/janus-toolkit

A collection of tools for the Janus exploit [CVE-2017-13156].

Primary LanguagePythonApache License 2.0Apache-2.0

Janus Toolkit

This is a collection of tools for the Janus exploit [CVE-2017-13156], affecting AOSP versions 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0 as described here.

You can read more at the writeup from Guardsquare.

Tools

Janus python3 go

AndroidManifest extractor python3

Usage

  1. Extract the AndroidManifest.xml from the target APK using Apktool.
  2. Run manifest_dummy.py to generate dummy classes to include in your Android Studio project. (The necessary tags generated by this script are only needed if you set shrinkEnabled true in your build.gradle)

Extract DEX from already injected APK [WIP] python3

TODO

  • Complete the guide. Extra instructions in this repo.

Donate

If this repository helped you in any way, feel free to donate here.