Primer paso de la investigacion. Se aportan el .apk, las carpetas con el apk extraido y el apk descompilado. El archivo API_DOCUMENTATION.md es un archivo donde se anotaran los descubrimientos del funcionamiento de la API, y los .py son scripts para probar la funcionalidad de la API con los métodos que vayamos encontrando. Finalmente, los archivos .js son scripts de Frida para extraer informacion de la APP durante la ejecucion.
This commit is contained in:
@@ -0,0 +1,78 @@
|
||||
package com.google.android.gms.common;
|
||||
|
||||
import android.content.Context;
|
||||
import android.util.Log;
|
||||
import com.google.android.gms.common.annotation.KeepForSdk;
|
||||
import com.google.android.gms.common.internal.Preconditions;
|
||||
import com.google.android.gms.common.internal.ShowFirstParty;
|
||||
import com.google.errorprone.annotations.RestrictedInheritance;
|
||||
|
||||
@ShowFirstParty
|
||||
@KeepForSdk
|
||||
@RestrictedInheritance(allowedOnPath = ".*javatests.*/com/google/android/gms/common/.*", explanation = "Sub classing of GMS Core's APIs are restricted to testing fakes.", link = "go/gmscore-restrictedinheritance")
|
||||
/* loaded from: classes3.dex */
|
||||
public class PackageSignatureVerifier {
|
||||
private static zzad zza;
|
||||
private volatile zzac zzb;
|
||||
|
||||
private static zzad zza() {
|
||||
zzad zzadVar;
|
||||
synchronized (zzad.class) {
|
||||
try {
|
||||
if (zza == null) {
|
||||
zza = new zzad();
|
||||
}
|
||||
zzadVar = zza;
|
||||
} catch (Throwable th) {
|
||||
throw th;
|
||||
}
|
||||
}
|
||||
return zzadVar;
|
||||
}
|
||||
|
||||
@ShowFirstParty
|
||||
@KeepForSdk
|
||||
public PackageVerificationResult queryPackageSignatureVerified(Context context, String str) {
|
||||
PackageVerificationResult packageVerificationResult;
|
||||
String str2;
|
||||
PackageVerificationResult packageVerificationResult2;
|
||||
boolean honorsDebugCertificates = GooglePlayServicesUtilLight.honorsDebugCertificates(context);
|
||||
zza();
|
||||
if (!zzn.zzf()) {
|
||||
throw new zzae();
|
||||
}
|
||||
String concat = String.valueOf(str).concat(true != honorsDebugCertificates ? "-0" : "-1");
|
||||
if (this.zzb != null) {
|
||||
str2 = this.zzb.zza;
|
||||
if (str2.equals(concat)) {
|
||||
packageVerificationResult2 = this.zzb.zzb;
|
||||
return packageVerificationResult2;
|
||||
}
|
||||
}
|
||||
zza();
|
||||
zzx zzc = zzn.zzc(str, honorsDebugCertificates, false, false);
|
||||
if (!zzc.zza) {
|
||||
Preconditions.checkNotNull(zzc.zzb);
|
||||
return PackageVerificationResult.zza(str, zzc.zzb, zzc.zzc);
|
||||
}
|
||||
this.zzb = new zzac(concat, PackageVerificationResult.zzd(str, zzc.zzd));
|
||||
packageVerificationResult = this.zzb.zzb;
|
||||
return packageVerificationResult;
|
||||
}
|
||||
|
||||
@ShowFirstParty
|
||||
@KeepForSdk
|
||||
public PackageVerificationResult queryPackageSignatureVerifiedWithRetry(Context context, String str) {
|
||||
try {
|
||||
PackageVerificationResult queryPackageSignatureVerified = queryPackageSignatureVerified(context, str);
|
||||
queryPackageSignatureVerified.zzb();
|
||||
return queryPackageSignatureVerified;
|
||||
} catch (SecurityException e4) {
|
||||
PackageVerificationResult queryPackageSignatureVerified2 = queryPackageSignatureVerified(context, str);
|
||||
if (queryPackageSignatureVerified2.zzc()) {
|
||||
Log.e("PkgSignatureVerifier", "Got flaky result during package signature verification", e4);
|
||||
}
|
||||
return queryPackageSignatureVerified2;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user