Skip to content

How does msfvenom know which Smali file in an APK to target, in order to inject it's hook? #16260

Answered by timwr
Morsmalleo asked this question in Q&A
Discussion options

You must be logged in to vote

I think it chooses any class that extends Application first, and if that fails it uses a suitable Activity (one with the LAUNCHER/MAIN intent).
The code is here: https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/core/payload/apk.rb#L37

This seems to work for most apks, but there are always exceptions.

You could also look at how https://github.com/sensepost/objection injects the frida gadget.

Replies: 1 comment 1 reply

Comment options

You must be logged in to vote
1 reply
@Morsmalleo
Comment options

Answer selected by Morsmalleo
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants