def create_db_entry_ios(app_dict, info_dict, code_dict, files, sfiles): """Save an IOS ZIP DB entry""" try: # pylint: disable=E1101 static_db = StaticAnalyzerIOSZIP(TITLE='Static Analysis', APPNAMEX=app_dict["app_name"], SIZE=app_dict["size"], MD5=app_dict["md5_hash"], SHA1=app_dict["sha1"], SHA256=app_dict["sha256"], INFOPLIST=info_dict["plist_xml"], BINNAME=info_dict["bin_name"], IDF=info_dict["id"], VERSION=info_dict["ver"], SDK=info_dict["sdk"], PLTFM=info_dict["pltfm"], MINX=info_dict["min"], FILES=files, SFILESX=sfiles, API=code_dict["api"], CODEANAL=code_dict["code_anal"], URLnFile=code_dict["urlnfile"], DOMAINS=code_dict["domains"], EmailnFile=code_dict["emailnfile"], PERMISSIONS=info_dict["permissions"], INSECCON=info_dict["inseccon"]) static_db.save() except: PrintException("[ERROR] Updating DB")
def create_db_entry_ios(app_dict, info_dict, code_dict, files, sfiles): """Save an IOS ZIP DB entry""" try: # pylint: disable=E1101 static_db = StaticAnalyzerIOSZIP( TITLE='Static Analysis', APPNAMEX=app_dict["app_name"], SIZE=app_dict["size"], MD5=app_dict["md5_hash"], SHA1=app_dict["sha1"], SHA256=app_dict["sha256"], INFOPLIST=info_dict["plist_xml"], BINNAME=info_dict["bin_name"], IDF=info_dict["id"], VERSION=info_dict["ver"], SDK=info_dict["sdk"], PLTFM=info_dict["pltfm"], MINX=info_dict["min"], FILES=files, SFILESX=sfiles, API=code_dict["api"], CODEANAL=code_dict["code_anal"], URLnFile=code_dict["urlnfile"], DOMAINS=code_dict["domains"], EmailnFile=code_dict["emailnfile"], PERMISSIONS=info_dict["permissions"], INSECCON=info_dict["inseccon"]) static_db.save() except: PrintException("[ERROR] Updating DB")
def create_db_entry_ios(app_dict, info_dict, code_dict, files, sfiles): """Save an IOS ZIP DB entry""" try: # pylint: disable=E1101 static_db = StaticAnalyzerIOSZIP( TITLE='Static Analysis', FILE_NAME=app_dict["file_name"], SIZE=app_dict["size"], MD5=app_dict["md5_hash"], SHA1=app_dict["sha1"], SHA256=app_dict["sha256"], INFOPLIST=info_dict["plist_xml"], BINNAME=info_dict["bin_name"], IDF=info_dict["id"], BUILD=info_dict["build"], VERSION=info_dict["bundle_version_name"], SDK=info_dict["sdk"], PLTFM=info_dict["pltfm"], MINX=info_dict["min"], FILES=files, SFILESX=sfiles, API=code_dict["api"], CODEANAL=code_dict["code_anal"], URLnFile=code_dict["urlnfile"], DOMAINS=code_dict["domains"], EmailnFile=code_dict["emailnfile"], PERMISSIONS=info_dict["permissions"], INSECCON=info_dict["inseccon"], BUNDLE_NAME=info_dict["bundle_name"], BUNDLE_URL_TYPES=info_dict["bundle_url_types"], BUNDLE_SUPPORTED_PLATFORMS=info_dict["bundle_supported_platforms"], BUNDLE_LOCALIZATIONS=info_dict["bundle_localizations"], APPSTORE_DETAILS=app_dict["appstore"], FIREBASE=code_dict["firebase"], ) static_db.save() except: PrintException("Saving DB")
def create_db_entry_ios(app_dict, info_dict, code_dict, files, sfiles): """Save an IOS ZIP DB entry""" try: # pylint: disable=E1101 static_db = StaticAnalyzerIOSZIP( TITLE='Static Analysis', FILE_NAME=app_dict["file_name"], SIZE=app_dict["size"], MD5=app_dict["md5_hash"], SHA1=app_dict["sha1"], SHA256=app_dict["sha256"], INFOPLIST=info_dict["plist_xml"], BINNAME=info_dict["bin_name"], IDF=info_dict["id"], BUILD=info_dict["build"], VERSION=info_dict["bundle_version_name"], SDK=info_dict["sdk"], PLTFM=info_dict["pltfm"], MINX=info_dict["min"], FILES=files, SFILESX=sfiles, API=code_dict["api"], CODEANAL=code_dict["code_anal"], URLnFile=code_dict["urlnfile"], DOMAINS=code_dict["domains"], EmailnFile=code_dict["emailnfile"], PERMISSIONS=info_dict["permissions"], INSECCON=info_dict["inseccon"], BUNDLE_NAME=info_dict["bundle_name"], BUNDLE_URL_TYPES=info_dict["bundle_url_types"], BUNDLE_SUPPORTED_PLATFORMS=info_dict["bundle_supported_platforms"], BUNDLE_LOCALIZATIONS=info_dict["bundle_localizations"], APPSTORE_DETAILS=app_dict["appstore"], FIREBASE=code_dict["firebase"], ) static_db.save() except: PrintException("Saving DB")
def create_db_entry_ios(app_dict, info_dict, code_dict, files, sfiles): """Save an IOS ZIP DB entry.""" try: # pylint: disable=E1101 static_db = StaticAnalyzerIOSZIP( TITLE='Static Analysis', FILE_NAME=app_dict['file_name'], SIZE=app_dict['size'], MD5=app_dict['md5_hash'], SHA1=app_dict['sha1'], SHA256=app_dict['sha256'], INFOPLIST=info_dict['plist_xml'], BINNAME=info_dict['bin_name'], IDF=info_dict['id'], BUILD=info_dict['build'], VERSION=info_dict['bundle_version_name'], SDK=info_dict['sdk'], PLTFM=info_dict['pltfm'], MINX=info_dict['min'], FILES=files, SFILESX=sfiles, API=code_dict['api'], CODEANAL=code_dict['code_anal'], URLnFile=code_dict['urlnfile'], DOMAINS=code_dict['domains'], EmailnFile=code_dict['emailnfile'], PERMISSIONS=info_dict['permissions'], INSECCON=info_dict['inseccon'], BUNDLE_NAME=info_dict['bundle_name'], BUNDLE_URL_TYPES=info_dict['bundle_url_types'], BUNDLE_SUPPORTED_PLATFORMS=info_dict['bundle_supported_platforms'], BUNDLE_LOCALIZATIONS=info_dict['bundle_localizations'], APPSTORE_DETAILS=app_dict['appstore'], FIREBASE=code_dict['firebase'], ) static_db.save() except Exception: logger.exception('Saving DB')
def StaticAnalyzer_iOS(request): try: # Input validation print "[INFO] iOS Static Analysis Started" TYP = request.GET['type'] RESCAN = str(request.GET.get('rescan', 0)) m = re.match('^[0-9a-f]{32}$', request.GET['checksum']) if ((m) and (request.GET['name'].lower().endswith('.ipa') or request.GET['name'].lower().endswith('.zip')) and (TYP in ['ipa', 'ios'])): DIR = settings.BASE_DIR # BASE DIR APP_NAME = request.GET['name'] # APP ORGINAL NAME MD5 = request.GET['checksum'] # MD5 APP_DIR = os.path.join(settings.UPLD_DIR, MD5 + '/') # APP DIRECTORY TOOLS_DIR = os.path.join(DIR, 'StaticAnalyzer/tools/mac/') # TOOLS DIR if TYP == 'ipa': # DB DB = StaticAnalyzerIPA.objects.filter(MD5=MD5) if DB.exists() and RESCAN == '0': print "\n[INFO] Analysis is already Done. Fetching data from the DB..." context = { 'title': DB[0].TITLE, 'name': DB[0].APPNAMEX, 'size': DB[0].SIZE, 'md5': DB[0].MD5, 'sha1': DB[0].SHA1, 'sha256': DB[0].SHA256, 'plist': DB[0].INFOPLIST, 'bin_name': DB[0].BINNAME, 'id': DB[0].IDF, 'ver': DB[0].VERSION, 'sdk': DB[0].SDK, 'pltfm': DB[0].PLTFM, 'min': DB[0].MINX, 'bin_anal': DB[0].BIN_ANAL, 'libs': DB[0].LIBS, 'files': python_list(DB[0].FILES), 'file_analysis': DB[0].SFILESX, 'strings': DB[0].STRINGS, } else: print "[INFO] iOS Binary (IPA) Analysis Started" APP_FILE = MD5 + '.ipa' # NEW FILENAME APP_PATH = APP_DIR + APP_FILE # APP PATH BIN_DIR = os.path.join(APP_DIR, "Payload/") # ANALYSIS BEGINS SIZE = str(FileSize(APP_PATH)) + 'MB' # FILE SIZE SHA1, SHA256 = HashGen(APP_PATH) # SHA1 & SHA256 HASHES print "[INFO] Extracting IPA" Unzip(APP_PATH, APP_DIR) # EXTRACT IPA # Get Files, normalize + to x, and convert binary plist -> # xml FILES, SFILES = iOS_ListFiles(BIN_DIR, MD5, True, 'ipa') INFO_PLIST, BIN_NAME, ID, VER, SDK, PLTFM, MIN, LIBS, BIN_ANAL, STRINGS = BinaryAnalysis( BIN_DIR, TOOLS_DIR, APP_DIR) # Saving to DB print "\n[INFO] Connecting to DB" if RESCAN == '1': print "\n[INFO] Updating Database..." StaticAnalyzerIPA.objects.filter(MD5=MD5).update( TITLE='Static Analysis', APPNAMEX=APP_NAME, SIZE=SIZE, MD5=MD5, SHA1=SHA1, SHA256=SHA256, INFOPLIST=INFO_PLIST, BINNAME=BIN_NAME, IDF=ID, VERSION=VER, SDK=SDK, PLTFM=PLTFM, MINX=MIN, BIN_ANAL=BIN_ANAL, LIBS=LIBS, FILES=FILES, SFILESX=SFILES, STRINGS=STRINGS) elif RESCAN == '0': print "\n[INFO] Saving to Database" STATIC_DB = StaticAnalyzerIPA(TITLE='Static Analysis', APPNAMEX=APP_NAME, SIZE=SIZE, MD5=MD5, SHA1=SHA1, SHA256=SHA256, INFOPLIST=INFO_PLIST, BINNAME=BIN_NAME, IDF=ID, VERSION=VER, SDK=SDK, PLTFM=PLTFM, MINX=MIN, BIN_ANAL=BIN_ANAL, LIBS=LIBS, FILES=FILES, SFILESX=SFILES, STRINGS=STRINGS) STATIC_DB.save() context = { 'title': 'Static Analysis', 'name': APP_NAME, 'size': SIZE, 'md5': MD5, 'sha1': SHA1, 'sha256': SHA256, 'plist': INFO_PLIST, 'bin_name': BIN_NAME, 'id': ID, 'ver': VER, 'sdk': SDK, 'pltfm': PLTFM, 'min': MIN, 'bin_anal': BIN_ANAL, 'libs': LIBS, 'files': FILES, 'file_analysis': SFILES, 'strings': STRINGS, } template = "static_analysis/ios_binary_analysis.html" return render(request, template, context) elif TYP == 'ios': DB = StaticAnalyzerIOSZIP.objects.filter(MD5=MD5) if DB.exists() and RESCAN == '0': print "\n[INFO] Analysis is already Done. Fetching data from the DB..." context = { 'title': DB[0].TITLE, 'name': DB[0].APPNAMEX, 'size': DB[0].SIZE, 'md5': DB[0].MD5, 'sha1': DB[0].SHA1, 'sha256': DB[0].SHA256, 'plist': DB[0].INFOPLIST, 'bin_name': DB[0].BINNAME, 'id': DB[0].IDF, 'ver': DB[0].VERSION, 'sdk': DB[0].SDK, 'pltfm': DB[0].PLTFM, 'min': DB[0].MINX, 'bin_anal': DB[0].BIN_ANAL, 'libs': DB[0].LIBS, 'files': python_list(DB[0].FILES), 'file_analysis': DB[0].SFILESX, 'api': DB[0].HTML, 'insecure': DB[0].CODEANAL, 'urls': DB[0].URLnFile, 'domains': python_dict(DB[0].DOMAINS), 'emails': DB[0].EmailnFile, 'strings': DB[0].STRINGS } else: print "[INFO] iOS Source Code Analysis Started" APP_FILE = MD5 + '.zip' # NEW FILENAME APP_PATH = APP_DIR + APP_FILE # APP PATH # ANALYSIS BEGINS - Already Unzipped print "[INFO] ZIP Already Extracted" SIZE = str(FileSize(APP_PATH)) + 'MB' # FILE SIZE SHA1, SHA256 = HashGen(APP_PATH) # SHA1 & SHA256 HASHES FILES, SFILES = iOS_ListFiles(APP_DIR, MD5, False, 'ios') HTML, CODEANAL, URLnFile, DOMAINS, EmailnFile, INFO_PLIST, BIN_NAME, ID, VER, SDK, PLTFM, MIN = iOS_Source_Analysis( APP_DIR, MD5) LIBS, BIN_ANAL = '', '' # Saving to DB print "\n[INFO] Connecting to DB" if RESCAN == '1': print "\n[INFO] Updating Database..." StaticAnalyzerIOSZIP.objects.filter(MD5=MD5).update( TITLE='Static Analysis', APPNAMEX=APP_NAME, SIZE=SIZE, MD5=MD5, SHA1=SHA1, SHA256=SHA256, INFOPLIST=INFO_PLIST, BINNAME=BIN_NAME, IDF=ID, VERSION=VER, SDK=SDK, PLTFM=PLTFM, MINX=MIN, BIN_ANAL=BIN_ANAL, LIBS=LIBS, FILES=FILES, SFILESX=SFILES, HTML=HTML, CODEANAL=CODEANAL, URLnFile=URLnFile, DOMAINS=DOMAINS, EmailnFile=EmailnFile) elif RESCAN == '0': print "\n[INFO] Saving to Database" STATIC_DB = StaticAnalyzerIOSZIP( TITLE='Static Analysis', APPNAMEX=APP_NAME, SIZE=SIZE, MD5=MD5, SHA1=SHA1, SHA256=SHA256, INFOPLIST=INFO_PLIST, BINNAME=BIN_NAME, IDF=ID, VERSION=VER, SDK=SDK, PLTFM=PLTFM, MINX=MIN, BIN_ANAL=BIN_ANAL, LIBS=LIBS, FILES=FILES, SFILESX=SFILES, HTML=HTML, CODEANAL=CODEANAL, URLnFile=URLnFile, DOMAINS=DOMAINS, EmailnFile=EmailnFile) STATIC_DB.save() context = { 'title': 'Static Analysis', 'name': APP_NAME, 'size': SIZE, 'md5': MD5, 'sha1': SHA1, 'sha256': SHA256, 'plist': INFO_PLIST, 'bin_name': BIN_NAME, 'id': ID, 'ver': VER, 'sdk': SDK, 'pltfm': PLTFM, 'min': MIN, 'bin_anal': BIN_ANAL, 'libs': LIBS, 'files': FILES, 'file_analysis': SFILES, 'api': HTML, 'insecure': CODEANAL, 'urls': URLnFile, 'domains': DOMAINS, 'emails': EmailnFile } template = "static_analysis/ios_source_analysis.html" return render(request, template, context) else: return HttpResponseRedirect('/error/') else: return HttpResponseRedirect('/error/') except Exception as exp: PrintException("[ERROR] Static Analyzer iOS") context = {'title': 'Error', 'exp': exp.message, 'doc': exp.__doc__} template = "general/error.html" return render(request, template, context)