QARK - Free Android App Scanner to find Security Vulnerabilities

Free WhoisGuard with Every Domain Purchase at Namecheap

QARK (Quick Android Review Kit) is a free android app scanner to find security vulnerabilities. This tool able to extract the source code from apk file and list out security vulnerabilities. This tool is not a comprehensive tool but surely it is one of the tools to provide some good observations and issues for android mobile apk.

Vulnerabilities related to exported components, intents, improper x.509 certificate validation, configuration related to files, activities, private keys embedded in the source, cryptography related issues, WebView configurations, activities, Tapjacking etc. have been found by using this tool.

How to Install QARK on Linux based OS

Download the installer by using below command

$git clone https://github.com/linkedin/qark
$cd qark
$pip install -r requirements.txt

$pip install . --user

To check whether installation is proper or not

$qark

Usage

qark --apk <PATH-OF-APK-FILE>

I have used test mobile apk to run the scan to find a few security issues. "goatdroid.apk" is a test application available in "tests" directory.

Default report format is html type and you can open it on any browser.

MAGIX Innovation that Inspires True Creative Freedom

While starting a security scan for apk file, I have encountered a below error:

$qark --apk test.apk
Failed to extract zipped APK from /home/ubuntu/proj1/test.apk to /home/ubuntu/qark/build/qark
Traceback (most recent call last):
  File "/home/ubuntu/.local/lib/python2.7/site-packages/qark/decompiler/decompiler.py", line 228, in unzip_file
    zipped_apk.extractall(path=destination_to_unzip)
  File "/usr/lib/python2.7/zipfile.py", line 1063, in extractall
    self.extract(zipinfo, path, pwd)
  File "/usr/lib/python2.7/zipfile.py", line 1051, in extract
    return self._extract_member(member, path, pwd)
  File "/usr/lib/python2.7/zipfile.py", line 1106, in _extract_member
    file(targetpath, "wb") as target:
IOError: [Errno 13] Permission denied: '/home/ubuntu/qark/build/qark/AndroidManifest.xml'
Failed to extract zipped APK

This issue has been resolved by run that command using sudo, but other error has come

$sudo qark --apk test.apk
Decompiling...
/home/ubuntu/.local/lib/python2.7/site-packages/qark/decompiler/../lib/dex2jar-2.0/d2j_invoke.sh: 48: /home/ubuntu/.local/lib/python2.7/site-packages/qark/decompiler/../lib/dex2jar-2.0/d2j_invoke.sh: java: not found
Error running dex2jar command: /home/ubuntu/.local/lib/python2.7/site-packages/qark/decompiler/../lib/dex2jar-2.0/d2j-dex2jar.sh /home/ubuntu/qark/build/qark/classes.dex -o /home/ubuntu/qark/build/qark/test.jar
Error running dex2jar

Above issue is resolved just by installing openjdk

$sudo apt install openjdk-8-jre-headless

Conclusion

QARK is an awesome tool to start android app security. This tool test specific security issues in the mobile app. As told in beginning, you can use other tools also for static and dynamic analysis.

Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.

You may also like...

1 Response

  1. Umersiddique says:

    Hi everyone,
    How to create a custom apk using qark

Leave a Reply

Your email address will not be published.