• Stars
    star
    3,183
  • Rank 14,113 (Top 0.3 %)
  • Language
    Python
  • License
    Other
  • Created over 9 years ago
  • Updated 11 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Tool to look for several security related Android application vulnerabilities

Quick Android Review Kit

This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. The tool is also capable of creating "Proof-of-Concept" deployable APKs and/or ADB commands, capable of exploiting many of the vulnerabilities it finds. There is no need to root the test device, as this tool focuses on vulnerabilities that can be exploited under otherwise secure conditions.

Requirements

Tested on Python 2.7.13 and 3.6 Tested on OSX, Linux, and Windows

Usage

For more options please see the --help command.

APK:

~ qark --apk path/to/my.apk

Java source code files:

~ qark --java path/to/parent/java/folder
~ qark --java path/to/specific/java/file.java

Results

A report is generated in JSON and can be built into other format types, to change the report type please use the --report-type flag.

Installation

With pip (no security checks on requirements):

~ pip install --user qark  # --user is only needed if not using a virtualenv
~ qark --help

With requirements.txt (security checks on requirements):

~ git clone https://github.com/linkedin/qark
~ cd qark
~ pip install -r requirements.txt
~ pip install . --user  # --user is only needed if not using a virtualenv
~ qark --help

Exploit APK

QARK can generate a basic exploit APK for a few of the vulnerabilities that have been found.

To generate the exploit APK there are a few steps to follow. You need to have the Android SDK v21 and build-tools v21.1.2

  1. Install the android SDK, you can get it under the 'command line tools': https://developer.android.com/studio/#downloads
  2. Unzip the android SDK
  3. Go into the new directory and generate the licenses with bin/sdkmanager --licenses
  4. Make sure the generated licenses are in the android SDK directory.
  5. Install the SDK and the proper build-tools version: bin/sdkmanager --install "platforms;android-21" "sources;android-21" "build-tools;21.1.2"

Checks

QARK is an easy to use tool capable of finding common security vulnerabilities in Android applications. Unlike commercial products, it is 100% free to use. QARK features educational information allowing security reviewers to locate precise, in-depth explanations of the vulnerabilities. QARK automates the use of multiple decompilers, leveraging their combined outputs, to produce superior results, when decompiling APKs. Finally, the major advantage QARK has over traditional tools, that just point you to possible vulnerabilities, is that it can produce ADB commands, or even fully functional APKs, that turn hypothetical vulnerabilities into working "POC" exploits.

Included in the types of security vulnerabilities this tool attempts to find are:

  • Inadvertently exported components
  • Improperly protected exported components
  • Intents which are vulnerable to interception or eavesdropping
  • Improper x.509 certificate validation
  • Creation of world-readable or world-writeable files
  • Activities which may leak data
  • The use of Sticky Intents
  • Insecurely created Pending Intents
  • Sending of insecure Broadcast Intents
  • Private keys embedded in the source
  • Weak or improper cryptography use
  • Potentially exploitable WebView configurations
  • Exported Preference Activities
  • Tapjacking
  • Apps which enable backups
  • Apps which are debuggable
  • Apps supporting outdated API versions, with known vulnerabilities

Notice

Note: QARK decompiles Android applications back to raw source code. Please do not use this tool if this may be considered illegal in your juristdiction. If you are unsure, seek legal counsel.

If you run into issues on OSX, especially relating to the outbound call to the Play Store, or the downloading of the SDK, it is likely due to your Python/OpenSSL configuration and the fact that recent changes in OSX impacted Python installed via brew. Nuking your Python installation(s) and re-installing from source may fix your issues.

License

Copyright 2015 LinkedIn Corp. All rights reserved.

Copyright 2015 LinkedIn Corp. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.

You may obtain a copy of the License here. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

More Repositories

1

school-of-sre

At LinkedIn, we are using this curriculum for onboarding our entry-level talents into the SRE role.
HTML
7,821
star
2

css-blocks

High performance, maintainable stylesheets.
TypeScript
6,335
star
3

Burrow

Kafka Consumer Lag Checking
Go
3,725
star
4

databus

Source-agnostic distributed change data capture system
Java
3,636
star
5

Liger-Kernel

Efficient Triton Kernels for LLM Training
Python
3,312
star
6

dustjs

Asynchronous Javascript templating for the browser and server
JavaScript
2,911
star
7

cruise-control

Cruise-control is the first of its kind to fully automate the dynamic workload rebalance and self-healing of a Kafka cluster. It provides great value to Kafka users by simplifying the operation of Kafka clusters.
Java
2,734
star
8

rest.li

Rest.li is a REST+JSON framework for building robust, scalable service architectures using dynamic discovery and simple asynchronous APIs.
Java
2,500
star
9

kafka-monitor

Xinfra Monitor monitors the availability of Kafka clusters by producing synthetic workloads using end-to-end pipelines to obtain derived vital statistics - E2E latency, service produce/consume availability, offsets commit availability & latency, message loss rate and more.
Java
2,016
star
10

dexmaker

A utility for doing compile or runtime code generation targeting Android's Dalvik VM
Java
1,863
star
11

greykite

A flexible, intuitive and fast forecasting library
Python
1,813
star
12

ambry

Distributed object store
Java
1,740
star
13

shiv

shiv is a command line utility for building fully self contained Python zipapps as outlined in PEP 441, but with all their dependencies included.
Python
1,729
star
14

swift-style-guide

LinkedIn's Official Swift Style Guide
1,430
star
15

dr-elephant

Dr. Elephant is a job and flow-level performance monitoring and tuning tool for Apache Hadoop and Apache Spark
Java
1,353
star
16

detext

DeText: A Deep Neural Text Understanding Framework for Ranking and Classification Tasks
Python
1,263
star
17

luminol

Anomaly Detection and Correlation library
Python
1,182
star
18

parseq

Asynchronous Java made easier
Java
1,165
star
19

oncall

Oncall is a calendar tool designed for scheduling and managing on-call shifts. It can be used as source of dynamic ownership info for paging systems like http://iris.claims.
Python
1,137
star
20

test-butler

Reliable Android Testing, at your service
Java
1,046
star
21

goavro

Go
972
star
22

PalDB

An embeddable write-once key-value store written in Java
Java
937
star
23

brooklin

An extensible distributed system for reliable nearline data streaming at scale
Java
919
star
24

iris

Iris is a highly configurable and flexible service for paging and messaging.
Python
807
star
25

photon-ml

A scalable machine learning library on Apache Spark
Terra
793
star
26

URL-Detector

A Java library to detect and normalize URLs in text
Java
782
star
27

coral

Coral is a translation, analysis, and query rewrite engine for SQL and other relational languages.
Java
781
star
28

Hakawai

A powerful, extensible UITextView.
Objective-C
781
star
29

eyeglass

NPM Modules for Sass
TypeScript
741
star
30

opticss

A CSS Optimizer
TypeScript
715
star
31

LiTr

Lightweight hardware accelerated video/audio transcoder for Android.
Java
609
star
32

kafka-tools

A collection of tools for working with Apache Kafka.
Python
592
star
33

pygradle

Using Gradle to build Python projects
Java
587
star
34

flashback

mock the internet
Java
578
star
35

FeatureFu

Library and tools for advanced feature engineering
Java
568
star
36

LayoutTest-iOS

Write unit tests which test the layout of a view in multiple configurations
Objective-C
564
star
37

FastTreeSHAP

Fast SHAP value computation for interpreting tree-based models
Python
509
star
38

venice

Venice, Derived Data Platform for Planet-Scale Workloads.
Java
487
star
39

Spyglass

A library for mentions on Android
Java
386
star
40

dagli

Framework for defining machine learning models, including feature generation and transformations, as directed acyclic graphs (DAGs).
Java
353
star
41

cruise-control-ui

Cruise Control Frontend (CCFE): Single Page Web Application to Manage Large Scale of Kafka Clusters
Vue
337
star
42

ml-ease

ADMM based large scale logistic regression
Java
333
star
43

openhouse

Open Control Plane for Tables in Data Lakehouse
Java
304
star
44

dph-framework

HTML
298
star
45

transport

A framework for writing performant user-defined functions (UDFs) that are portable across a variety of engines including Apache Spark, Apache Hive, and Presto.
Java
296
star
46

spark-tfrecord

Read and write Tensorflow TFRecord data from Apache Spark.
Scala
288
star
47

isolation-forest

A Spark/Scala implementation of the isolation forest unsupervised outlier detection algorithm with support for exporting in ONNX format.
Scala
224
star
48

LiFT

The LinkedIn Fairness Toolkit (LiFT) is a Scala/Spark library that enables the measurement of fairness in large scale machine learning workflows.
Scala
168
star
49

shaky-android

Shake to send feedback for Android.
Java
160
star
50

pyexchange

Python wrapper for Microsoft Exchange
Python
153
star
51

asciietch

A graphing library with the goal of making it simple to graphs using ascii characters.
Python
138
star
52

python-avro-json-serializer

Serializes data into a JSON format using AVRO schema.
Python
137
star
53

gdmix

A deep ranking personalization framework
Python
131
star
54

li-apache-kafka-clients

li-apache-kafka-clients is a wrapper library for the Apache Kafka vanilla clients. It provides additional features such as large message support and auditing to the Java producer and consumer in the open source Apache Kafka.
Java
131
star
55

dynamometer

A tool for scale and performance testing of HDFS with a specific focus on the NameNode.
Java
131
star
56

Avro2TF

Avro2TF is designed to fill the gap of making users' training data ready to be consumed by deep learning training frameworks.
Scala
126
star
57

datahub-gma

General Metadata Architecture
Java
121
star
58

linkedin-gradle-plugin-for-apache-hadoop

Groovy
117
star
59

dex-test-parser

Find all test methods in an Android instrumentation APK
Kotlin
106
star
60

cassette

An efficient, file-based FIFO Queue for iOS and macOS.
Objective-C
95
star
61

spaniel

LinkedIn's JavaScript viewport tracking library and IntersectionObserver polyfill
JavaScript
92
star
62

Hoptimator

Multi-hop declarative data pipelines
Java
91
star
63

migz

Multithreaded, gzip-compatible compression and decompression, available as a platform-independent Java library and command-line utilities.
Java
79
star
64

avro-util

Collection of utilities to allow writing java code that operates across a wide range of avro versions.
Java
76
star
65

sysops-api

sysops-api is a framework designed to provide visability from tens of thousands of machines in seconds.
Python
74
star
66

iceberg

A temporary home for LinkedIn's changes to Apache Iceberg (incubating)
Java
62
star
67

DuaLip

DuaLip: Dual Decomposition based Linear Program Solver
Scala
59
star
68

kube2hadoop

Secure HDFS Access from Kubernetes
Java
59
star
69

dynoyarn

DynoYARN is a framework to run simulated YARN clusters and workloads for YARN scale testing.
Java
58
star
70

linkedin.github.com

Listing of all our public GitHub projects.
JavaScript
58
star
71

Tachyon

An Android library that provides a customizable calendar day view UI widget.
Java
57
star
72

Cytodynamics

Classloader isolation library.
Java
49
star
73

iris-relay

Stateless reverse proxy for thirdparty service integration with Iris API.
Python
48
star
74

concurrentli

Classes for multithreading that expand on java.util.concurrent, adding convenience, efficiency and new tools to multithreaded Java programs
Java
46
star
75

iris-mobile

A mobile interface for linkedin/iris, built for iOS and Android on the Ionic platform
TypeScript
42
star
76

lambda-learner

Lambda Learner is a library for iterative incremental training of a class of supervised machine learning models.
Python
41
star
77

TE2Rules

Python library to explain Tree Ensemble models (TE) like XGBoost, using a rule list.
Python
40
star
78

instantsearch-tutorial

Sample code for building an end-to-end instant search solution
JavaScript
39
star
79

PASS-GNN

Python
38
star
80

self-focused

Helps make a single page application more friendly to screen readers.
JavaScript
35
star
81

tracked-queue

An autotracked implementation of a ring-buffer-backed double-ended queue
TypeScript
35
star
82

QueryAnalyzerAgent

Analyze MySQL queries with negligible overhead
Go
35
star
83

performance-quality-models

Personalizing Performance model repository
Jupyter Notebook
31
star
84

data-integration-library

The Data Integration Library project provides a library of generic components based on a multi-stage architecture for data ingress and egress.
Java
28
star
85

Iris-message-processor

Iris-message-processor is a fully distributed Go application meant to replace the sender functionality of Iris and provide reliable, scalable, and extensible incident and out of band message processing and sending.
Go
27
star
86

smart-arg

Smart Arguments Suite (smart-arg) is a slim and handy python lib that helps one work safely and conveniently with command line arguments.
Python
23
star
87

linkedin-calcite

LinkedIn's version of Apache Calcite
Java
22
star
88

atscppapi

This library provides wrappers around the existing Apache Traffic Server API which will vastly simplify the process of writing Apache Traffic Server plugins.
C++
20
star
89

forthic

Python
18
star
90

high-school-trainee

LinkedIn Women in Tech High School Trainee Program
Python
18
star
91

play-parseq

Play-ParSeq is a Play module which seamlessly integrates ParSeq with Play Framework
Scala
17
star
92

icon-magic

Automated icon build system for iOS, Android and Web
TypeScript
17
star
93

QuantEase

QuantEase, a layer-wise quantization framework, frames the problem as discrete-structured non-convex optimization. Our work leverages Coordinate Descent techniques, offering high-quality solutions without the need for matrix inversion or decomposition.
Python
17
star
94

kafka-remote-storage-azure

Java
13
star
95

play-restli

A library that simplifies building restli services on top of the play server.
Java
12
star
96

spark-inequality-impact

Scala
12
star
97

Li-Airflow-Backfill-Plugin

Li-Airflow-Backfill-Plugin is a plugin to work with Apache Airflow to provide data backfill feature, ie. to rerun pipelines for a certain date range.
Python
10
star
98

AlerTiger

Jupyter Notebook
9
star
99

diderot

A fast and flexible implementation of the xDS protocol
Go
6
star
100

gobblin-elr

This is a read-only mirror of apache/gobblin
Java
5
star