Kali Linux

Slicer : Automate The Boring Process Of APK Recon

Slicer accepts a path to an extracted APK file and then returns all the activities, receivers, and services which are exported and have null permissions and can be externally provoked.

Note: The APK has to be extracted via jadx or apktool.

Features

  • Check if the APK has set the android:allowbackup to true
  • Check if the APK has set the android:debuggable to true.
  • Return all the activities, services and broadcast receivers which are exported and have null permission set. This is decided on the basis of two things:
    • android:exporte=true is present in any of the component and have no permission set.
    • If exported is not mention then slicer check if any Intent-filters are defined for that component, if yes that means that component is exported by default(This is the rule given in android documentation.)
  • Check the Firebase URL of the APK by testing it for .json trick.
    • If the firebase URL is myapp.firebaseio.com then it will check if https://myapp.firebaseio.com/.json returns something or gives permission denied.
    • If this thing is open then that can be reported as high severity.
  • Check if the google API keys are publically accessible or not.
    • This can be reported on some bounty programs but have a low severity.
    • But most of the time reporting this kind of thing will bring out the pain of Duplicate.
    • Also sometimes the company can just close it as not applicable and will claim that the KEY has a usage cap – r/suspiciouslyspecific
  • Return other API keys that are present in strings.xml and in AndroidManifest.xml
  • List all the file names present in /res/raw and res/xml directory.
  • Extracts all the URLs and paths.
    • These can be used with tool like dirsearch or ffuf.

Installation

  • Clone this repository

git clone https://github.com/mzfr/slicer

  • cd slicer
  • Now you can run it: python3 slicer.py -h

Usage

It’s very simple to use. Following options are available:

Extract information from Manifest and strings of an APK
Usage:
slicer [OPTION] [Extracted APK directory]
Options:
d, –dir path to jadx output directory
o, –output Name of the output file(not implemented)

I have not implemented the output flag yet because I think if you can redirect slicer output to a yaml file it will a proper format.

Usage Example

  • Extract information from the APK and display it on the screen.

python3 slicer.py -d path/to/extact/apk -c config.json

Download
R K

Leave a Comment
Share
Published by
R K
Tags: APK ReconAutomateBoring ProcessSlicer
3 years ago

Recent Posts

How Do I Do Reverse Image Search

Have you ever come across a picture on the internet and wondered where it came…

5 days ago

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

2 weeks ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

2 weeks ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

2 weeks ago

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

2 weeks ago

Essential Commands for Linux User Listing

Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…

2 weeks ago