were created specifically to assist in malware reversing and analysis - be careful.

License

  1. Copyright 2017 Tim 'diff' Strazzere <strazz@gmail.com>
  3. Licensed under the Apache License, Version 2.0 (the "License");
  4. you may not use this file except in compliance with the License.
  5. You may obtain a copy of the License at
  7.    http://www.apache.org/licenses/LICENSE-2.0
  9. Unless required by applicable law or agreed to in writing, software
  10. distributed under the License is distributed on an "AS IS" BASIS,
  11. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. See the License for the specific language governing permissions and
  13. limitations under the License.