Streamlining error handling when --skip-resources is set (#374)

Co-authored-by: Martin Tschirsich <martin@martin-ThinkPad-X1-Carbon-3rd>
sensepost · May 26, 2020 · 25568d3 · 25568d3
1 parent 8e53e4b
commit 25568d3
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 15 deletions.
diff --git a/objection/commands/mobile_packages.py b/objection/commands/mobile_packages.py
@@ -172,7 +172,7 @@ def patch_android_apk(source: str, architecture: str, pause: bool, skip_cleanup:
 
     click.secho('Patcher will be using Gadget version: {0}'.format(github_version), fg='green')
 
-    patcher = AndroidPatcher(skip_cleanup=skip_cleanup)
+    patcher = AndroidPatcher(skip_cleanup=skip_cleanup, skip_resources=skip_resources)
 
     # ensure we have the latest apk-tool and run the
     if not patcher.is_apktool_ready():
@@ -185,8 +185,8 @@ def patch_android_apk(source: str, architecture: str, pause: bool, skip_cleanup:
 
     # work on patching the APK
     patcher.set_apk_source(source=source)
-    patcher.unpack_apk(skip_resources=skip_resources)
-    patcher.inject_internet_permission(skip_resources=skip_resources)
+    patcher.unpack_apk()
+    patcher.inject_internet_permission()
 
     if not ignore_nativelibs:
         patcher.extract_native_libs_patch()

diff --git a/objection/console/cli.py b/objection/console/cli.py
@@ -363,6 +363,11 @@ def patchapk(source: str, architecture: str, gadget_version: str, pause: bool, s
         click.secho('The --enable-debug flag is incompatible with the --skip-resources flag.', fg='red')
         return
 
+    # ensure we decode resources if we do not have the --ignore-nativelibs flag.
+    if not ignore_nativelibs and skip_resources:
+        click.secho('The --ignore-nativelibs flag is required with the --skip-resources flag.', fg='red')
+        return
+
     patch_android_apk(**locals())
 
 

diff --git a/objection/utils/patchers/android.py b/objection/utils/patchers/android.py
@@ -197,7 +197,7 @@ class AndroidPatcher(BasePlatformPatcher):
         }
     }
 
-    def __init__(self, skip_cleanup: bool = False):
+    def __init__(self, skip_cleanup: bool = False, skip_resources: bool = False):
         super(AndroidPatcher, self).__init__()
 
         self.apk_source = None
@@ -206,6 +206,7 @@ def __init__(self, skip_cleanup: bool = False):
         self.apk_temp_frida_patched_aligned = self.apk_temp_directory + '.aligned.objection.apk'
         self.aapt = None
         self.skip_cleanup = skip_cleanup
+        self.skip_resources = skip_resources
 
         self.keystore = os.path.join(os.path.abspath(os.path.dirname(__file__)), '../assets', 'objection.jks')
         self.netsec_config = os.path.join(os.path.abspath(os.path.dirname(__file__)), '../assets',
@@ -278,6 +279,12 @@ def _get_android_manifest(self) -> ElementTree:
             :return:
         """
 
+        # error if --skip-resources was used because the manifest is encoded
+        if self.skip_resources is True:
+            click.secho('Cannot manually parse the AndroidManifest.xml when --skip-resources '
+                        'is set, remove this and try again.', fg='red')
+            raise Exception('Cannot --skip-resources when trying to manually parse the AndroidManifest.xml')
+
         # use the android namespace
         ElementTree.register_namespace('android', 'http://schemas.android.com/apk/res/android')
 
@@ -383,12 +390,10 @@ def get_temp_working_directory(self) -> str:
 
         return self.apk_temp_directory
 
-    def unpack_apk(self, skip_resources: bool = False):
+    def unpack_apk(self):
         """
             Unpack an APK with apktool.
 
-            :type skip_resources: bool
-
             :return:
         """
 
@@ -398,7 +403,7 @@ def unpack_apk(self, skip_resources: bool = False):
             self.required_commands['apktool']['location'],
             'decode',
             '-f',
-            '-r' if skip_resources else '',
+            '-r' if self.skip_resources else '',
             '-o',
             self.apk_temp_directory,
             self.apk_source
@@ -408,7 +413,7 @@ def unpack_apk(self, skip_resources: bool = False):
             click.secho('An error may have occurred while extracting the APK.', fg='red')
             click.secho(o.err, fg='red')
 
-    def inject_internet_permission(self, skip_resources: bool = False):
+    def inject_internet_permission(self):
         """
             Checks the status of the source APK to see if it
             has the INTERNET permission. If not, the manifest file
@@ -424,13 +429,8 @@ def inject_internet_permission(self, skip_resources: bool = False):
             click.secho('App already has android.permission.INTERNET', fg='green')
             return
 
-        # if not, error if --skip-resources was used because the manifest is encoded
-        elif skip_resources is True:
-            click.secho('Cannot patch an APK for Internet permission when --skip-resources '
-                        'is set, remove this and try again.', fg='red')
-            raise Exception('Cannot --skip-resources with no Internet permission')
-
         # if not, we need to inject an element with it
+        click.secho('App does not have android.permission.INTERNET, attempting to patch the AndroidManifest.xml...', dim=True, fg='yellow')
         xml = self._get_android_manifest()
         root = xml.getroot()