Skip to content

andiradulescu/AddSecurityExceptionAndroid

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
addSecurityExceptions.sh
addSecurityExceptions.sh
 
 
apktool.jar
apktool.jar
 
 
network_security_config.xml
network_security_config.xml
 
 

Repository files navigation

Add Security Exception to APK

In Android 7.0, Google introduced changes to the way user Certificate Authorities (CA) are trusted. These changes prevent third-parties from listening to network requests coming out of the application: More info:

  1. https://developer.android.com/training/articles/security-config.html
  2. http://android-developers.blogspot.com/2016/07/changes-to-trusted-certificate.html

This script injects into the APK network security exceptions that allow third-party software like Charles Proxy/Fiddler to listen to the network requests and responses of some Android applications.

Getting Started

Download the script and the XML file and place them in the same directory.

Prerequisites

APKTOOL is not needed anymore.

You will need apktool and the Android SDK installed

I recommend using brew on Mac to install apktool:

brew install apktool

Usage

The script take two arguments:

  1. APK file path.
  2. keystore file path (optional - Default is: ~/.android/debug.keystore )

Examples

./addSecurityExceptions.sh myApp.apk

or

./addSecurityExceptions.sh myApp.apk ~/.android/debug.keystore

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%