def initDBs():
__initDB(ConfigHelper.getRollingDatabasePath())
RollingDatabaseHelper.init()
__initDB(ConfigHelper.getBehaviorDatabasePath())
BehaviorDatabaseHelper.init()
#TODO init graph database
#print "Databases initialized."
return
def export(file_path, contents):
# appending .csv file
if not file_path.endswith(file_extention):
file_path += file_extention
row_timestamp = "timestamp"
row_entries = "entries"
row_exits = "exits"
row_current_population = "current_population"
file = open(file_path, 'w')
field_names = [
row_timestamp, row_entries, row_exits, row_current_population
]
writer = csv.DictWriter(file, fieldnames=field_names)
file.write("Starting time: " + __convert_time_full(contents[0][0]) + "\n")
file.write("Ending time: " + __convert_time_full(contents[-1][0]) +
" (plus monitoring duration of " +
str(60 / ConfigHelper.getHourSegments()) + " mins)\n")
file.write("\n")
file.write(row_timestamp + ", " + row_entries + ", " + row_exits + ", " +
row_current_population + "\n")
for c in contents:
time = __convert_time(c[0])
writer.writerow({
row_timestamp: time,
row_entries: c[1],
row_exits: c[2],
row_current_population: c[3]
})
file.close()
def removeBadPackets(connection):
for bad in Observation.bad_addresses:
# might have to hash them if config says so
if ConfigHelper.shouldHash():
bad = PrivacyUtility.processAddress(bad)
connection.execute(remove_bad_packets % bad)
connection.commit()
def scan():
ThreadKeeper.incrementThreadCount()
captureInterface = str(ConfigHelper.getWirelessCaptureInterface())
captureDuration = str(ConfigHelper.getCaptureDuration())
capturePath = str(ConfigHelper.getCaptureDirectory()) + \
ThreadKeeper.getTimeStamp() + \
"-unprocessed.pcap"
try:
# making the saved pcap able to be deleted by normal users since it was created with root
call(["touch", capturePath])
call(["chmod", "777", capturePath])
except Exception, errmsg:
print "Could not change output file permissions, you might need root permissions to delete it now, sorry about that..."
print errmsg
def analyze():
global action_exit, action_notice
action_notice = BehaviorDatabaseHelper.type_notice
action_exit = BehaviorDatabaseHelper.type_exit
behaviorDBConnection = BehaviorDatabaseHelper.connect()
rollingDBConnection = RollingDatabaseHelper.connect()
# current GMT minus the backtracking time (in seconds)
startTime = int(time.time()) - int(ConfigHelper.getCaptureDuration(
)) # int(ConfigHelper.getNumBackTrackHours() * 3600)
# or if we want to analyze everything we've ever captured
if ConfigHelper.doAllAnalysisForever():
startTime = 0
uniques = BehaviorDatabaseHelper.getUniques(behaviorDBConnection,
startTime)
count = 0
total = len(uniques)
for address in uniques:
count += 1
print '{0}\r'.format(" analysis: " + str(100 * count / total) + "%"),
# array of int
timesOfAddress = RollingDatabaseHelper.getTimesOfAddress(
rollingDBConnection, address)
makeEntriesAndExitsForAddress(address, timesOfAddress,
behaviorDBConnection)
# make a new line to advance from the percentage print output
print
# commit changes to behavior db and close out both connections
behaviorDBConnection.commit()
behaviorDBConnection.close()
rollingDBConnection.close()
return
def create_app():
app = Flask(__name__, template_folder='')
dist_folder = os.path.abspath(os.path.join(app.root_path, "../static"))
app.static_folder = dist_folder
app.static_url_path = '/static'
app_path = app.root_path
app.url_map.strict_slashes = False
app.config.from_object(ConfigHelper.set_config(sys.argv))
register_blueprints(app)
init_global_functions(app)
register_extensions(app)
register_components(app)
return app
def create_app():
app = Flask(__name__)
redefine_delimiters(app)
dist_folder = os.path.abspath(os.path.join(app.root_path,"../static"))
app.static_folder = dist_folder
app.static_url_path='/static'
app.url_map.strict_slashes = False
app.config.from_object(ConfigHelper.set_config(sys.argv))
initialize_libraries(app)
init_filters(app)
init_global_functions(app)
register_blueprints(app)
register_error_handlers(app)
return app
def makeEntriesAndExitsForAddress(address, times, behaviorDB):
global action_exit, action_notice
observation_actions = [] # this will hold the entry/exit actions
if len(times) > 0:
# if there was a previous observation, let's find it
previous = -1
lastKnown = __loadLastKnownState(behaviorDB, address)
if lastKnown is not None:
previous = lastKnown
# if the last observation was a leave and it should be, this'll fix it
__fixPreviousAction(behaviorDB, address, previous, times[0])
time_difference = 0
for cur_time in times:
time_difference = cur_time - previous
# find what the state is of the current observation, based on the previous
# Did the device leave since we last saw it?
if time_difference > ConfigHelper.getExitTime():
# so the previous one was an exit
if (previous != -1):
observation_actions += [(action_exit, previous)]
# and it was just seen entering
observation_actions += [(action_notice, cur_time)]
# else, its just another observation, we don't care too much about it
# update previous
previous = cur_time
# make the last observation a leave, it'll get updated if it actually isn't
observation_actions += [(action_exit, previous)]
else:
# no observations --> nothing to do, move along
return
# putting the observations into the behavior database
for actions in observation_actions:
# actions is a tuple
BehaviorDatabaseHelper.addBehavior(
behaviorDB, address, actions[0],
actions[1]) # can add lat/long here if you want
def TRAKr(app):
# loading up the config file parser
configHelper = ConfigHelper.ConfigHelper()
configHelper.startUp()
# handling pre-run parameters first
if TRAKr.params.reset:
configHelper.resetConfig()
# exporting databases
if TRAKr.params.export:
__exportData()
# deleting databases
elif TRAKr.params.deleteDB:
__deleteDBs()
__initDBs()
# handling run-oriented parameters
# these are the ones that can go infinitely like scans
if TRAKr.params.run:
__run()
else:
# this only scans and puts the MACs into the rolling.db
if TRAKr.params.scan:
__scan(False, False)
# run analysis on rolling.db
elif TRAKr.params.analyze:
__analyze()
# load up a file, lat/long will be 0 as default if not inputted
if TRAKr.params.load != "":
__loadFile(TRAKr.params.load, TRAKr.params.lat, TRAKr.params.long)
elif TRAKr.params.loaddir != "":
__loadDir(TRAKr.params.loaddir, TRAKr.params.lat,
TRAKr.params.long)
# wait just a little bit, because sometimes it'll race condition and go past this
ThreadKeeper.wait(0.01)
# don't stop execution just yet, because scan or analysis may be running
ThreadKeeper.waitForThreads()
def makeExportData():
# this is a 2d array of the rows to be exported
csv_data = []
conn = BehaviorDatabaseHelper.connect()
all_actions = BehaviorDatabaseHelper.getAllActionsSortedbyTime(conn)
# number of seconds for each span of observation
time_bracket = 3600 / ConfigHelper.getHourSegments()
time_end = all_actions[0].time
current_entries = 0
current_exits = 0
current_population = 0
filtered_actions = all_actions # __filterActions(all_actions)
for action in filtered_actions:
# this is guaranteed to hit on the first packet
# check if a new bracket needs to be created
if action.time > time_end:
# update
current_population = current_population + current_entries - current_exits
# each time stamp will be the start time
# and the next observation will be when it ends
csv_data += [(time_end, current_entries, current_exits,
current_population)]
# reset counters
time_end = time_end + time_bracket
current_entries = 0
current_exits = 0
# entry
if action.action == 1:
current_entries += 1
# exit
else:
current_exits += 1
return csv_data[1:]
def __filterActions(all_actions):
filtered_actions = []
entries = []
for a in all_actions:
# if its an entry, just log it in the list
if a.action == 1:
entries += [EntryAction(a.time, a.address)]
# if it's an exit, we need to see if we're cutting it out
else:
prev = __findEntryTime(a.address, entries)
timespan = a.time - prev
# should we keep it?
if timespan > ConfigHelper.getEntryTime():
filtered_actions += [SimpleAction(1, a.time, a.address)]
filtered_actions += [SimpleAction(0, prev, a.address)]
# now everything in filtered_actions are likely to be non-randomized MAC address devices
# need to sort by time
filtered_actions.sort()
return filtered_actions
from multiprocessing import freeze_support
def connect():
pathToDB = ConfigHelper.getRollingDatabasePath()
connection = sqlite3.connect(pathToDB)
return connection
def connect():
pathToDB = ConfigHelper.getBehaviorDatabasePath()
connection = sqlite3.connect(pathToDB)
return connection
def __removePcaps():
# http://stackoverflow.com/questions/1995373/
path = str(ConfigHelper.getCaptureDirectory())
[os.remove(path + f) for f in os.listdir(path) if f.endswith(".pcap")]
def makeTimeSlots():
# returns an array of the size of time slots that should be created
slotsPerHour = ConfigHelper.getHourSegments()
backTrackHours = ConfigHelper.getNumBackTrackHours()
return [0] * slotsPerHour * backTrackHours
def deleteDBs():
__deleteDB(ConfigHelper.getRollingDatabasePath())
__deleteDB(ConfigHelper.getBehaviorDatabasePath())
print "Databases deleted."
def __fixPreviousAction(connection, address, previousTime, newTime):
# should it be removed?
if newTime - previousTime < ConfigHelper.getExitTime():
BehaviorDatabaseHelper.removeFalseExit(connection, address,
previousTime)
pass
def serial_operation_by_control_file(tag,
case_file=Res.case_file,
c=Cfg.SMCommon(),
commands=[]):
log('launch swipe process of ' + tag)
lines = get_usable_lines_from_file(case_file)
# parse if have special configuration
case_w, case_h, case_nav = 0, 0, 0
for line in lines:
items = line.split(Res.split_mark)
if Res.case_display_config in line:
case_w = int(items[1])
case_h = int(items[2])
case_nav = int(items[3])
break
case_has_nav = case_nav > 0
alta_height = (0 if c.has_nav and not case_has_nav else
-(c.nav_height if not case_has_nav else case_nav))
real_w, real_h, nav_h = CfgU.device_real_config_info(tag)
f_x = float(real_w) / (c.size_x if case_w == 0 else case_w)
f_y = float(real_h) / ((c.size_y if case_h == 0 else case_h) + alta_height)
for line in lines:
items = line.split(Res.split_mark)
if real_item(Res.action_click, items[0]):
p_open(
Res.adb_tap_with_tag(tag, cor(items[1], f_x),
cor(items[2], f_y)))
delay_index = Res.delay_index_one_point
elif real_item(Res.action_hold, items[0]):
p_open(
Res.adb_touch_screen_with_tag(tag, cor(items[1], f_x),
cor(items[2], f_y)))
delay_index = Res.delay_index_one_point
elif real_item(Res.action_home, items[0]):
send_key_home(tag)
delay_index = Res.delay_index_zero_point
elif real_item(Res.action_back, items[0]):
p_open(Res.adb_key_event_back(tag))
delay_index = Res.delay_index_zero_point
elif real_item(Res.action_wait, items[0]):
delay_index = Res.delay_index_zero_point
elif real_item(Res.action_swipe, items[0]):
p_open(
Res.adb_swipe_with_tag(tag, cor(items[1], f_x),
cor(items[2], f_y), cor(items[3], f_x),
cor(items[4], f_y)))
delay_index = Res.delay_index_two_point
elif real_item(Res.special_start, items[0]):
p_open(Res.asb_shell_start_activity(tag, c.act))
delay_index = Res.delay_index_zero_point
elif real_item(Res.special_stop, items[0]):
p_open(Res.asb_shell_force_stop(tag, c.pkg))
delay_index = Res.delay_index_zero_point
elif real_item(Res.special_clear_data, items[0]):
p_open(Res.asb_shell_clear_data(tag, c.pkg))
delay_index = Res.delay_index_zero_point
elif real_item(Res.special_clear_logcat, items[0]):
p_open(Res.asb_shell_clear_logcat(tag))
delay_index = Res.delay_index_zero_point
elif real_item(Res.special_invoke_watcher, items[0]):
p_open(commands[2]) # start collector activity
delay_index = Res.delay_index_zero_point
elif real_item(Res.special_start_command, items[0]):
p_open(commands[0])
delay_index = Res.delay_index_zero_point
elif real_item(Res.special_stop_command, items[0]):
p_open(commands[1])
delay_index = Res.delay_index_zero_point
elif real_item(Res.action_uninstall, items[0]):
FunPkg.uninstall(tag, c.pkg)
delay_index = Res.delay_index_zero_point
elif real_item(Res.action_install, items[0]):
delay_index = install_and_parse_index(tag, c, items[1])
elif real_item(Res.action_install_r, items[0]):
delay_index = install_and_parse_index(tag, c, items[1], True)
elif real_item(Res.action_reboot, items[0]):
p_open(Res.adb_reboot(tag))
delay_index = Res.delay_index_zero_point
else:
continue
seconds = items[delay_index] if len(
items) > delay_index else Res.default_delay_in_action
sleep(float(seconds))
TRAKr.add_param("-analyze",
help="run analysis on packets",
action='store_true')
TRAKr.add_param("-load",
help="loads a pcap file into the database",
type=str,
default="")
TRAKr.add_param("-loaddir",
help="load a directory full of only pcap files",
type=str,
default="")
TRAKr.add_param("-lat",
help="latitude - load or scan parameter",
type=float,
default=0)
TRAKr.add_param("-long",
help="longitude - load or scan parameter",
type=float,
default=0)
if __name__ == '__main__':
try:
TRAKr.run()
# catch the keyboard interrupt and cleanup half open files
except KeyboardInterrupt:
print("\nTRAKr - Keyboard Interrupt - Shutting down...\n")
if not ConfigHelper.getKeepAllPcaps():
__removePcaps()
os._exit(0)
