kxtzownsu/icarus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
49 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
akane 6f4f55fdaa
Merge pull request #4 from EnterTheVoid-x86/main 
Add credits to README
2025-01-25 18:36:04 -08:00
httpmitm @ 17d80ead85
Updated submodule again
2025-01-25 10:40:10 -05:00
src/root_store_gen
Fixed interceptor
2024-08-13 08:03:34 -04:00
.gitignore
moved to src directory plus new features
2024-08-09 01:55:16 -04:00
.gitmodules
Added httpmitm to main repo, to make it easier to start a server
2025-01-25 09:47:17 -05:00
crs.proto
icarus: brand new stuff
2024-08-08 18:43:48 -04:00
ct.proto
Fixed interceptor
2024-08-13 08:03:34 -04:00
enter_venv.sh
added some fixes and checks
2024-08-12 17:45:44 -04:00
get_original_data.sh
Update get_original_data.sh
2025-01-25 19:20:54 -05:00
inshim.sh
Make inshim.sh way better
2025-01-25 19:33:09 -05:00
instructions.md
Added shim builder fixes. I'm still rusty at this
2024-08-14 10:45:47 -04:00
make_out.sh
Fixed wrong dirs with original data
2024-08-12 18:38:50 -04:00
Makefile
Fixed makefile for server hosting
2025-01-25 10:24:09 -05:00
modify.sh
Modify.sh fixes part 2
2024-10-07 22:16:57 -04:00
myCA.der
Make the CA more consistent between repositories
2025-01-25 09:41:45 -05:00
pins.proto
Fixed interceptor
2024-08-13 08:03:34 -04:00
README.md
Update README.md
2025-01-25 21:22:18 -05:00
setup_venv.sh
added some fixes and checks
2024-08-12 17:03:13 -04:00

README.md

icarus

This tool allows us to unenroll devices with device management interception with a proxy and a Certificate Authority
Clone this repo with git clone --recursive

IMPORTANT NOTICE

DO NOT USE ANY PUBLIC IP ADDRESSES FOR ICARUS AS A PROXY, YOU WILL RISK YOUR DATA and YOU WILL BE REMOTELY COMPROMISED. ANYTHING GOOGLE CAN REMOTELY PERFORM ON YOUR DEVICE, ICARUS CAN BE USED TO DO. AN EXAMPLE OF THIS IS INSTALL EXTENSIONS, SPY, USE YOUR CAMERA, REMOTE INTO YOUR DEVICE, GET YOUR PASSWORDS, AND MORE. ONLY SELF HOST ICARUS, NEVER USE A PUBLIC SERVER!

New configs what does this mean

These new configs have rolled keys. We are testing the compatibility of these new keys for interception

Setup and installation instructions

Set up the environment by running the following commands. Make sure to have python3 and python3-venv installed

  • make setup-venv
  • make enter-venv
  • make setup-python
  • make build-packed-data
  • bash get_original_data.sh
  • bash make_out.sh myCA.der

After doing this the output directory will be generated. The output directory that is generated will be used in the shim.

  • bash modify.sh <shim path>
  • Now boot your shim.
  • In the terminal of the shim, run mount /dev/disk/by-label/STATE /mnt/stateful_partition
  • bash /mnt/stateful_partition/usr/bin/inshim.sh
  • Reboot the device
  • Open the network configuration by clicking the lower left button, connecting to wifi, and then change the proxy settings
  • Set proxy settings to manual
  • Set HTTPS ip to the IP you used to host the proxy server.
  • Resume setup and it will unenroll.

Server setup (Only for people hosting servers)

Requirements: npm, node
run make start-server

Credits

  • MunyDev - Creating this exploit
  • Archimax - Cleaning up get_original_data.sh and inshim.sh + README changes
  • r58Playz - General bash script improvements
  • Akane - Help with SSL, general advice, and README changes
Description
No description provided
Readme 290 KiB
Languages
Shell 72.1%
Python 19.6%
Makefile 8.3%