PATCH JANUS VULNERABILITY

Janus Vulnerability

Janus vulnerability comes from the possibility to add extra bytes to APK files and to DEX files.

Exploiting Apps vulnerable to Janus (CVE-2017–13156)

Janus Patching

1. Open Android Studio
2. Go to build.gradle (:app)
3. Now write this code

signingConfigs {
    release  {
        keyAlias 'key_name'
        keyPassword 'here_password'
        storeFile file('path to your key file')
        storePassword 'here_password'
        v1SigningEnabled false
        v2SigningEnabled true
    }
}

4. Now write this code in buildTypes { release {} }

signingConfig signingConfigs.release