def __install_local(self, toolname, tool):
"""Push the binary from the workstation to the device"""
local, command = tool['LOCAL'], tool['COMMAND']
name = Utils.extract_filename_from_path(command)
if not self.__is_tool_available(name):
self.device.printer.verbose('[INSTALL] Manually installing: %s' % toolname)
src = local
dst = Utils.path_join('/usr/bin/', name)
self.device.push(src, dst)
self.device.remote_op.chmod_x(dst)
else:
self.device.printer.debug('[INSTALL] Tool already available: %s' % toolname)
def __install_local(self, toolname, tool):
"""Push the binary from the workstation to the device"""
local, command = tool['LOCAL'], tool['COMMAND']
name = Utils.extract_filename_from_path(command)
if not self.__is_tool_available(name):
self.device.printer.verbose('[INSTALL] Manually installing: %s' % toolname)
src = local
dst = Utils.path_join('/usr/bin/', name)
self.device.push(src, dst)
self.device.remote_op.chmod_x(dst)
else:
self.device.printer.debug('[INSTALL] Tool already available: %s' % toolname)
def module_run(self):
# Create a file with the current time of last modification
self.printer.verbose("Creating timestamp file...")
ts = self.device.remote_op.create_timestamp_file(
'timestamp-caching-snapshot')
# Launch the app
self.printer.info("Launching the app...")
self.device.app.open(self.APP_METADATA['bundle_id'])
# Ask the user to background the app
self.printer.info(
"Background the app by hitting the home button, then press enter: "
)
raw_input()
time.sleep(2)
# Check presence of new screenshots
self.printer.info("Checking for new screenshots...")
folder = os.path.join(self.APP_METADATA['data_directory'],
'Library/Caches/Snapshots/')
cmd = '{bin} {folder} -type f -newer {ts} | sort -u'.format(
bin=self.device.DEVICE_TOOLS['FIND'], folder=folder, ts=ts)
out = self.device.remote_op.command_blocking(cmd)
if not out:
self.printer.warning("No new screenshots were detected")
return
# Print to console
self.printer.notify("Screenshots found:")
sc = []
for el in out:
fname = el.strip()
sc.append(fname)
self.printer.notify('\t{}'.format(fname))
# Pull files & show image
if self.options['pull']:
self.printer.notify(
'Retrieving screenshots and saving them in: %s' %
self.path_home_temp)
for s in sc:
# Pull file
temp_name = Utils.extract_filename_from_path(s)
temp_file = self.local_op.build_temp_path_for_file(
self, temp_name)
self.device.remote_op.download(s, temp_file)
# Show image
cmd = '{} "{}"'.format(self.TOOLS_LOCAL['EOG'], temp_file)
self.local_op.command_blocking(cmd)
def module_run(self):
self.printer.info("Looking for Cache.db files...")
# Compose cmd string
dirs = [
self.APP_METADATA['bundle_directory'],
self.APP_METADATA['data_directory']
]
dirs_str = ' '.join(dirs)
cmd = '{bin} {dirs_str} -type f -name "*Cache.db"'.format(
bin=self.device.DEVICE_TOOLS['FIND'], dirs_str=dirs_str)
out = self.device.remote_op.command_blocking(cmd)
# No files found
if not out:
self.printer.info("No Cache.db files found")
return
# Add data protection class
self.printer.info("Retrieving data protection classes...")
retrieved_files = self.device.app.get_dataprotection(out)
# Show Menu
self.printer.info("The following Cache.db files have been found:")
if self.options['analyze']:
option = choose_from_list_data_protection(retrieved_files)
# Pull file
fname = Utils.extract_filename_from_path(option)
temp_file = self.local_op.build_temp_path_for_file(self, fname)
self.device.pull(option, temp_file)
# Analyze it with SQLite
self.printer.info("Spawning SQLite3 console...")
cmd_headers = ' -header' if self.options['headers'] else ''
cmd_column = ' -column' if self.options['column_mode'] else ''
cmd_csv = ' -csv' if self.options['csv_mode'] else ''
cmd = '{bin} {header} {column} {csv} {db}'.format(
bin=self.TOOLS_LOCAL['SQLITE3'],
header=cmd_headers,
column=cmd_column,
csv=cmd_csv,
db=temp_file)
self.local_op.command_interactive(cmd)
# Delete file
self.local_op.delete_temp_file(self, fname)
else:
# Only list files, do not prompt the user
choose_from_list_data_protection(retrieved_files, choose=False)
def show_image(self, sc):
if self.options['pull']:
self.printer.notify('Retrieving screenshots and saving them in: %s' % self.options['output'])
for s in sc:
# Pull file
temp_name = Utils.extract_filename_from_path(s)
temp_file = os.path.join(self.options['output'], temp_name)
self.device.remote_op.download(s, temp_file)
# Show image
# Kali
cmd = '{} "{}"'.format(self.TOOLS_LOCAL['EOG'], temp_file)
out, err = self.local_op.command_blocking(cmd)
if 'not found' in err:
# OS X
cmd = '{} "{}"'.format(self.TOOLS_LOCAL['OPEN'], temp_file)
self.local_op.command_blocking(cmd)
def show_image(self, sc):
if self.options['pull']:
self.printer.notify(
'Retrieving screenshots and saving them in: %s' %
self.options['output'])
for s in sc:
# Pull file
temp_name = Utils.extract_filename_from_path(s)
temp_file = os.path.join(self.options['output'], temp_name)
self.device.remote_op.download(s, temp_file)
# Show image
# Kali
cmd = '{} "{}"'.format(self.TOOLS_LOCAL['EOG'], temp_file)
out, err = self.local_op.command_blocking(cmd)
if 'not found' in err:
# OS X
cmd = '{} "{}"'.format(self.TOOLS_LOCAL['OPEN'], temp_file)
self.local_op.command_blocking(cmd)
def module_run(self):
self.printer.info('Searching for Configuration file...')
# Check if the EffectiveUserSettings.plist file is present
config_file = Constants.DEVICE_PATH_EFFECTIVE_USER_SETTINGS_IOS10 if "10" in self.device._ios_version else Constants.DEVICE_PATH_EFFECTIVE_USER_SETTINGS_IOS9_AND_BELOW
if not self.device.remote_op.file_exist(config_file):
raise FrameworkException('Could not find: %s' % config_file)
# Pull Effective User Settings plist
local_name = Utils.extract_filename_from_path(config_file)
local_file = self.save_file(config_file, local_name)
if not self.options['pull_only']:
# Comparing configuration with template
self.printer.info('Assessing Configuration...')
if not self.options['template']:
raise FrameworkException('Template not provided')
self.compare(local_file, self.options['template'])
self.printer.notify('Configuration Saved to: %s' % local_file)
def module_run(self):
self.printer.info('Searching for Configuration file...')
# Check if the EffectiveUserSettings.plist file is present
config_file = Constants.DEVICE_PATH_EFFECTIVE_USER_SETTINGS_IOS10 if "10" in self.device._ios_version else Constants.DEVICE_PATH_EFFECTIVE_USER_SETTINGS_IOS9_AND_BELOW
if not self.device.remote_op.file_exist(config_file):
raise FrameworkException('Could not find: %s' % config_file)
# Pull Effective User Settings plist
local_name = Utils.extract_filename_from_path(config_file)
local_file = self.save_file(config_file, local_name)
if not self.options['pull_only']:
# Comparing configuration with template
self.printer.info('Assessing Configuration...')
if not self.options['template']:
raise FrameworkException('Template not provided')
self.compare(local_file, self.options['template'])
self.printer.notify('Configuration Saved to: %s' % local_file)
def module_run(self):
self.printer.info("Looking for Binary Cookies files...")
# Compose cmd string
dirs = [
self.APP_METADATA['bundle_directory'],
self.APP_METADATA['data_directory']
]
dirs_str = ' '.join(dirs)
cmd = '{bin} {dirs_str} -type f -name "*binarycookies"'.format(
bin=self.device.DEVICE_TOOLS['FIND'], dirs_str=dirs_str)
out = self.device.remote_op.command_blocking(cmd)
# No files found
if not out:
self.printer.info("No Binary Cookies files found")
return
# Add data protection class
self.printer.info("Retrieving data protection classes...")
retrieved_files = self.device.app.get_dataprotection(out)
# Show Menu
self.printer.info(
"The following Binary Cookies files have been found:")
if self.options['analyze']:
option = choose_from_list_data_protection(retrieved_files)
# Pull file
fname = Utils.extract_filename_from_path(option)
temp_file = self.local_op.build_temp_path_for_file(self, fname)
self.device.pull(option, temp_file)
# Analyze it with BinaryCookieReader
cmd = 'python {bin} {temp_file}'.format(
bin=self.TOOLS_LOCAL['BINARYCOOKIEREADER'],
temp_file=temp_file)
self.local_op.command_interactive(cmd)
# Delete file
self.local_op.delete_temp_file(self, fname)
else:
# Only list files, do not prompt the user
choose_from_list_data_protection(retrieved_files, choose=False)