62 matches found
Apktool Security Vulnerability
Apktool is a tool to reverse engineer Android APK files. A security vulnerability exists in Apktool versions prior to 2.9.3. An attacker can exploit the vulnerability to read arbitrary files on the server...
PT-2024-20414 · Apktool · Apktool
Name of the Vulnerable Software and Affected Versions: Aprktool versions prior to 2.9.3 Description: The issue allows ../ and /.. directory traversal. This means an attacker could potentially access files or directories outside the intended directory structure by manipulating the path using ../ o...
The vulnerability of the APK-reverse engineering tool Apktool in Android systems arises from incorrect path name restrictions for restricted directories. This allows attackers to write or overwrite arbitrary data.
The vulnerability of the APK-reverse engineering tool Apktool relates to an incorrect path name limitation for the restricted access directory. Exploiting this vulnerability could allow a perpetrator to write or overwrite arbitrary data...
Path Traversal
apktool is vulnerable to Path Traversal. The vulnerability is due to Apktool determines the output paths of resource files based on their names. Malicious actors can exploit this by manipulating these names to place files in specific locations on the system where Apktool is executed...
Metasploit Weekly Wrap-Up 01/12/24
New module content 1 Windows Gather Mikrotik Winbox "Keep Password" Credentials Extractor Author: Pasquale 'sid' Fiorillo Type: Post Pull request: 18604 contributed by siddolo Path: windows/gather/credentials/winboxsettings Description: This pull request introduces a new post module to extract th...
Exploit for Path Traversal in Apktool
MobSF Remote code execution via CVE-2024-21633 I have found...
DEBIAN-CVE-2024-21633
Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...
CVE-2024-21633
Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...
Design/Logic Flaw
Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...
CVE-2024-21633
Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...
UBUNTU-CVE-2024-21633
Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...
CVE-2024-21633 Arbitrary file write on Decoding
Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...
CVE-2024-21633 Arbitrary file write on Decoding
Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...
CVE-2024-21633 Arbitrary file write on Decoding
Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...
CVE-2024-21633
Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...
CVE-2024-21633
CVE-2024-21633 affects Apktool
PT-2024-1051 · Apktool +1 · Apktool +1
Name of the Vulnerable Software and Affected Versions: Apktool versions 2.9.1 and prior Description: The issue is related to incorrect restriction of the directory path name with limited access. An attacker can exploit this to write or overwrite arbitrary data. Apktool infers resource files' outp...
Apktool Path Traversal Vulnerability
Apktool is a tool for reverse engineering Android APK files. A path traversal vulnerability exists in Apktool 2.9.1 and earlier versions, which stems from the fact that Apktool can infer the output path of a resource file based on the name of the resource, which can be exploited by an attacker to...
Apk.Sh - Makes Reverse Engineering Android Apps Easier, Automating Some Repetitive Tasks Like Pulling, Decoding, Rebuilding And Patching An APK
apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK. Features apk.sh basically uses apktool to disassemble, decode and rebuild resources and some bash to automate the frida gadget...
NinjaDroid - Ninja Reverse Engineering On Android APK Packages
NinjaDroid is a simple tool to reverse engineering Android APK packages. Published at: https://snapcraft.io/ninjadroid $ snap install ninjadroid --channel=beta Overview NinjaDroid uses AXMLParser together with a series of Python scripts based on aapt, keytool, string and such to extract a series ...