Adds info about extracting apps. Fixes #1238 #1301
Conversation
| @@ -752,16 +752,49 @@ Check the [Termux Wiki](https://wiki.termux.com/wiki/Remote_Access "Termux Remot | |||
|
|
|||
| #### Obtaining and Extracting Apps | |||
|
|
|||
| -- ToDo: <https://github.com/OWASP/owasp-mstg/issues/1238> | |||
| There are several ways of extracting apk files from a device. You will need to decide which one is the easiest method depending if the app is public or private. | |||
|
|
|||
| ##### App Store | |||
There was a problem hiding this comment.
The app store, kinda feels like it is about the google play store. Maybe we call this alternative app-stores in the title?
There was a problem hiding this comment.
Changed it to 'Alternative App Stores'
| ##### Recovering the App Package from the Device | ||
|
|
||
| ###### From Rooted Devices | ||
| Obtaining app packages from the device is the recommended method as we can guarantee the app hasn't been modified. | ||
|
|
||
| ###### From Non-Rooted Devices |
There was a problem hiding this comment.
the level of depth is just too high unfortunately... Can you restructure this a bit ? After all, you are ending the story with that you do not need a rooted device.
|
|
||
| There are also apps like [APK Extractor](https://play.google.com/store/apps/details?id=com.ext.ui "APK Extractor") that do not require root and can even share the extracted apk via your prefered method. This can be useful if you don't feel like connecting the device or setting up adb over the network to transfer the file. | ||
|
|
||
| ###### From Rooted Devices |
|
|
||
| ##### App Store | ||
|
|
||
| One of the easiest option is to download the apk from websites that mirror public applications from the Google Play Store. However, keep in mind that these sites are not offical and there is no guarantee that the application hasn't been repackaged or contain malware. A few reputable websites that host apks and are not known for modifying apps and claim to MD5 checksum the apps are: |
There was a problem hiding this comment.
hasn't been repackaged or contain malware
Sounds a bit weird (though might be technically correct). How about:
hasn't been repackaged to contain malware
There was a problem hiding this comment.
Yeah, there were some cases where they repackaged the application to change the admob id so the revenue went to a different team so not exactly malware there.
| - [APKMirror](https://apkmirror.com "APKMirror") | ||
| - [APKPure](https://apkpure.com "APKPure") | ||
|
|
||
| Beware that you do not have control over these sites and you can not guarantee what they do in the future. Only use them if it's your only option left. |
| Once you have located the package name of the application, you need the full path where it is stored on the system to download it. | ||
|
|
||
| ```shell | ||
| $ adb shell pm path (package) |
There was a problem hiding this comment.
Use angle brackets for things that need to be filled in. (<package>)
| With the full path to the apk, you can now simply use `adb pull` to extract the apk. | ||
|
|
||
| ```shell | ||
| $ adb pull (apk path) |
|
|
||
| ##### Recovering the App Package from the Device | ||
| One of the easiest option is to download the apk from websites that mirror public applications from the Google Play Store. However, keep in mind that these sites are not offical and there is no guarantee that the application hasn't been repackaged or contain malware. A few reputable websites that host apks and are not known for modifying apps and claim to MD5 checksum the apps are: |
There was a problem hiding this comment.
Another question: do they offer SHA-sums? because md5sums are ... easy to collide on a phone :D
|
|
||
| ##### Recovering the App Package from the Device | ||
| One of the easiest option is to download the apk from websites that mirror public applications from the Google Play Store. However, keep in mind that these sites are not offical and there is no guarantee that the application hasn't been repackaged or contain malware. A few reputable websites that host APKs and are not known for modifying apps and even list SHA-1 and SHA-256 checksums of the apps are: |
There was a problem hiding this comment.
One of the easiest options
Added info about extracting apps and the differences between the methods.
This PR covers issue #1238.