View Issue Details

IDProjectCategoryView StatusLast Update
0000317Kali LinuxNew Tool Requestspublic2020-03-18 17:51
Reportersaberzaid Assigned To 
PrioritynormalSeverityfeatureReproducibilityhave not tried
Status closedResolutionsuspended 
Summary0000317: Mercury
Description

Mercury is a framework for exploring the Android platform; to find vulnerabilities and share proof-of-concept exploits.

Mercury allows you to assume the role of a low-privileged Android app, and to interact with both other apps and the system.

Use dynamic analysis on Android applications and devices for quicker security assessments
Share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices
Write custom tests and exploits, using the easy extensions interface

Mercury allows you to:

Interact with the 4 IPC endpoints - activities, broadcast receivers, content providers and services
Use a proper shell that allows you to play with the underlying Linux OS from the point of view of an unprivileged application (you will be amazed at how much you can still see)
Find information on installed packages with optional search filters to allow for better control
Built-in commands that can check application attack vectors on installed applications
Transfer files between the Android device and your computer
Create new modules to exploit your latest finding on Android, and playing with those that others have found

Mercury does all of this over the network: it does not require ADB.

download:

http://labs.mwrinfosecurity.com/assets/385/mercury-2.2.0.tar.gz

Activities

g0tmi1k

g0tmi1k

2018-01-29 15:05

administrator   ~0008423

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool?
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [How to install] - How do you compile it?
  • [How to use] - What are some basic commands/functions to demonstrate it?
g0tmi1k

g0tmi1k

2020-02-10 14:37

administrator   ~0012085

Now https://github.com/FSecureLABS/drozer-agent

g0tmi1k

g0tmi1k

2020-03-18 17:02

administrator   ~0012432

Last update: 30 Jun 2017

g0tmi1k

g0tmi1k

2020-03-18 17:51

administrator   ~0012458

No update upstream since 2017

Issue History

Date Modified Username Field Change
2013-04-29 06:23 saberzaid New Issue
2018-01-29 15:05 g0tmi1k Note Added: 0008423
2019-12-09 13:30 g0tmi1k Severity minor => feature
2020-02-10 14:37 g0tmi1k Note Added: 0012085
2020-03-18 17:02 g0tmi1k Note Added: 0012432
2020-03-18 17:51 g0tmi1k Status new => closed
2020-03-18 17:51 g0tmi1k Resolution open => suspended
2020-03-18 17:51 g0tmi1k Note Added: 0012458