QARK – 安卓程序漏洞快速查找工具

QARK – 安卓程序漏洞快速查找工具

黑客软件hacker2015-08-13 12:44:548055A+A-

顶目主页:

https://github.com/linkedin/qark

项目简介:

QARK是1个用pythoniOS木马病毒测试工具,他能够在不用安卓设备的状况下开展检测,其目地是找寻某些与安会有关的Android程序运行的木马病毒,不论是在源码或装包的程序运行。

适用木马病毒:

Inadvertently exported components

Improperly protected exported components

Intents which are vulnerable to interception or eavesdropping

Improper x.509 certificate validation

Creation of world-readable or world-writeable files

Activities which may leak data

The use of Sticky Intents

Insecurely created Pending Intents

Sending of insecure Broadcast Intents

Private keys embedded in the source

Weak or improper cryptography use

Potentially exploitable WebView configurations

Exported Preference Activities

Tapjacking

Apps which enable backups

Apps which are debuggable

Apps supporting outdated API versions, with known vulnerabilities

使用说明:

他出示两种工做方法,

互动方式立即键入指令实行只能,依据提醒键入有关叁数,开展检测,

python qark.py

2. 手動方式

在命令行中设定好必须的叁数,立即开使检测

$ python qark.py --source 1 --pathtoapk /Users/foo/qark/sampleApps/goatdroid/goatdroid.apk --exploit 1 --install 1

or

$ python qark.py --source 2 -c /Users/foo/qark/sampleApps/goatdroid/goatdroid --manifest /Users/foo/qark/sampleApps/goatdroid/goatdroid/AndroidManifest.xml --exploit 1 --install 1

輸出結果:

 QARK – 安卓程序漏洞快速查找工具 第1张

 QARK – 安卓程序漏洞快速查找工具 第2张


点击这里复制本文地址 以上内容由黑资讯整理呈现,请务必在转载分享时注明本文地址!如对内容有疑问,请联系我们,谢谢!
  • 5条评论
  • 假欢怀桔2022-06-03 00:00:32
  • le filesActivities which may leak dataThe use of Sticky IntentsInsecurely created Pending IntentsSending of insecure B
  • 颜于邶谌2022-06-02 22:54:14
  • IntentsPrivate keys embedded in the sourceWeak or improper cryptography usePotentially exploitable WebView configuratio
  • 夙世等灯2022-06-03 03:19:42
  • k /Users/foo/qark/sampleApps/goatdroid/goatdroid.apk --exploit 1 --install 1or$ python qark.py --s
  • 南殷空枝2022-06-02 21:55:55
  • able backupsApps which are debuggableApps supporting outdated API versions, with known vulnerabilities使用说明:他出示两种工做方法,互动方式立即键入指令实行只能
  • 嘻友诗呓2022-06-03 03:24:50
  • -exploit 1 --install 1or$ python qark.py --source 2 -c /Users/foo/qark/sampleApps/goatdroid/goatdroid --

支持Ctrl+Enter提交

黑资讯 © All Rights Reserved.  
Copyright Copyright 2015-2020 黑资讯
滇ICP备19002590号-1
Powered by 黑客资讯 Themes by 如有不合适之处联系我们
网站地图| 发展历程| 留言建议| 网站管理