Safety vulnerability ID: 42205
The information on this page was manually curated by our Cybersecurity Intelligence Team.
[This advisory has been limited. Please create a free account to view the full advisory.]
Latest version: 0.0.5
DeStringCare for extracting Android apk secrets
[This affected versions has been limited. Please create a free account to view the full affected versions.]
[This fixed versions has been limited. Please create a free account to view the full fixed versions.]
Removed `pycrypto` due to security issue
This is due to:
* [CVE-2018-6594](https://nvd.nist.gov/vuln/detail/CVE-2018-6594) Moderate severity
* [CVE-2013-7459](https://nvd.nist.gov/vuln/detail/CVE-2013-7459) Moderate severity
More information: https://github.com/dlitz/pycrypto/issues/253
Replacing StringCare secrets
Added `replaced` argument for replacing Stringcare secrets.
bash
destringcare --resign Appname_v1.0.2494.apk mapped.json
where `mapped.json` is a key-value dictionary in JSON:
json
{
"firebase_database_url": "https://some-path.somewhere.io",
"google_storage_bucket": "another-path.appspot.com"
}
Printing out common plaintext properties
This is done by using `--other` argument.
bash
destringcare --other Appname_v1.0.2494.apk
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application