-
Notifications
You must be signed in to change notification settings - Fork 108
/
GetBrokerRedirectURI.ps1
112 lines (93 loc) · 2.73 KB
/
GetBrokerRedirectURI.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
<#
.SYNOPSIS
Obtain the RedirectURI from an APK. Requires JDK\bin\keytool and AndroidSDK\build-tools\###\aapt to be on the path.
.EXAMPLE
GetBrokerRedirectURI MyApp.apk
#>
Param(
[Parameter(Mandatory=$true)]
[string]$apkFile
)
<#
Extract all of the signature owner and SHA1 hex bytes from `keytool -printcert -jarfile`.
#>
function GetSHA1Hex {
Param(
[string]$apkFile
)
$output = keytool -printcert -jarfile $apkFile
$ownerPrefix = "Owner:"
$shaPrefix = "SHA1:"
$signatures = @{}
$owner = ""
ForEach ($line in $output) {
if ($line.contains($ownerPrefix)) {
$owner = $line.replace($ownerPrefix, "").trim()
}
if ($line.contains($shaPrefix)) {
$base64 = GetBase64FromSHA1Hex($line.replace($shaPrefix, "").trim())
$signatures.add($owner, $base64)
}
}
if ($signatures.Keys.count -eq 0) {
write-error "No signatures found."
exit
}
if ($signatures.Keys.count -gt 1) {
write-warning "Multiple signatures detected, please select the correct one based on the owner. If more context is needed please manually run ``keytool -printcert -jarfile $apkFile``."
}
return $signatures
}
<#
Convert the string hex to bytes.
#>
function GetBase64FromSHA1Hex {
Param(
[string]$hexSig
)
$hex = $hexSig.split(":")
$bytes = @()
ForEach ($byte in $hex) {
$bytes += [convert]::ToByte($byte, 16)
}
[System.Convert]::ToBase64String($bytes)
}
<#
Extract the APK package name from `aapt dump badging`.
#>
function GetPackageName {
Param(
[string]$apkFile
)
$output = aapt dump badging $apkFile
$match = $output | select-string -Pattern "name='(.*?)'"
if (-not $match) {
write-error "Could not find the package name in aapt output."
exit
}
return $match.Matches.Groups[1].Value
}
<#
Get and verify that the necessary dependencies are visible.
#>
function VerifyDependencies {
get-command aapt -ErrorAction Stop | out-null
get-command keytool -ErrorAction Stop | out-null
[Reflection.Assembly]::LoadWithPartialName("System.Web") | out-null
}
VerifyDependencies
$signatures = GetSHA1Hex($apkFile)
$packageName = GetPackageName($apkFile)
if ($signatures.Keys.Count -gt 1) {
$manySignatures = $True
}
write-host "Found package name: $packageName"
ForEach ($sig in $signatures.GetEnumerator()) {
$encodedSignature = [System.Web.HttpUtility]::UrlEncode($sig.Value)
write-host ""
if ($manySignatures) {
write-host "Found signature owner: $($sig.Name)"
}
write-host "Found signature fingerprint: $($sig.Value)"
write-host -ForegroundColor Green "RedirectURI: msauth://$packageName/$encodedSignature"
}