Skip to content
Joseph Redfern edited this page Jan 7, 2014 · 6 revisions

drozer Console

drozer complains it cannot find Java, and asks me to add it to .drozer_config.

In a few cases, drozer needs to use another executable on your machine. We try to find it on your PATH but that can fail (particularly if you are running Windows).

The fix is simple:

  1. If it doesn't already exist, create a file in your home folder (~/ or C:\Users<your name>) called .drozer_config.
  2. Insert the following at the bottom of the file:
[executables]
java = C:\path\to\java.exe

Restart your drozer console, and you are ready to go.

drozer cannot execute 'aapt' when running drozer agent build

If you have installed drozer using the Python egg file, you make receive errors such as:

Exception in thread "main" brut.androlib.AndrolibException: brut.androlib.AndrolibException: brut.common.BrutException: could not exec command: [/usr/local/lib/python2.7/dist-packages/drozer-2.3.0-py2.7.egg/drozer/lib/aapt, p, --min-sdk-version, 7, --target-sdk-version, 17, -F, /tmp/APKTOOL8165451655750050145.tmp, -0, arsc, -I, /home/tuser/apktool/framework/1.apk, -S, /tmp/tmp_W1pvR/agent/res, -M, /tmp/tmp_W1pvR/agent/AndroidManifest.xml]

or:

Caused by: java.io.IOException: Cannot run program "/usr/local/lib/python2.7/dist-packages/drozer-2.3.0-py2.7.egg/drozer/lib/aapt": error=13, Permission denied

This is caused by a problem in Python setuptools, which does not persist the executable flag for aapt.

To fix it, enable execution:

chmod +x /usr/local/lib/python2.7/dist-packages/drozer-2.3.0-py2.7.egg/drozer/lib/aapt

If the problem still persists, it may be a 64-bit issue. Typically, you need to install ia32-libs before aapt will work:

apt-get install ia32-libs

Command suggestions are being prefixed with ^[[?1034h

This is caused by a some peculiar interactions between Fedora and Python's readline module. A workaround is to run:

export TERM=vt100

inside bash, before attempting bash auto-completion.

Installation

My anti-virus detects and removes part of drozer.

Yes. Some AV products detect one of the vulnerabilities we use in drozer's exploitation tools as exploit:js/webdoid.b.

If you don't want to use the drozer exploit build command, you can ignore this. The rest of drozer will work perfectly without it. If you do want to be able to run exploits, you should exclude C:\drozer from your AV and restore any quarantined files.

You can’t perform that action at this time.