Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to set Corporate proxy settings due to jarsigner [Feature Request] #75

Open
Simon-Davies opened this issue Apr 30, 2018 · 2 comments
Open

Ability to set Corporate proxy settings due to jarsigner [Feature Request] #75

Simon-Davies opened this issue Apr 30, 2018 · 2 comments
Labels
✨enhancement

Comments

@Simon-Davies
Copy link

Corporate proxy settings can be set with the below bash script:

#!/bin/bash
export REQUESTS_CA_BUNDLE=/home/$USER/cacert.pem
export http_proxy=http://...:8080
export https_proxy=https://...:8080
echo "Shell setup for Corporate Proxy"

The problem is jarsigner does not use these environment variables. See below:

Signing the new APK may have failed.
jarsigner: unable to sign jar: no response from the Timestamping Authority. When connecting from behind a firewall an HTTP or HTTPS proxy may need to be specified. Supply the following options to jarsigner:
  -J-Dhttp.proxyHost=<hostname>
  -J-Dhttp.proxyPort=<portnumber>
or
  -J-Dhttps.proxyHost=<hostname> 
  -J-Dhttps.proxyPort=<portnumber> 


Signed the new APK

-J-Dhttps.proxyHost=..*. -J-Dhttps.proxyPort=8080 can't be passed to Objection as an option and as far as I can see from reading online there is not a config file where these settings can be added to for jarsigner.
@Simon-Davies Simon-Davies changed the title Ability to set Corporate proxy settings [Feature Request] Ability to set Corporate proxy settings due to jarsigner [Feature Request] Apr 30, 2018
@Simon-Davies
Copy link
Author

Simon-Davies commented Apr 30, 2018
edited

For now I modified the android.py source in the packers folder to remove the time stamping switch. I tried adding the proxy switches in but couldn't get it working.

@Blueeyes3
Copy link

@Simon-Davies

I was facing the same issue. The below changes to android.py resolved it.

click.secho('Signing new APK.', dim=True)

    o = delegator.run(list2cmdline([
        self.required_commands['jarsigner']['location'],
        '-sigalg',
        'SHA1withRSA',
        '-digestalg',
        'SHA1',
        **'-J-Dhttp.proxyHost=<proxy address>', - new line added to android.py
        '-J-Dhttp.proxyPort=<proxy port>', - new line added to android.py**
        '-tsa',
        'http://timestamp.digicert.com',
        '-storepass',
        'basil-joule-bug',
        '-keystore',
        self.keystore,
        self.apk_temp_frida_patched,
        'objection'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
✨enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Simon-Davies @leonjza @Blueeyes3