android 通过ADB安装用户证书

bfhwhh0e  于 2023-01-15  发布在  Android
关注(0)|答案(7)|浏览(338)

是否有办法通过ADB?或任何其他“脚本化”方式在Security -> Trusted Credential -> User tab下安装CA证书(.crt文件)。

fumotvh3

fumotvh31#

我想出了一个方法来做到这一点,因此我能够信任查尔斯代理证书。它将被添加为可信的SSL根证书。
首先,您需要获取证书哈希

openssl x509 -inform PEM -subject_hash_old -in charles-proxy-ssl-proxying-certificate.pem | head -1>hashedCertFile

我使用windows,将其存储在一个var中,以自动化该过程

set /p certHash=<hashedCertFile
    

set certHash=%certHash%.0 && DEL toto
cat charles-proxy-ssl-proxying-certificate.pem > %certHash%

openssl x509 -inform PEM -text -in charles-proxy-ssl-proxying-certificate.pem -out nul >> %certHash%

adb shell mount -o rw,remount,rw /system

adb push %certHash% /system/etc/security/cacerts/

adb shell mount -o ro,remount,ro /system

adb reboot

这是从this answer复制的unix版本:

PEM_FILE_NAME=logger-charles-cert.pem
hash=$(openssl x509 -inform PEM -subject_hash_old -in $PEM_FILE_NAME | head -1)
OUT_FILE_NAME="$hash.0"

cp $PEM_FILE_NAME $OUT_FILE_NAME
openssl x509 -inform PEM -text -in $PEM_FILE_NAME -out /dev/null >> $OUT_FILE_NAME

echo "Saved to $OUT_FILE_NAME"
adb shell mount -o rw,remount,rw /system
adb push $OUT_FILE_NAME /system/etc/security/cacerts/
adb shell mount -o ro,remount,ro /system
adb reboot
iklwldmw

iklwldmw2#

感谢这个答案通过ADB安装用户证书,我能够改编一个脚本,在bash shell上工作:

PEM_FILE_NAME=logger-charles-cert.pem
hash=$(openssl x509 -inform PEM -subject_hash_old -in $PEM_FILE_NAME | head -1)
OUT_FILE_NAME="$hash.0"

cp $PEM_FILE_NAME $OUT_FILE_NAME
openssl x509 -inform PEM -text -in $PEM_FILE_NAME -out /dev/null >> $OUT_FILE_NAME

echo "Saved to $OUT_FILE_NAME"
adb shell mount -o rw,remount,rw /system
adb push $OUT_FILE_NAME /system/etc/security/cacerts/
adb shell mount -o ro,remount,ro /system
adb reboot

(Yes,我知道这可能应该是一个评论,但我还没有足够的声誉张贴它作为一个评论)

iqjalb3h

iqjalb3h3#

我可以通过以下步骤使servercert显示在Trusted Credential -> User选项卡下(而不是其他答案显示的system选项卡下):

#!/bin/bash
subjectHash=`openssl x509 -inform PEM -subject_hash_old -in server.crt | head -n 1`
openssl x509 -in server.crt -inform PEM -outform DER -out $subjectHash.0
adb root
adb push ./$subjectHash.0 /data/misc/user/0/cacerts-added/$subjectHash.0
adb shell "su 0 chmod 644 /data/misc/user/0/cacerts-added/$subjectHash.0"
adb reboot
qq24tv8q

qq24tv8q4#

将文件推送到设备

adb push "C:\path\cacert.cer" "/data/local"

启动证书安装程序

adb shell am start -n com.android.certinstaller/.CertInstallerMain -a android.intent.action.VIEW -t application/x-x509-ca-cert -d file:///data/local/cacert.cer

现在完成安装,提示符将出现在您的设备上。

wixjitnu

wixjitnu5#

    • 2022年**:httptoolkit有一个很好的解决方案,可以在不重新启动的情况下将自定义证书注入到根设备/模拟器中

详情如下:www.example.comhttps://httptoolkit.tech/blog/intercepting-android-https/#injecting-ca-certificates-into-rooted-devices

set -e # Fail on error
    # Create a separate temp directory, to hold the current certificates
    # Without this, when we add the mount we can't read the current certs anymore.

    mkdir -m 700 /data/local/tmp/htk-ca-copy
    # Copy out the existing certificates

    cp /system/etc/security/cacerts/* /data/local/tmp/htk-ca-copy/
    # Create the in-memory mount on top of the system certs folder

    mount -t tmpfs tmpfs /system/etc/security/cacerts
    # Copy the existing certs back into the tmpfs mount, so we keep trusting them

    mv /data/local/tmp/htk-ca-copy/* /system/etc/security/cacerts/
    # Copy our new cert in, so we trust that too

    mv ${certificatePath} /system/etc/security/cacerts/
    # Update the perms & selinux context labels, so everything is as readable as before

    chown root:root /system/etc/security/cacerts/*
    chmod 644 /system/etc/security/cacerts/*
    chcon u:object_r:system_file:s0 /system/etc/security/cacerts/*
    # Delete the temp cert directory & this script itself

    rm -r /data/local/tmp/htk-ca-copy
    rm ${injectionScriptPath}
    echo "System cert successfully injected"

来源

3bygqnnd

3bygqnnd6#

在我的例子中,我首先需要以可写方式启动模拟器:

adb start-server
emulator -writable-system -avd Pixel_2_API_24

然后您可以安装证书:

adb root
adb remount
adb push c8750f0d.0 /system/etc/security/cacerts

https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android

mfuanj7w

mfuanj7w7#

这只会在一个非root的android上启动“你想信任这个证书吗”窗口,这是@hoghart45的回答,除了一行确保你有权限将证书粘贴到/data/local/..目录:

certificateName=ca.crt
ca_dir_in_phone="/data/local/tmp/try3"
ca_path_in_phone="$ca_dir_in_phone/$certificateName"

adb shell mkdir -m 700 "$ca_dir_in_phone"
adb push "$certificateName" "$ca_path_in_phone"

adb shell am start -n com.android.certinstaller/.CertInstallerMain -a android.intent.action.VIEW -t application/x-x509-ca-cert -d file://"$ca_path_in_phone"

为了完整起见,here是一个WIP Python项目WIP,它也使用uiautomator以受控的方式自动单击“OK”。(它在单击之前验证它是确定按钮,它不只是发送一个盲目的输入,像send keyevent 20命令)。免责声明,我参与了该项目。

相关问题