#!/data/data/com.termux/files/usr/bin/bash

#colors 
red='\033[1;31m'  
yellow='\033[1;33m'
reset='\033[0m'

ALPINEDIR="${PREFIX}/share/apkmod"
BINDIR="${PREFIX}/bin"
LIBDIR="${ALPINEDIR}/usr/lib"

APKTOOL_VERSION="2.6.1"
APKTOOL_URL="https://github.com/Hax4us/Apkmod/releases/download/v${APKTOOL_VERSION}/apktool-${APKTOOL_VERSION}.apk"

JADX_VERSION="1.3.2"
JADX_URL=https://github.com/skylot/jadx/releases/download/v${JADX_VERSION}/jadx-${JADX_VERSION}.zip

AAPT_URL="https://github.com/Hax4us/Apkmod/releases/download/v${APKTOOL_VERSION}/aapt_@ARCH@.tar.gz"


detect_os() {
	if [ -e $BINDIR/termux-info ]; then
		OS=TERMUX
		#AAPT="-a /usr/bin/aapt2"
	else
		grep kali /etc/os-release > /dev/null 2>&1
		if [ $? -eq 0 ]; then
			OS=KALI
			AAPT="--use-aapt2"
		else
			printf "${red}[!] ${yellow}Unsupported system\n"
			exit 1
		fi
	fi
}

install_deps_kali() {
	printf "[*] Installing dependencies...\n"
	apt-get install metasploit-framework bc apktool default-jdk -y > /dev/null
	wget https://github.com/hax4us/Apkmod/raw/master/apkmod.sh -O $PREFIX/bin/apkmod && chmod +x $PREFIX/bin/apkmod
	printf "[*] Done\n"
}

setup_alpine() {
	if [ ! "$1" = "--without-alpine" ]; then
		wget https://raw.githubusercontent.com/Hax4us/Apkmod/master/scripts/TermuxAlpine.sh -O TermuxAlpine.sh
		bash TermuxAlpine.sh
	fi
	mkdir -p ${ALPINEDIR}/root/.bind
	cat <<EOF | apkmalpine
	apk add openjdk8 libbsd zlib expat libpng protobuf libunwind
EOF
}

install_deps() {
	for pkg in aapt apksigner wget bc busybox sed; do
		if [ ! -f ${BINDIR}/${pkg} ]; then
			apt install ${pkg} -y
		fi
	done
	case "$(getprop ro.product.cpu.abi)" in
		arm64-v8a)
			ARCH=aarch64
			;;
		armeabi|armeabi-v7a)
			ARCH=arm
			;;
		#x86|i686)
		#	ARCH=x86
		#	;;
		#x86_64)
		#	ARCH=x86_64
		#	;;
		*)
			printf "your device "$(uname -m)" is not supported yet"
			exit 1
			;;
	esac

	wget ${AAPT_URL/@ARCH@/${ARCH}} -O aapt.tar.gz && tar -xf aapt.tar.gz -C ${LIBDIR} && rm aapt.tar.gz
	
    for i in aapt aapt2; do
		mv ${LIBDIR}/android/${i} ${ALPINEDIR}/usr/bin
	done

	wget ${APKTOOL_URL} -O ${ALPINEDIR}/opt/apktool.jar
	wget https://github.com/hax4us/Apkmod/raw/master/apkmod.sh -O ${BINDIR}/apkmod
	chmod +x ${BINDIR}/apkmod
	chmod +x ${ALPINEDIR}/usr/bin/aapt
	chmod +x ${ALPINEDIR}/usr/bin/aapt2
	rm -rf ~/.apkmod && mkdir -p ~/.apkmod/framework

    mkdir -p ~/.apkmod/hooks

    for file in apkmod.p12 signkill.jar hooks/hook2.smali hooks/hook.smali hooks/hook2.dex; do
        wget https://github.com/hax4us/Apkmod/raw/master/$file -O ~/.apkmod/$file 
    done
}

install_scripts() {
	for script in signkill.sh apktool_termux.sh apktool_alpine.sh apk.rb jadx_termux.sh jadx_alpine.sh; do
		wget https://github.com/hax4us/Apkmod/raw/master/scripts/${script} -O ${script}
	done

	mv apktool_termux.sh ${BINDIR}/apktool && chmod +x ${BINDIR}/apktool
	mv apktool_alpine.sh ${ALPINEDIR}/bin/apktool && chmod +x ${ALPINEDIR}/bin/apktool
    mv jadx_termux.sh $BINDIR/jadx && chmod +x $BINDIR/jadx
    mv jadx_alpine.sh $ALPINEDIR/bin/jadx && chmod +x $ALPINEDIR/bin/jadx
    mv signkill.sh $BINDIR/signkill && chmod +x $BINDIR/signkill
    #mv signapk_termux.sh $BINDIR/signapk && chmod +x $BINDIR/signapk
    #mv signapk_alpine.sh $ALPINEDIR/bin/signapk && chmod +x $ALPINEDIR/bin/signapk

	if [ -d ${HOME}/metasploit-framework -a -d ${PREFIX}/opt/metasploit-framework ]; then
		printf "${red}[!] More than one metasploit detected ,\nremove anyone from them and reinstall Apkmod\notherwise apkmod will not work as expected${reset}"
	elif [ -d ${HOME}/metasploit-framework ]; then
		msf_dir=${HOME}/metasploit-framework
		mv apk.rb ${msf_dir}/lib/msf/core/payload/
	elif [ -d ${PREFIX}/opt/metasploit-framework ]; then
		msf_dir=${PREFIX}/opt/metasploit-framework
		mv apk.rb ${msf_dir}/lib/msf/core/payload/
	else
		printf "${red}[!] Metasploit is not installed hence -b ( bind ) option will not work${reset}"
        HAS_METASPLOIT="no"
	fi
}

do_patches() {
    cd ${msf_dir}
    for i in "msfvenom" "lib/msf/core/payload_generator.rb"; do
        if [ ! -e "${i}.orig" ]; then
            cp ${i} ${i}.orig
        fi
    done
    busybox grep "#patched" msfvenom > /dev/null
    if [ $? -ne 0 ]; then
        line_num=$(busybox grep -n "help" msfvenom | cut -d ":" -f1)
        line_num=$((${line_num}-1))
        busybox awk -v "n=${line_num}" -v "s=\n\topt.on('--use-aapt','Use aapt for recompiling') do\n\t\topts[:use_aapt] = true\n\tend" '(NR==n) { print s } 1' msfvenom.orig > msfvenom
        if [ $? -eq 0 ]; then
            printf "#patched" >> msfvenom
        else
            printf "${red}[!] can't patch msfvenom\n${reset}"
            exit 1
        fi
    fi
    busybox grep "#patched" lib/msf/core/payload_generator.rb > /dev/null
    if [ $? -ne 0 ]; then
        line_num=$(busybox grep -n ":add_code" lib/msf/core/payload_generator.rb | head -n1 | cut -d ":" -f1)
        line_num=$((${line_num}-2))
        busybox awk -v "n=${line_num}" -v "s=\t# @\!attribute  use_aapt\n\t#   @return [String] use aapt or not\n\tattr_accessor :use_aapt" '(NR==n) { print s } 1' lib/msf/core/payload_generator.rb.orig > lib/msf/core/payload_generator.rb
        if [ $? -ne 0 ]; then
            printf "${red}[!] can't patch payload_generator.rb\n${reset}"
            exit 1
        fi
        line_num=$(busybox grep -n "@framework" lib/msf/core/payload_generator.rb | head -n1 | cut -d ":" -f1)
        line_num=$((${line_num}-2))
        busybox sed -i "${line_num}s/.*/\t@use_aapt = opts.fetch(:use_aapt,false)/" lib/msf/core/payload_generator.rb
        if [ $? -ne 0 ]; then
            printf "${red}[!] can't patch payload_genereator.rb\n${reset}"
            exit 1
        fi
        line_num=$(busybox grep -n "apk_backdoor.backdoor_apk" lib/msf/core/payload_generator.rb | cut -d ":" -f1)
        busybox sed -i "${line_num}s/.*/\t\traw_payload = apk_backdoor.backdoor_apk(template, generate_raw_payload, use_aapt)/" lib/msf/core/payload_generator.rb
        if [ $? -eq 0 ]; then
            printf "#patched" >> lib/msf/core/payload_generator.rb
        else
            printf "${red}[!] can't patch payload_generator.rb\n${reset}"
            exit 1
        fi
    fi

    #sed -i "s#AAPT=.*#AAPT=\"$AAPT\"#" $BINDIR/apkmod
    if [ $OS = "KALI" ]; then
        sed -i "s#AAPT=.*#AAPT=\"$AAPT\"#" $BINDIR/apkmod
        sed -i s/"apktool b"/"apktool b --use-aapt2"/g /usr/share/metasploit-framework/lib/msf/core/payload/apk.rb
    fi
}

jadx() {
    wget ${JADX_URL}
    mkdir -p ${ALPINEDIR}/usr/lib/jadx
    unzip jadx-${JADX_VERSION}.zip -d ${ALPINEDIR}/usr/lib/jadx
}

##################
#  MAIN DRIVER   #
##################

detect_os

if [ $OS = "TERMUX" ]; then
	termux-wake-lock
	# Temporary check for alpine version 
	# so that if user has already installed
	# TermuxAlpine then check if this alpine 
	# was installed by apkmod or not.
	#if [ -d $PREFIX/share/TermuxAlpine ]; then
	#	if [ "$(cat $PREFIX/share/TermuxAlpine/etc/alpine-release)" = "3.10.2" ]; then
	#		mv $PREFIX/share/TermuxAlpine $ALPINEDIR
	#	fi
	#fi

	setup_alpine "$1"
	install_deps
	install_scripts
	jadx
	termux-wake-unlock
    if [ ! "$HAS_METASPLOIT" = "no" ]; then
        do_patches
    fi
else
	install_deps_kali
    do_patches_kali
fi