Bungeegum is a set of tools designed to test code execution payloads within the context of a standard Android application. By leveraging the powerful Frida instrumentation framework, it precisely replicates the runtime conditions of an Android app, simulating the execution of ELFs or shellcode as though they were triggered by a remote code execution exploit.
- Python 3.10 or higher
- Docker
Bungeegum is developed and regularly tested on Ubuntu 22.04 with Python 3.10. It has also been successfully built on Ubuntu 18.04 with Python 3.8.0. Other distributions and Python versions may work, but are currently untested.
-
Clone the repository
-
Install dependencies
sudo apt update sudo apt install python3-venv python3.10-venv make wget xz-utils -y python3.10 -m venv venv source venv/bin/activate (venv) pip install --upgrade pip -
Build the APK and install the Python package by running the
makecommand:make
Bungeegum has been tested successfully on Android 7, 9 - 13.
(venv) bungeegum -h
usage: bungeegum [-h] -d DEVICE [-r] (-s SHELLCODE | -e ELF) [-a [ARGS [ARGS ...]]]
Execute code within an application context
optional arguments:
-h, --help show this help message and exit
-d DEVICE, --device DEVICE
ADB device ID to run on
-r, --remote Set if the file to be executed is on the device
-s SHELLCODE, --shellcode SHELLCODE
Shellcode file to execute on the device
-e ELF, --elf ELF ELF file to execute on the device
-a [ARGS [ARGS ...]], --args [ARGS [ARGS ...]]
Optional args to pass to the ELF file- Run an ELF from the host on the device:
bungeegum --elf ~/my_elf/arm64-v8a/my_elf- Run a shellcode blob on the device
bungeegum --shellcode ~/my_shellcode.bin- Run an on-device ELF:
bungeegum --remote --elf /system/bin/log --args "hello world"Contributions are welcome! If you find any issues or have suggestions for improvements, please open an issue or submit a pull request.
This project is licensed under the GPLv2 License.