From 55d67a7d0561d8c28f130839c9413dbd93cc2334 Mon Sep 17 00:00:00 2001 From: Thomas Hebb Date: Wed, 2 Oct 2024 16:47:00 -0400 Subject: [PATCH 1/3] apk: Support replacing existing debuggable attribute If a package explicitly specifies debuggable="false", adding a new entry setting it to "true" has no effect. To properly patch such APKs, we need to replace the entry. --- frida_tools/apk.py | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/frida_tools/apk.py b/frida_tools/apk.py index f8430817..24b8face 100644 --- a/frida_tools/apk.py +++ b/frida_tools/apk.py @@ -191,18 +191,26 @@ def insert_debuggable(self, name: int, resource_map: ResourceMap) -> None: # Some parts of Android expect this to be sorted by resource ID. attr_offset = None + replace = False for insert_pos in range(self.attribute_count + 1): - attr_offset = 0x24 + 20 * insert_pos + attr_offset = 0x24 + struct.calcsize(self.ATTRIBUTE_FORMAT) * insert_pos idx = int.from_bytes(chunk_data[attr_offset + 4 : attr_offset + 8], "little") - if resource_map.get_resource(idx) > ResourceMap.DEBUGGING_RESOURCE: + res = resource_map.get_resource(idx) + if res >= ResourceMap.DEBUGGING_RESOURCE: + # If there's already a debugging resource, replace it. + replace = res == ResourceMap.DEBUGGING_RESOURCE break - chunk_data[attr_offset:attr_offset] = debuggable - self.header.size = len(chunk_data) - chunk_data[4 : 4 + 4] = struct.pack(" Date: Sat, 19 Oct 2024 00:09:37 +0200 Subject: [PATCH 2/3] Remove redundant comment --- frida_tools/apk.py | 1 - 1 file changed, 1 deletion(-) diff --git a/frida_tools/apk.py b/frida_tools/apk.py index 24b8face..c5b7e0d7 100644 --- a/frida_tools/apk.py +++ b/frida_tools/apk.py @@ -197,7 +197,6 @@ def insert_debuggable(self, name: int, resource_map: ResourceMap) -> None: idx = int.from_bytes(chunk_data[attr_offset + 4 : attr_offset + 8], "little") res = resource_map.get_resource(idx) if res >= ResourceMap.DEBUGGING_RESOURCE: - # If there's already a debugging resource, replace it. replace = res == ResourceMap.DEBUGGING_RESOURCE break From edea1e2c0acd2450a572eef201119321c7f7f5e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ole=20Andr=C3=A9=20Vadla=20Ravn=C3=A5s?= Date: Sat, 19 Oct 2024 00:09:46 +0200 Subject: [PATCH 3/3] Tweak style --- frida_tools/apk.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frida_tools/apk.py b/frida_tools/apk.py index c5b7e0d7..c2c17ef7 100644 --- a/frida_tools/apk.py +++ b/frida_tools/apk.py @@ -193,7 +193,7 @@ def insert_debuggable(self, name: int, resource_map: ResourceMap) -> None: attr_offset = None replace = False for insert_pos in range(self.attribute_count + 1): - attr_offset = 0x24 + struct.calcsize(self.ATTRIBUTE_FORMAT) * insert_pos + attr_offset = 0x24 + insert_pos * struct.calcsize(self.ATTRIBUTE_FORMAT) idx = int.from_bytes(chunk_data[attr_offset + 4 : attr_offset + 8], "little") res = resource_map.get_resource(idx) if res >= ResourceMap.DEBUGGING_RESOURCE: