Hi. I own a Uniwa A19S phone which runs Android 6. I just found out it came out of the factory with an infected SystemUI.apk file (a trojan is injected into the file).
Since the trojan can NOT be removed I badly need a clean copy of this file.
The version I'm looking for is: 6.0-1602570800 code 23 (about 5 Mb in size, other versions won't work). I searched around the net with no luck so far, therefore any help is greatly appreciated.
Thank you
Mike
1) how do you know it's infected?
2) why do you think there exist clean version of it?
Thanks alecxs for taking the time to reply.
My Eset antivirus detected this malware. I sent the file for further inspection to the ESET Malware Response Team which promptly replied with this:
Detection is correct. This malware is serving advertisements.
It has ability to download another applications and install them directly into the phone
In fact I found other applications and my phone was even hijacked and 6 calls were made to Tunisia and Morocco (but the phone company reimbursed me).
Luckily I was able to remove SystemUI.apk from the phone but as a result the phone is now crippled although functional. I was hoping to find someone with the same version of my systmeUI.apk file to restore the full functionality. Because, as you may imagine, a factory reset restores the trojan.
Mike
wallace108 said:
Hi. I own a Uniwa A19S phone which runs Android 6. I just found out it came out of the factory with an infected SystemUI.apk file (a trojan is injected into the file).
Since the trojan can NOT be removed I badly need a clean copy of this file.
The version I'm looking for is: 6.0-1602570800 code 23 (about 5 Mb in size, other versions won't work). I searched around the net with no luck so far, therefore any help is greatly appreciated.
Thank you
Mike
Click to expand...
Click to collapse
Use APKtool to unsign and decompile the apk then remove the trojan from the apk then recompile and re-sign the apk. Then replace the infected apk with your modified apk then reboot the device.
Droidriven said:
Use APKtool to unsign and decompile the apk then remove the trojan from the apk then recompile and re-sign the apk. Then replace the infected apk with your modified apk then reboot the device.
Click to expand...
Click to collapse
Thanks Droidriven for the instructions. I've never decompiled an apk file, this is new territory for me. But I'll look into it and will do my best.
Cheers
Mike
So I installed APKtool, and managed to decompile the apk. However, since I'm no expert here, I really don't know how to go about locating the viral payload and properly remove it without affecting the legitimate code during the process .... hmmmm ... I'm winging it here ....
wallace108 said:
So I installed APKtool, and managed to decompile the apk. However, since I'm no expert here, I really don't know how to go about locating the viral payload and properly remove it without affecting the legitimate code during the process .... hmmmm ... I'm winging it here ....
Click to expand...
Click to collapse
check the META-INF for permissions and apk data
Please bear with me because I'm confused. I really don't know what to look for.
Related
Hi All,
I'm still looking for a way to either decrypt or extract an apk from an SEUS signed/encrypted firmware.
I've tried the Sin_Reconstructor and I've tried replacing the JAR file in plugins with the one provided, but this still seems to simply download the same encrypted files it always has.
I tried to use the other plugin that was supposed to do a dump such as dump0.zip and dump1.zip however this didn't work either.
I'm using SEUS and not Pc Companion to try and get this all done.
Is there a guide anywhere out there on the net for decrypting seus firmwares. I've tried and tried and just can't seem to work out how its done.
I want to learn as much as possible, and once I've done the learning I'd love to give back everything I learn, but without understanding the basics it just feels I'm dead in the water.
Any help from anyone would be greatly apreciated.
Just out of curiousity why do you want to extract it from a signed firmware? From what I gather the decrypted roms are no different just without branding. As well I think actually decrypting rom's is for people with some solid experience in the field. If you want to get your feet wet with extracting and modifying apk's go here http://forum.xda-developers.com/showthread.php?t=714288 . I am completely new to programming as well and this is what I have learned so far. Good luck and learning android is a blast!
BTW the link only really covers visual mods. For learning android coding this is a great place to start: http://developer.android.com/index.html
the Android's SDK not contain an Android device emulator ?
If yes, you can mount the Fw on this VM and extract the APK to an sdcard emulated (HD) ...
The System's APK is in /system/app
paid APK : /data/app
Thol said:
the Android's SDK not contain an Android device emulator ?
If yes, you can mount the Fw on this VM and extract the APK to an sdcard emulated (HD) ...
The System's APK is in /system/app
paid APK : /data/app
Click to expand...
Click to collapse
So you can mount SEUS encrypted firmware on the VM now? When did that start?
Hello everyone. Although n00bs aren't allowed here, I do want to ask you a question that might be very n00bish. And maybe a little inappropriate. Or asked in the wrong section of this forum.
But here it goes: I want to try and edit a savegame for a game on my HTC Hero (baseball superstar 2010). So, first I tried to locate where all the files for this game could be installed on my phone. I did not succeed.
But with help from this forum, I found out that I might find the files by using Astro File Manager. I can use this app to click on the .apk from the game, that I have on my sdcard, and then choose the option 'browse file'. There, I find a lot of files! So, the first problem is solved.
The second problem is, that I cannot edit any of the files I then find. And I cannot find a file that has the datestamp of today, or yesterday, when I last played the game. Shouldn't there be a very recent file with the saved game data in it somewhere?
For me, it would be a lot easier if I could browse the apk on my desktop with a simple explorer. But if I hook up my sd-card to my pc, I cannot open the .apk. How can I accomplish this?
I hope I gave a decent description of my problems, and hopefully anyone can help me with A) finding out which file to edit B) how to open or edit this file and C) what to edit!
Thank you all in advance for your time and patience.
Use 7zip to open/extract the .apk file. You can use winrar too, but I like 7zip better. I'll try to find a link in a minute, or you can always google it if I don't post back quick enough for you.
Your questions are reeallly noobish ;-P
Apk files store libraries and other static files of your applications - there you could find images, texts, code, etc., but not runtime data like savegames. Look into /data/{package-name}/ - you could find package name in many places, I think it's in Settings -> Manage applications, but I'm not sure.
Very noobish yes
I have done something in the meanwhile, and that is: buy the real deal from the market. I no longer seem to have the .apk, but that should be no problem. Now the real game is officially installed onto my phone.
But ... where? I have tried looking in /data with my file managers, but they say that the folder is empty! So... where are my apps installed then? They must be on my phone somewhere. Do I have to root my phone in order to see anything in the /data/folder?
dekraan said:
Do I have to root my phone in order to see anything in the /data/folder?
Click to expand...
Click to collapse
I'm not sure, but I think so. This directory is read-protected, so apps can't steal data of other apps. And I've mistaken: it's /data/app/{package-name}.
Hmmm. Do you know a good way to do that? I have a HTC Hero with the 2.1-update1 firmware (so my phone tells me!).
dekraan said:
Do I have to root my phone in order to see anything in the /data/folder?
Click to expand...
Click to collapse
I think I'm correct in saying yes. I use RootExplorer and can see my apks in data/app, but if I use AndExplorer I can't.
XperiaX10iUser said:
I think I'm correct in saying yes. I use RootExplorer and can see my apks in data/app, but if I use AndExplorer I can't.
Click to expand...
Click to collapse
Hi There,
I've opened another thread to stop the clutter, but: I have installed Root Explorer and used (I thought) Universal Androot to root my mobile phone. It did install Superuser, but when I open Root Explorer, I don't get a prompt to put it on the superuser list... so nothing seems to work. Do you know what I should do, and how I can do that?
dekraan said:
Hi There,
I've opened another thread to stop the clutter
Click to expand...
Click to collapse
But thought you'd clutter the forum instead.
dekraan said:
but: I have installed Root Explorer and used (I thought) Universal Androot to root my mobile phone.
Click to expand...
Click to collapse
You might be best searching your phones forum for a solution unless someone can offer you help here.
Iirc, savedata and settings would be in /data/data/com.gamevil.bs2010/
probably in a folder named "files".
start by looking in there.
other apps would be in /data/data/[packagename]
Hey everyone!
On the rom I currently use there are about 20 apk's I have no need for. What I do is download the rom, and individually delete the apk's before flashing the rom. The thing is I flash quite often (cheeky, I know ) and this is getting quite frustrating.
Ideally I want a script that does this all for me. I found one but it seems be for running on the phone, after the apk's have been installed. Does anyone know how I can create a script for the PC that does this before I even install the rom?
Thank you for any suggestions.
Oh and here's the thread I found that looked relevant...
http://forum.xda-developers.com/showthread.php?t=674357
edcoppen said:
Hey everyone!
On the rom I currently use there are about 20 apk's I have no need for. What I do is download the rom, and individually delete the apk's before flashing the rom. The thing is I flash quite often (cheeky, I know ) and this is getting quite frustrating.
Ideally I want a script that does this all for me. I found one but it seems be for running on the phone, after the apk's have been installed. Does anyone know how I can create a script for the PC that does this before I even install the rom?
Thank you for any suggestions.
Oh and here's the thread I found that looked relevant...
http://forum.xda-developers.com/showthread.php?t=674357
Click to expand...
Click to collapse
Over what OS?
If in Windows (or any M$ OS, incl. DOS) you can make a batch file.
My file is adjunted as example (modify as you like, put in the root dir -obviously to the unzipped ROM- and run. Rezip and maybe re-sign)
salu2
Thank you. This is exactly the kind of thing I am after. If I had of been born just a few years earlier I would probably know all about batch scripts. Fortunately, I just missed the DOS days!
Anyway, I puzzled out / looked up the commands in the script you posted. Based on that I extracted the rom, then placed the batch file within it, so that the cd (current directory) command runs correctly.
Unfortunately this mucks up the signing on the rom. Do you re-sign your CM7 roms every time you do this or is there an easier way?
Edit: My PC is Win 7, 64bit, soon to be Win 8 Consumer Preview.
Edit: The roms do not need resigning.
I don't re-sign the ROM, simply flash again over Clockworkmod Recovery.. and work.
But, you can:
1) sign using Auto-Sign....
2) Click [Thanks]...
Salu2
__________________________________________________________________
I know, I know.... my english is ****ty... but my spanish is much better... ;-)
Big thank you. That's solved that one nicely for me!
You're welcome.
Updated zip in my first Post.
Salu2
Hey again. I was hoping to build on the script you kindly provided. At the moment I am using various alpha roms where the exact apk's present changes fairly often. It would be great if I could see the outcome of each action. This way I would know if the apk has had it's name changed or been removed. How would I enable this?
Hi, I am trying to get the source code of the ToggleWidgets.apk that cames with my Motorola Defy+. I already read many things (since I am new user, I am not able to post outside links) but I was not succesful on doing it. What I did so far:
Copied the frame moto-res.apk, framework-res.apk, and blur-res.apk from my Rom.
Installed it on the apktool, apktool if ...
Runned apktool d ToggleWidgets.apk and it was correctly extracted into the dir ToggleWidgets
Now I was expecting to find a classes.dex file. But there is not, and I got stuck. If someone knows what should I do, or a link with things to clarify, I would be thankful.
I just renamed one of my apps with .zip and opened it, and the classes.dex file was in there. not sure if that helps or not.
@ronaldguilmet: It was the very first thing I tried. Interesting that in my case the file present. Thanks!
I guess the class files generated with the Android SDK uses obfuscation through Proguard. I think you cannot disassemble it.
PS: If you approved the previous answer please click on thanks.
thgramos said:
I guess the class files generated with the Android SDK uses obfuscation through Proguard. I think you cannot disassemble it.
PS: If you approved the previous answer please click on thanks.
Click to expand...
Click to collapse
I do not know why ToggleWidgets.apk does not include classes.dex file. But when I tried different applications, I could get the source code using dex2jar, and then jdgui.
eduardomucelli said:
I do not know why ToggleWidgets.apk does not include classes.dex file. But when I tried different applications, I could get the source code using dex2jar, and then jdgui.
Click to expand...
Click to collapse
did you manage to deodex it? if so, can you tell me how? I've tried differents methods with no success. My ultimate goal is to be able to use the Toggle Widgets in a custom ROM like CM9, I don't even know if this is possible without using the motoblur launcher. Could it be that you are trying to do the same thing? it's just that I like those widgets so much and I would like to keep them in a different ROM.
Hi i have read a few posts about editing apk files but most are only about editing the image files. i need to edit the classes.dex file inside the apk i have done this but when i try and install the apk it doesnt work is this possible to do? thanks
this is not to do anything illegal it is simply to make an android app i use equal to the iphone equivalent (there are less servers for the android app) so i basically want to change the url from the apk to the iphone url)
Cheers
morgs640 said:
Hi i have read a few posts about editing apk files but most are only about editing the image files. i need to edit the classes.dex file inside the apk i have done this but when i try and install the apk it doesnt work is this possible to do? thanks
this is not to do anything illegal it is simply to make an android app i use equal to the iphone equivalent (there are less servers for the android app) so i basically want to change the url from the apk to the iphone url)
Cheers
Click to expand...
Click to collapse
Tried signing the file after modding it?
Sent from my GT-S5360 using xda premium
Hi thanks for your reply, yes i have and it still doesnt work unfortunately
Use apktool to extract the APK, you'll get .smali files instead of classes.dex (this is the decompiled version). Edit these files appropriately, then repack the APK with apktool and sign it. Should work.
Does apktool require command line? if so it is too complicated for me
Yes, it does. If command line is too difficult, it's probably unlikely you'll be able to get this working I'm afraid. You could try this: http://forum.xda-developers.com/showthread.php?t=1619473
It's an IDE for editing APKs, might help. But honestly, the command line part is the easy bit
Just never had any luck with any command line stuff for android never works for me and i hate all the extra crap you have to install to use it. Thanks anyway ill see how i go.
morgs640 said:
Just never had any luck with any command line stuff for android never works for me and i hate all the extra crap you have to install to use it. Thanks anyway ill see how i go.
Click to expand...
Click to collapse
If you wanna do basic stuff wid apktool then its a reaaly easy tool.. The commands are really very small!
Apktool d xxxx.apk for decompile
Apktool b xxxx for compiling n ur done!
Even the complex ones arent difficult! Only the installing of apktool takes time and its the hardest thing in the whole procedure
Sent from my GT-S5360 using XDA
in theory apktool is faily simple. but if you compile for android 4.0 better prepare yourself for huge headaches and a couple of white hairs as this thing wont work. i know two solutions, one consists of a really stupid juggling with two versions, one old which you can barely find, and one new, decompile with the old one, compile with the new one. some guy made a mod though and it finally ends the trouble, but i haven't seen it officially pronounced, which made it so damn hard to find it, hidden in some internet forums. another problem was that aapt needs to be present in the same directory, error codes will just spew out a bunch of gibbersish and you will never know whats wrong so all thats left is trying. but once you got it working it is as easy as pie.
molesarecoming said:
some guy made a mod though and it finally ends the trouble, but i haven't seen it officially pronounced, which made it so damn hard to find it, hidden in some internet forums. but once you got it working it is as easy as pie.
Click to expand...
Click to collapse
You mean this: http://forum.xda-developers.com/showthread.php?t=1551236 ? (It was about two threads below this one at the time I posted this )
nice! i made myself little batch files for this. i just go "apkd skype" to decompile skype.apk and apkb skype for building it, zipping it, signing it. didnt even know theres a guy out there now.
SifJar said:
Yes, it does. If command line is too difficult, it's probably unlikely you'll be able to get this working I'm afraid. You could try this: http://forum.xda-developers.com/showthread.php?t=1619473
It's an IDE for editing APKs, might help. But honestly, the command line part is the easy bit
Click to expand...
Click to collapse
This program worked perfectly thank you so much