ANS INJECT

Image by Darwin Laganzon from Pixabay

Android Network Security Config Injector

This tool is simply an easier way to use some collection of other tools which can inject a network security config into an Android APK. Mainly it's sole pupose is making it easier to use the tools in the requirements list below with one line of command.

This is useful when you want to test an app that uses HTTPS but you don't have a valid certificate. This tool will allow you to bypass the certificate check.

Disclaimer

This tool is provided as is. I am not responsible for any damage caused by this tool. Use it at your own risk.

Requirements

• adb (Part of the Android SDK)
• zipalign (Part of the Android SDK)
• jarsigner (Part of the JDK)
• keytool (Part of the JDK)
• apktool (Need to be installed manually)

Installation

pip install ansinject

Usage

ansinject --help

ansinject inject [input_apk] [output_apk] --temp-dir [temp_dir]

Basicly the script will do the following:

1. Extract the APK
2. Copy the following network security config onto /res/xml/network_security_config.xml

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <base-config cleartextTrafficPermitted="true">
        <trust-anchors>
            <certificates src="system" />
            <certificates src="user" />
        </trust-anchors>
    </base-config>
</network-security-config>

3. Rebuild the APK
4. Generate a keystore in order to sign the APK
5. Sign the APK
6. Align the output

License

This project is licensed under the MIT License - see the LICENSE file for details

Acknowledgements

• stackoverflow - Capturing mobile phone traffic on wireshark
• gist - unoexperto - How to patch Android app to sniff its HTTPS traffic with self-signed certificate
• exandroid - Capture all android network traffic