- Author: Saurabh Harit
- Cost: Free
- Source Code: GitHub
- License: GPLv3
Android applications may share the data of a content provider with other
applications installed on your device. For example, if you receive an image
attachment in an email, your mail client will have to share it with an image
viewer. One way of sharing a content provider's data with other applications is
grant-uri-permission tag in
AndroidManifest.xml. Using this tag, a
content provider can specify a path, path pattern or path prefix. However, if
this path is mistakenly set to "/", any other installed application would be
able to access data of that content provider.
<grant-uri-permission android:pathPrefix="/" />
AndroidManifest.xml from an Android application
.apk), decodes it and scans it for such permission flaws. As an
output, it will display the set path and whether or not it could be vulnerable.
Below is the usage:
Options: -h, --help show this help message and exit -o OUTPUTDIR, --output-dir=OUTPUTDIR Output directory to use. This path will be used to download the apk files to your machine -a APKS, --apk=APKS Path (on Android device) of APK(s) to scan. Example: /system/app/Gmail.apk. If the value of this switch is set to scan_all, the script will automatically scan all apks in /system/app and /system/sd/app folder -l LOCALFILES, --local=LOCALFILES Path (on the local machine) to APK(s). -A APKPATHS, --apkpath=APKPATHS Path (on Android device) to search for APK(s) to scan. Example: /system/app
As input, it accepts an APK file path or a folder name on your Android device.
If you have APK files on your local machine, you can use
-l switch. The
switch lets you specify the directory where the APK files will be downloaded to
and saved from you android device. If this switch is not specified, the files
are saved in the current directory. This tool is in early stages of
development. You are more than welcome to modify/enhance it.
- Python 2.6
- Android SDK should be installed
- Path environment variables should be set for Android SDK tools (e.g. on
- Rooted Android device with
findcommand (via Busybox)
- USB debugging enabled
If APKs are on your device, then it should be connected to your machine via USB cable.