1.2 Check certificate

openssl pkcs7 -inform DER -in META-INF/*.RSA -noout -print_certs -text

or (optional)

jarsigner -verify -verbose -certs app_name.apk

  • jarsigner --> huge output (each file gets validated)

  • cert location:

    • unzip.apk --> META-INF/*.RSA

    • jadx app_name.apk --> resources/META-INF/*.RSA

  • custom CAs may be definded: res/xml/network_security_config.xml (or similar name)

    • also cert-pinning info available there (i.e expiration)

THINGS TO REPORT

  • CN=Android Debug (=debug cert -> public known private key)

  • Cert is already expired

  • The CA that issued the server certificate was unknown

  • Cert was self signed

  • The server configuration is missing an intermediate CA

  • No cert-pinning (public key pinning) enabled (if you are able to route traffic through a proxy)

  • cleartext Traffic is allowed (until Android 8.1):

    • <base-config cleartextTrafficPermitted="true">

    • <domain-config cleartextTrafficPermitted="true">

MORE DETAILS

Previous1.1 Decompile APKNext1.3 Analyze AndroidManifest.xml

Last updated