You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Apps are slowly beginning to use the Android KeyStore to encrypt database entries or the entire database itself, making it impossible to extract information without interfacing with the Android KeyStore. Thankfully we don't really care about the encryption keys themselves and just want to ask the KeyStore to decrypt data, which is just what the KeyStore is for.
Using some of the setup code from scrcpy's Android server, I've written a small Java tool that can be pushed to the device and run as an app's user to provide an interactive KeyStore interface for the Python code.
Checklist:
Successfully interact with the Android KeyStore as an app user via su.
Interact with the Android KeyStore without having to call setenforce 0.
The current ADB wrapper is a little fragile due to the various quirks exhibited by old ADB servers and BusyBox versions (or lack of thereof) installed on old devices. The major issue right now is the inability to interactively send and receive commands during a shell session and instead being forced to run commands one-by-one via adb shell. This is more a performance optimization than anything else but it taking a minute to read and decrypt a few files is annoying.
One possible solution to both problems is to integrate file reading and related commands into the KeyStore proxy, which would remove the BusyBox dependency. This would require the KeyStore proxy to have the ability to execute commands as other users (including itself).
The text was updated successfully, but these errors were encountered:
Apps are slowly beginning to use the Android KeyStore to encrypt database entries or the entire database itself, making it impossible to extract information without interfacing with the Android KeyStore. Thankfully we don't really care about the encryption keys themselves and just want to ask the KeyStore to decrypt data, which is just what the KeyStore is for.
Using some of the setup code from scrcpy's Android server, I've written a small Java tool that can be pushed to the device and run as an app's user to provide an interactive KeyStore interface for the Python code.
Checklist:
su.setenforce 0.adb shell. This is more a performance optimization than anything else but it taking a minute to read and decrypt a few files is annoying.The text was updated successfully, but these errors were encountered: