Magic-Mirror/Apktool
1
0
Fork 0
mirror of https://github.com/iBotPeaches/Apktool.git synced 2024-11-23 04:30:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
A tool for reverse engineering Android apk files
1,913 Commits 6 Branches 46 Tags 352 MiB
Java 98.6%
Shell 0.7%
Smali 0.5%
Batchfile 0.2%
2.7.x
Go to file
Connor Tumbleson 087f89ebc0
Prevent arbitrary file writes with malicious resource names. (#3484) 
* refactor: rename sanitize function

* fix: expose getDir

* fix: safe handling of untrusted resource names

 - fixes: GHSA-2hqv-2xv4-5h5w

* test: sample file for GHSA-2hqv-2xv4-5h5w

* refactor: avoid detection of absolute files for resource check

* chore: enable info mode on gradle

* test: skip test on windows

* chore: debug windows handling

* fix: normalize entry with file separators

* fix: normalize filepath after cleansing

* chore: Android paths are not OS specific

* refactor: use java.nio for path traversal checking

* chore: align path separator on Windows for Zip files

* chore: rework towards basic directory traversal

* chore: remove '--info' on build.yml
2024-01-10 13:14:57 -05:00
.github build: support jdk17 (#2952) 2022-11-24 07:10:30 -05:00
brut.apktool Prevent arbitrary file writes with malicious resource names. (#3484) 2024-01-10 13:14:57 -05:00
brut.j.common build: include bleeding edge smali from source via jitpack (#2941) 2022-11-24 06:15:41 -05:00
brut.j.dir build: include bleeding edge smali from source via jitpack (#2941) 2022-11-24 06:15:41 -05:00
brut.j.util Prevent arbitrary file writes with malicious resource names. (#3484) 2024-01-10 13:14:57 -05:00
gradle Update dependencies (#2715) 2021-12-18 17:31:04 -05:00
scripts Revert "Update apktool.bat (#2930)" (#2931) 2022-11-12 11:35:40 -05:00
.editorconfig Add .editorconfig rules 2021-08-27 01:20:06 +08:00
.gitattributes fix: treat aapt binaries as binary 2021-08-28 14:34:13 -04:00
.gitignore build: ignore gradle.properties 2021-03-07 15:03:11 -05:00
.jitpack.yml feat: commit broken jitpack file to stop that service 2020-11-28 18:07:25 -05:00
build.gradle build: version bump (2.7.0) 2022-11-24 07:16:52 -05:00
CONTRIBUTORS.md Update docs & licenses to use https 2021-08-26 07:40:32 -04:00
gradlew Update github actions & Update gradle (#2628) 2021-08-24 07:59:22 -04:00
gradlew.bat Update github actions & Update gradle (#2628) 2021-08-24 07:59:22 -04:00
INTERNAL.md Binaries: aapt/aapt2 updates (July 5, 2022) (#2846) 2022-07-10 07:21:24 -04:00
LICENSE.md refactor: change license to markdown iteration (still apache2.0) 2021-09-01 07:33:02 -04:00
README.md docs: fix broken workflow CI image badge 2021-08-26 07:55:42 -04:00
ROADMAP.md docs: add note about dummy resources to roadmap 2022-09-20 07:24:55 -04:00
SECURITY.md build: add SECURITY.md 2019-07-14 08:09:21 -04:00
settings.gradle Removes SmaliDebugging 2016-02-27 20:20:53 -05:00

README.md

Apktool

This is the repository for Apktool. If you are looking for the Apktool website. Click here.

Join the chat at https://gitter.im/iBotPeaches/Apktool CI Software License

It is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also it makes working with app easier because of project-like files structure and automation of some repetitive tasks like building apk, etc.

It is NOT intended for piracy and other non-legal uses. It could be used for localizing, adding some features or support for custom platforms and other GOOD purposes. Just try to be fair with authors of an app, that you use and probably like.

Support

Sponsored by

  • Sourcetoad - helping with a weekly sponsorship for continued improvement and maintenance of the project.

IDE of Choice

Security Vulnerabilities

If you discover a security vulnerability within Apktool, please send an e-mail to Connor Tumbleson at connor.tumbleson(at)gmail.com. All security vulnerabilities will be promptly addressed.

Links