Comments (10)
ClaudiuGeorgiu
commented on May 28, 2024
1
Hi @esauvisky, there is no particular reason for having an hardcoded keystore (maybe just to keep the configuration minimal for who is using the tool). We hardcoded it when we started the development since the keystore parameters were always the same, but actually it's a good idea to make this configurable via CLI: I think we should add --keystore-file, --keystore-password and --key-alias optional parameters (and fallback to the default keystore if none of these parameters are provided).
from obfuscapk.
ClaudiuGeorgiu
commented on May 28, 2024
Have you used the correct password and key alias? Currently this information is hard-coded in the following code, so if you change the keystore you have to also change the password and the key alias.
Obfuscapk/src/obfuscapk/obfuscation.py
Lines 507 to 514 in 6dcb246
from obfuscapk.
skreenr
commented on May 28, 2024
Looks like it needs a way to pass a new password;
How can I do that?
from obfuscapk.
skreenr
commented on May 28, 2024
I see the part you refer to;
so Which one is the passwd and the alias?
os.path.dirname(file), "resources", "obfuscation_keystore.jks"
),
"obfuscation_password",
"obfuscation_key",
from obfuscapk.
skreenr
commented on May 28, 2024
Looking at this https://docs.oracle.com/javase/tutorial/deployment/jar/signing.html
and this
https://docs.oracle.com/javase/7/docs/technotes/tools/windows/jarsigner.html#CCHFIDAB
I am having trouble reconciling with your syntax:
their examples only have Alias parameter after the .apk file; yours obviously differs
Please explain.
from obfuscapk.
ClaudiuGeorgiu
commented on May 28, 2024
Here is the final code that is executed to sign the application (the above code is only a helper method):
Obfuscapk/src/obfuscapk/tool.py
Lines 207 to 221 in 6dcb246
from obfuscapk.
skreenr
commented on May 28, 2024
Seems to be working now, thanks!
from obfuscapk.
esauvisky
commented on May 28, 2024
Sorry for bumping a closed issue, but is there any particular reason for the signing to be hardcoded? For me it'd make more sense if you could specify your own keystore, pass and alias from the CLI for example 🤔
from obfuscapk.
skreenr
commented on May 28, 2024
Second that
On Sunday, May 17, 2020, 7:47:54 AM UTC, Gabriel Claudiu Georgiu <[email protected]> wrote:
Hi @esauvisky, there is no particular reason for having an hardcoded keystore (maybe just to keep the configuration minimal for who is using the tool). We hardcoded it when we started the development since the keystore parameters were always the same, but actually it's a good idea to make this configurable via CLI: I think we should add --keystore-file, --keystore-password and --key-alias optional parameters (and fallback to the default keystore if none of these parameters are provided).
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub, or unsubscribe.
from obfuscapk.
ClaudiuGeorgiu
commented on May 28, 2024
I think we should add
--keystore-file,--keystore-passwordand--key-aliasoptional parameters (and fallback to the default keystore if none of these parameters are provided).
Implemented with latest commit 7860fc1.
from obfuscapk.
Related Issues (20)
- Error obfuscapk BundleDecompiler HOT 12
- apktool error during rebuilding HOT 7
- unknown shorthand flag HOT 7
- About metasploit HOT 2
- apktool errror HOT 1
- About enc key HOT 1
- Whether About is Bundle Support aab? HOT 5
- obfuscate .JSON file HOT 5
- Failure with Rebuild obfuscator using *.aab file HOT 9
- this docker image can not support mac m1.
- 'docker run -v "/root/":"/workdir" obfuscapk -w /workdir/obfuscation_dir/ -o' can not run.
- class_rename incorrectly replaced the command
- path error HOT 2
- Encrypting strings in a java class or in the resources files HOT 3
- APK Tool OOM HOT 1
- TypeError: stat: path should be string, bytes, os.PathLike or integer, not NoneType HOT 1
- Failed install obfuscated apk. HOT 4
- sign bundle .aab with custom key
- Obfusca apk working on kotlin? HOT 1
- Apk Obfuscation and apktoll error i think
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from obfuscapk.