A set of tools to test payloads within the context of a standard Android application
Project description
Bungeegum
Bungeegum is a set of tools designed to test code execution payloads within the context of a standard Android application. By leveraging the powerful Frida instrumentation framework, it precisely replicates the runtime conditions of an Android app, simulating the execution of ELFs or shellcode as though they were triggered by a remote code execution exploit.
Prerequisites
- Python 3.8 or higher
- Docker
Install
Note: Bungeegum is developed on and regularly tested with Ubuntu 18.04 and Python 3.8. Other distributions and versions may work, but are currently untested.
-
Clone the repository
-
Install dependencies
sudo apt-get update sudo apt-get install python3-venv python3.8-venv make wget xz-utils -y python3.8 -m venv venv source venv/bin/activate (venv) pip install --upgrade pip
-
Build the APK and install the Python package by running the
makecommand:make
Supported Android Versions
Bungeegum has been tested successfully on Android 7, 9, 11, and 12.
Usage
(venv) bungeegum -h
usage: bungeegum [-h] -d DEVICE [-r] (-s SHELLCODE | -e ELF) [-a [ARGS [ARGS ...]]]
Execute code within an application context
optional arguments:
-h, --help show this help message and exit
-d DEVICE, --device DEVICE
ADB device ID to run on
-r, --remote Set if the file to be executed is on the device
-s SHELLCODE, --shellcode SHELLCODE
Shellcode file to execute on the device
-e ELF, --elf ELF ELF file to execute on the device
-a [ARGS [ARGS ...]], --args [ARGS [ARGS ...]]
Optional args to pass to the ELF file
Examples
- Run an ELF from the host on the device:
bungeegum --elf ~/my_elf/arm64-v8a/my_elf
- Run a shellcode blob on the device
bungeegum --shellcode ~/my_shellcode.bin
- Run an on-device ELF:
bungeegum --remote --elf /system/bin/log --args "hello world"
Contributing
Contributions are welcome! If you find any issues or have suggestions for improvements, please open an issue or submit a pull request.
License
This project is licensed under the GPLv2 License.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file bungeegum-0.1.0.tar.gz.
File metadata
- Download URL: bungeegum-0.1.0.tar.gz
- Upload date:
- Size: 20.3 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.8.0 colorama/0.4.4 importlib-metadata/4.6.4 keyring/23.5.0 pkginfo/1.8.2 readme-renderer/34.0 requests-toolbelt/0.9.1 requests/2.25.1 rfc3986/1.5.0 tqdm/4.57.0 urllib3/1.26.5 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 4135c572891088e626157acafdb406e94005bbe0ebb6a299d825f521618f505a |
|
| MD5 | bcd74fe047b4459f0b0c1c93f4da710b |
|
| BLAKE2b-256 | d0a463b781a51a0f9c8190851422cef00a62804af0343a9227da41564fa0b15c |
File details
Details for the file bungeegum-0.1.0-py3-none-any.whl.
File metadata
- Download URL: bungeegum-0.1.0-py3-none-any.whl
- Upload date:
- Size: 20.3 MB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.8.0 colorama/0.4.4 importlib-metadata/4.6.4 keyring/23.5.0 pkginfo/1.8.2 readme-renderer/34.0 requests-toolbelt/0.9.1 requests/2.25.1 rfc3986/1.5.0 tqdm/4.57.0 urllib3/1.26.5 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 71cc91eb2d28224ae80785aa845e0fddeefb6b41dbb51994008a842c961147b0 |
|
| MD5 | 9cb75597a92595908e8936f76ae6c7a5 |
|
| BLAKE2b-256 | 73559ff3a828c21ebafe681c7af4b0825ab9509fa0bcb0d21e094c15e90f2e92 |
