def view_report(request, checksum, api=False): """Dynamic Analysis Report Generation.""" logger.info('Dynamic Analysis Report Generation') try: droidmon = {} apimon = {} if not is_md5(checksum): # We need this check since checksum is not validated # in REST API return print_n_send_error_response(request, 'Invalid Parameters', api) package = get_package_name(checksum) if not package: return print_n_send_error_response(request, 'Invalid Parameters', api) app_dir = os.path.join(settings.UPLD_DIR, checksum + '/') download_dir = settings.DWD_DIR if not is_file_exists(os.path.join(app_dir, 'logcat.txt')): msg = ('Dynamic Analysis report is not available ' 'for this app. Perform Dynamic Analysis ' 'and generate the report.') return print_n_send_error_response(request, msg, api) fd_log = os.path.join(app_dir, 'mobsf_frida_out.txt') droidmon = droidmon_api_analysis(app_dir, package) apimon = apimon_analysis(app_dir) analysis_result = run_analysis(app_dir, checksum, package) generate_download(app_dir, checksum, download_dir, package) images = get_screenshots(checksum, download_dir) context = { 'hash': checksum, 'emails': analysis_result['emails'], 'urls': analysis_result['urls'], 'domains': analysis_result['domains'], 'clipboard': analysis_result['clipboard'], 'xml': analysis_result['xml'], 'sqlite': analysis_result['sqlite'], 'others': analysis_result['other_files'], 'screenshots': images['screenshots'], 'activity_tester': images['activities'], 'exported_activity_tester': images['exported_activities'], 'droidmon': droidmon, 'apimon': apimon, 'frida_logs': is_file_exists(fd_log), 'package': package, 'version': settings.MOBSF_VER, 'title': 'Dynamic Analysis' } template = 'dynamic_analysis/android/dynamic_report.html' if api: return context return render(request, template, context) except Exception as exp: logger.exception('Dynamic Analysis Report Generation') err = 'Error Geneating Dynamic Analysis Report. ' + str(exp) return print_n_send_error_response(request, err, api)
def view_report(request): """Dynamic Analysis Report Generation.""" logger.info('Dynamic Analysis Report Generation') try: md5_hash = request.GET['hash'] package = request.GET['package'] droidmon = {} apimon = {} if (is_attack_pattern(package) or not is_md5(md5_hash)): return print_n_send_error_response(request, 'Invalid Parameters') app_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/') download_dir = settings.DWD_DIR if not is_file_exists(os.path.join(app_dir, 'logcat.txt')): msg = ('Dynamic Analysis report is not available ' 'for this app. Perform Dynamic Analysis ' 'and generate the report.') return print_n_send_error_response(request, msg) fd_log = os.path.join(app_dir, 'mobsf_frida_out.txt') droidmon = droidmon_api_analysis(app_dir, package) apimon = apimon_analysis(app_dir) analysis_result = run_analysis(app_dir, md5_hash, package) generate_download(app_dir, md5_hash, download_dir, package) images = get_screenshots(md5_hash, download_dir) context = {'md5': md5_hash, 'emails': analysis_result['emails'], 'urls': analysis_result['urls'], 'domains': analysis_result['domains'], 'clipboard': analysis_result['clipboard'], 'xml': analysis_result['xml'], 'sqlite': analysis_result['sqlite'], 'others': analysis_result['other_files'], 'screenshots': images['screenshots'], 'acttest': images['activities'], 'expacttest': images['exported_activities'], 'droidmon': droidmon, 'apimon': apimon, 'fdlog': is_file_exists(fd_log), 'package': package, 'version': settings.MOBSF_VER, 'title': 'Dynamic Analysis'} template = 'dynamic_analysis/android/dynamic_report.html' return render(request, template, context) except Exception as exp: logger.exception('Dynamic Analysis Report Generation') err = 'Error Geneating Dynamic Analysis Report. ' + str(exp) return print_n_send_error_response(request, err)
def report(request): """Dynamic Analysis Report Generation""" print("\n[INFO] Dynamic Analysis Report Generation") try: if request.method == 'GET': md5_hash = request.GET['md5'] package = request.GET['pkg'] if re.findall(r";|\$\(|\|\||&&", package): print("[ATTACK] Possible RCE") return HttpResponseRedirect('/error/') if re.match('^[0-9a-f]{32}$', md5_hash): app_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY download_dir = settings.DWD_DIR droidmon_api_loc = os.path.join(app_dir, 'x_logcat.txt') api_analysis_result = api_analysis(package, droidmon_api_loc) analysis_result = run_analysis(app_dir, md5_hash, package) download(md5_hash, download_dir, app_dir, package) # Only After Download Process is Done imgs = [] act_imgs = [] act = {} expact_imgs = [] exp_act = {} if os.path.exists( os.path.join(download_dir, md5_hash + "-screenshots-apk/")): try: imp_path = os.path.join(download_dir, md5_hash + "-screenshots-apk/") for img in os.listdir(imp_path): if img.endswith(".png"): if img.startswith("act"): act_imgs.append(img) elif img.startswith("expact"): expact_imgs.append(img) else: imgs.append(img) static_android_db = StaticAnalyzerAndroid.objects.filter( MD5=md5_hash) if static_android_db.exists(): print( "\n[INFO] Fetching Exported Activity & Activity List from DB" ) exported_act = python_list( static_android_db[0].EXPORTED_ACT) act_desc = python_list( static_android_db[0].ACTIVITIES) if act_imgs: if len(act_imgs) == len(act_desc): act = dict(list(zip(act_imgs, act_desc))) if expact_imgs: if len(expact_imgs) == len(exported_act): exp_act = dict( list(zip(expact_imgs, exported_act))) else: print( "\n[WARNING] Entry does not exists in the DB.") except: PrintException("[ERROR] Screenshot Sorting") context = { 'md5': md5_hash, 'emails': analysis_result["emails"], 'urls': analysis_result["urls"], 'domains': analysis_result["domains"], 'clipboard': analysis_result["clipboard"], 'http': analysis_result["web_data"], 'xml': analysis_result["xmlfiles"], 'sqlite': analysis_result["sqlite_db"], 'others': analysis_result["other_files"], 'imgs': imgs, 'acttest': act, 'expacttest': exp_act, 'net': api_analysis_result["api_net"], 'base64': api_analysis_result["api_base64"], 'crypto': api_analysis_result["api_crypto"], 'fileio': api_analysis_result["api_fileio"], 'binder': api_analysis_result["api_binder"], 'divinfo': api_analysis_result["api_deviceinfo"], 'cntval': api_analysis_result["api_cntvl"], 'sms': api_analysis_result["api_sms"], 'sysprop': api_analysis_result["api_sysprop"], 'dexload': api_analysis_result["api_dexloader"], 'reflect': api_analysis_result["api_reflect"], 'sysman': api_analysis_result["api_acntmnger"], 'process': api_analysis_result["api_cmd"], 'pkg': package, 'title': 'Dynamic Analysis' } template = "dynamic_analysis/dynamic_analysis.html" return render(request, template, context) else: return HttpResponseRedirect('/error/') else: return HttpResponseRedirect('/error/') except: PrintException("[ERROR] Dynamic Analysis Report Generation") return HttpResponseRedirect('/error/')
def report(request): """Dynamic Analysis Report Generation""" print("\n[INFO] Dynamic Analysis Report Generation") try: if request.method == 'GET': md5_hash = request.GET['md5'] package = request.GET['pkg'] if re.findall(r";|\$\(|\|\||&&", package): print("[ATTACK] Possible RCE") return HttpResponseRedirect('/error/') if re.match('^[0-9a-f]{32}$', md5_hash): app_dir = os.path.join( settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY download_dir = settings.DWD_DIR droidmon_api_loc = os.path.join(app_dir, 'x_logcat.txt') api_analysis_result = api_analysis(package, droidmon_api_loc) analysis_result = run_analysis(app_dir, md5_hash, package) download(md5_hash, download_dir, app_dir, package) # Only After Download Process is Done imgs = [] act_imgs = [] act = {} expact_imgs = [] exp_act = {} if os.path.exists(os.path.join(download_dir, md5_hash + "-screenshots-apk/")): try: imp_path = os.path.join( download_dir, md5_hash + "-screenshots-apk/") for img in os.listdir(imp_path): if img.endswith(".png"): if img.startswith("act"): act_imgs.append(img) elif img.startswith("expact"): expact_imgs.append(img) else: imgs.append(img) static_android_db = StaticAnalyzerAndroid.objects.filter( MD5=md5_hash) if static_android_db.exists(): print( "\n[INFO] Fetching Exported Activity & Activity List from DB") exported_act = python_list( static_android_db[0].EXPORTED_ACT) act_desc = python_list( static_android_db[0].ACTIVITIES) if act_imgs: if len(act_imgs) == len(act_desc): act = dict(list(zip(act_imgs, act_desc))) if expact_imgs: if len(expact_imgs) == len(exported_act): exp_act = dict( list(zip(expact_imgs, exported_act))) else: print( "\n[WARNING] Entry does not exists in the DB.") except: PrintException("[ERROR] Screenshot Sorting") context = {'md5': md5_hash, 'emails': analysis_result["emails"], 'urls': analysis_result["urls"], 'domains': analysis_result["domains"], 'clipboard': analysis_result["clipboard"], 'http': analysis_result["web_data"], 'xml': analysis_result["xmlfiles"], 'sqlite': analysis_result["sqlite_db"], 'others': analysis_result["other_files"], 'imgs': imgs, 'acttest': act, 'expacttest': exp_act, 'net': api_analysis_result["api_net"], 'base64': api_analysis_result["api_base64"], 'crypto': api_analysis_result["api_crypto"], 'fileio': api_analysis_result["api_fileio"], 'binder': api_analysis_result["api_binder"], 'divinfo': api_analysis_result["api_deviceinfo"], 'cntval': api_analysis_result["api_cntvl"], 'sms': api_analysis_result["api_sms"], 'sysprop': api_analysis_result["api_sysprop"], 'dexload': api_analysis_result["api_dexloader"], 'reflect': api_analysis_result["api_reflect"], 'sysman': api_analysis_result["api_acntmnger"], 'process': api_analysis_result["api_cmd"], 'pkg': package, 'title': 'Dynamic Analysis'} template = "dynamic_analysis/dynamic_analysis.html" return render(request, template, context) else: return HttpResponseRedirect('/error/') else: return HttpResponseRedirect('/error/') except: PrintException("[ERROR] Dynamic Analysis Report Generation") return HttpResponseRedirect('/error/')
def report(request): """Dynamic Analysis Report Generation.""" logger.info('Dynamic Analysis Report Generation') try: if request.method == 'GET': md5_hash = request.GET['md5'] package = request.GET['pkg'] if re.findall(r';|\$\(|\|\||&&', package): return print_n_send_error_response(request, 'Possible RCE Attack') if re.match('^[0-9a-f]{32}$', md5_hash): app_dir = os.path.join( settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY download_dir = settings.DWD_DIR droidmon_api_loc = os.path.join(app_dir, 'x_logcat.txt') api_analysis_result = api_analysis(package, droidmon_api_loc) analysis_result = run_analysis(app_dir, md5_hash, package) download(md5_hash, download_dir, app_dir, package) # Only After Download Process is Done imgs = [] act_imgs = [] act = {} expact_imgs = [] exp_act = {} if os.path.exists(os.path.join( download_dir, md5_hash + '-screenshots-apk/')): try: imp_path = os.path.join( download_dir, md5_hash + '-screenshots-apk/') for img in os.listdir(imp_path): if img.endswith('.png'): if img.startswith('act'): act_imgs.append(img) elif img.startswith('expact'): expact_imgs.append(img) else: imgs.append(img) sadb = StaticAnalyzerAndroid.objects.filter( MD5=md5_hash) if sadb.exists(): logger.info( '\nFetching Exported Activity' ' & Activity List from DB') exported_act = python_list( sadb[0].EXPORTED_ACT) act_desc = python_list( sadb[0].ACTIVITIES) if act_imgs: if len(act_imgs) == len(act_desc): act = dict(list(zip(act_imgs, act_desc))) if expact_imgs: if len(expact_imgs) == len(exported_act): exp_act = dict( list(zip(expact_imgs, exported_act))) else: logger.warning('Entry does not exists in the DB.') except Exception: logger.exception('Screenshot Sorting') context = {'md5': md5_hash, 'emails': analysis_result['emails'], 'urls': analysis_result['urls'], 'domains': analysis_result['domains'], 'clipboard': analysis_result['clipboard'], 'http': analysis_result['web_data'], 'xml': analysis_result['xmlfiles'], 'sqlite': analysis_result['sqlite_db'], 'others': analysis_result['other_files'], 'imgs': imgs, 'acttest': act, 'expacttest': exp_act, 'net': api_analysis_result['api_net'], 'base64': api_analysis_result['api_base64'], 'crypto': api_analysis_result['api_crypto'], 'fileio': api_analysis_result['api_fileio'], 'binder': api_analysis_result['api_binder'], 'divinfo': api_analysis_result['api_deviceinfo'], 'cntval': api_analysis_result['api_cntvl'], 'sms': api_analysis_result['api_sms'], 'sysprop': api_analysis_result['api_sysprop'], 'dexload': api_analysis_result['api_dexloader'], 'reflect': api_analysis_result['api_reflect'], 'sysman': api_analysis_result['api_acntmnger'], 'process': api_analysis_result['api_cmd'], 'pkg': package, 'title': 'Dynamic Analysis'} template = 'dynamic_analysis/dynamic_analysis.html' return render(request, template, context) else: return print_n_send_error_response(request, 'Invalid Scan Hash') else: return print_n_send_error_response(request, 'Only GET allowed') except Exception: logger.exception('Dynamic Analysis Report Generation') err = 'Error Geneating Dynamic Analysis Report' return print_n_send_error_response(request, err)