sensepost
Ability to set Corporate proxy settings due to jarsigner [Feature Request]
Corporate proxy settings can be set with the below bash script:
#!/bin/bash export REQUESTS_CA_BUNDLE=/home/$USER/cacert.pem export http_proxy=http://...:8080 export https_proxy=https://...:8080 echo "Shell setup for Corporate Proxy"
The problem is jarsigner does not use these environment variables. See below:
Signing the new APK may have failed.
jarsigner: unable to sign jar: no response from the Timestamping Authority. When connecting from behind a firewall an HTTP or HTTPS proxy may need to be specified. Supply the following options to jarsigner:
-J-Dhttp.proxyHost=<hostname>
-J-Dhttp.proxyPort=<portnumber>
or
-J-Dhttps.proxyHost=<hostname>
-J-Dhttps.proxyPort=<portnumber>
Signed the new APK
-J-Dhttps.proxyHost=..*. -J-Dhttps.proxyPort=8080 can't be passed to Objection as an option and as far as I can see from reading online there is not a config file where these settings can be added to for jarsigner.
For now I modified the android.py source in the packers folder to remove the time stamping switch. I tried adding the proxy switches in but couldn't get it working.
@Simon-Davies
I was facing the same issue. The below changes to android.py resolved it.
click.secho('Signing new APK.', dim=True)
o = delegator.run(list2cmdline([
self.required_commands['jarsigner']['location'],
'-sigalg',
'SHA1withRSA',
'-digestalg',
'SHA1',
**'-J-Dhttp.proxyHost=<proxy address>', - new line added to android.py
'-J-Dhttp.proxyPort=<proxy port>', - new line added to android.py**
'-tsa',
'http://timestamp.digicert.com',
'-storepass',
'basil-joule-bug',
'-keystore',
self.keystore,
self.apk_temp_frida_patched,
'objection'
