Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Get no result for even a obviously vulnerable application #2

Open
miaochiahao opened this issue Nov 5, 2019 · 7 comments
Open

Get no result for even a obviously vulnerable application #2

miaochiahao opened this issue Nov 5, 2019 · 7 comments

Comments

@miaochiahao
Copy link

I got nothing on Jandroid output html. I'm sure that:

  • all requirements are installed properly
  • the target apk has obvious webview vulnerabilities and they can be found manually accourding to the template

But I got this message in the log: {'bug_obj': {'JSbridgeBrowsable': False}

I'm not sure that whether it is a bug, or the target apk just missed the template, or something else is wrong. It would be nice for you to provide a vulnerable apk which could be detected by Jandroid, in order to prove that Jandroid is working properly.
@projectbtle
Copy link
Contributor

Does the APK definitely have browsable activities that call the vulnerable web views? (the activity must match the signature given in MANIFESTPARAMS)

@miaochiahao
Copy link
Author

Does the APK definitely have browsable activities that call the vulnerable web views? (the activity must match the signature given in MANIFESTPARAMS)

Yes, I'm pretty sure. Or can you just provide a vulnerable app? I want to make sure that jandroid is running properly on my machine. I got no result from androidguard androguard while debugging.

@projectbtle
Copy link
Contributor

Unfortunately, I don't have vulnerable apps that can be shared.

There have been some code changes recently. Can you try with the updated code?

@zoro3s
Copy link

zoro3s commented Sep 29, 2020
edited
Loading

<activity android:name=".WebviewActivity">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:host="www.test.com"
android:scheme="www" />
</intent-filter>
</activity>

public class WebviewActivity extends AppCompatActivity {

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_webview);
    setTitle("WebViewActivity");
    EditText et = (EditText)findViewById(R.id.et1);
    WebView webView = (WebView)findViewById(R.id.webview);
    webView.addJavascriptInterface(new test(),"mmm");
    Intent intent = getIntent();
    Uri uri = intent.getData();
    String url=uri.getQueryParameter("url");
    webView.loadUrl(url);
}

}

DEBUG Finished analysing Webview-debug.apk with output {'bug_obj': {'JSbridgeBrowsable': False}, 'graph_list': []}.
got nothing!!!

@miaochiahao
Copy link
Author

<activity android:name=".WebviewActivity">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:host="www.test.com"
android:scheme="www" />
</intent-filter>
</activity>

public class WebviewActivity extends AppCompatActivity {

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_webview);
    setTitle("WebViewActivity");
    EditText et = (EditText)findViewById(R.id.et1);
    WebView webView = (WebView)findViewById(R.id.webview);
    webView.addJavascriptInterface(new test(),"mmm");
    Intent intent = getIntent();
    Uri uri = intent.getData();
    String url=uri.getQueryParameter("url");
    webView.loadUrl(url);
}

}

DEBUG Finished analysing Webview-debug.apk with output {'bug_obj': {'JSbridgeBrowsable': False}, 'graph_list': []}.
got nothing!!!

这个我和同事确认过了,他自带的实例规则写的有些问题,需要自己改动

@zoro3s
Copy link

zoro3s commented Sep 30, 2020

哦哦,是写的规则有问题么,那我再看下,多谢多谢

@ExLuck
Copy link

ExLuck commented Aug 15, 2023

<activity android:name=".WebviewActivity">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:host="www.test.com"
android:scheme="www" />
</intent-filter>
</activity>
public class WebviewActivity extends AppCompatActivity {

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_webview);
    setTitle("WebViewActivity");
    EditText et = (EditText)findViewById(R.id.et1);
    WebView webView = (WebView)findViewById(R.id.webview);
    webView.addJavascriptInterface(new test(),"mmm");
    Intent intent = getIntent();
    Uri uri = intent.getData();
    String url=uri.getQueryParameter("url");
    webView.loadUrl(url);
}

}
DEBUG Finished analysing Webview-debug.apk with output {'bug_obj': {'JSbridgeBrowsable': False}, 'graph_list': []}.
got nothing!!!

I confirmed this with my colleagues. There are some problems with the example rules that come with him, and I need to modify them myself.

Can you share the edited rule?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@zoro3s @miaochiahao @projectbtle @ExLuck