Exemple #1
0
def ios_source_analysis(src):
    """iOS Objective-C Code Analysis"""
    try:
        print("[INFO] Starting iOS Source Code and PLIST Analysis")
        api_rules = ios_apis.CODE_APIS
        code_rules = ios_rules.CODE_RULES
        code_findings = {}
        api_findings = {}
        email_n_file = []
        url_n_file = []
        url_list = []
        domains = {}

        for dirname, _, files in os.walk(src):
            for jfile in files:
                if jfile.endswith(".m"):

                    jfile_path = os.path.join(src, dirname, jfile)
                    if "+" in jfile:
                        new_path = os.path.join(src, dirname,
                                                jfile.replace("+", "x"))
                        shutil.move(jfile_path, new_path)
                        jfile_path = new_path
                    dat = ''
                    with io.open(jfile_path,
                                 mode='r',
                                 encoding="utf8",
                                 errors="ignore") as flip:
                        dat = flip.read()

                    # Code Analysis
                    relative_src_path = jfile_path.replace(src, '')
                    code_rule_matcher(code_findings, [], dat,
                                      relative_src_path, code_rules)
                    # API Analysis
                    api_rule_matcher(api_findings, [], dat, relative_src_path,
                                     api_rules)

                    # Extract URLs and Emails
                    urls, urls_nf, emails_nf = url_n_email_extract(
                        dat, relative_src_path)
                    url_list.extend(urls)
                    url_n_file.extend(urls_nf)
                    email_n_file.extend(emails_nf)
        # Domain Extraction and Malware Check
        print("[INFO] Performing Malware Check on extracted Domains")
        domains = malware_check(list(set(url_list)))
        print("[INFO] Finished Code Analysis, Email and URL Extraction")
        code_analysis_dict = {
            'api': api_findings,
            'code_anal': code_findings,
            'urlnfile': url_n_file,
            'domains': domains,
            'emailnfile': email_n_file,
        }
        return code_analysis_dict

    except:
        PrintException("[ERROR] iOS Source Code Analysis")
def ios_source_analysis(src):
    """iOS Objective-C Code Analysis"""
    try:
        logger.info("Starting iOS Source Code and PLIST Analysis")
        api_rules = ios_apis.CODE_APIS
        code_rules = ios_rules.CODE_RULES
        code_findings = {}
        api_findings = {}  
        email_n_file = []
        url_n_file = []
        url_list = []
        domains = {}

        for dirname, _, files in os.walk(src):
            for jfile in files:
                if jfile.endswith(".m"):

                    jfile_path = os.path.join(src, dirname, jfile)
                    if "+" in jfile:
                        new_path = os.path.join(
                            src, dirname, jfile.replace("+", "x"))
                        shutil.move(jfile_path, new_path)
                        jfile_path = new_path
                    dat = ''
                    with io.open(jfile_path, mode='r', encoding="utf8", errors="ignore") as flip:
                        dat = flip.read()

                    # Code Analysis
                    relative_src_path = jfile_path.replace(src, '')
                    code_rule_matcher(code_findings, [], dat, relative_src_path, code_rules)
                    # API Analysis
                    api_rule_matcher(api_findings, [], dat, relative_src_path, api_rules)

                    # Extract URLs and Emails
                    urls, urls_nf, emails_nf = url_n_email_extract(dat, relative_src_path)
                    url_list.extend(urls)
                    url_n_file.extend(urls_nf)
                    email_n_file.extend(emails_nf)
        urls_list = list(set(url_list))   
        # Domain Extraction and Malware Check
        logger.info("Performing Malware Check on extracted Domains")
        domains = malware_check(urls_list)
        logger.info("Finished Code Analysis, Email and URL Extraction")
        code_analysis_dict = {
            'api': api_findings,
            'code_anal': code_findings,
            'urls_list': urls_list,
            'urlnfile': url_n_file,
            'domains': domains,
            'emailnfile': email_n_file,
        }
        return code_analysis_dict

    except:
        PrintException("iOS Source Code Analysis")
def code_analysis(app_dir, perms, typ):
    """Perform the code analysis."""
    try:
        logger.info("Static Android Code Analysis Started")
        api_rules = android_apis.APIS
        code_rules = android_rules.RULES
        code_findings = {}
        api_findings = {}
        email_n_file = []
        url_n_file = []
        url_list = []
        domains = {}

        if typ == "apk":
            java_src = os.path.join(app_dir, 'java_source/')
        elif typ == "studio":
            java_src = os.path.join(app_dir, 'app/src/main/java/')
        elif typ == "eclipse":
            java_src = os.path.join(app_dir, 'src/')
        logger.info("Code Analysis Started on - " + java_src)
        # pylint: disable=unused-variable
        # Needed by os.walk
        for dir_name, sub_dir, files in os.walk(java_src):
            for jfile in files:
                jfile_path = os.path.join(java_src, dir_name, jfile)
                if "+" in jfile:
                    p_2 = os.path.join(java_src, dir_name,
                                       jfile.replace("+", "x"))
                    shutil.move(jfile_path, p_2)
                    jfile_path = p_2
                repath = dir_name.replace(java_src, '')
                if (jfile.endswith('.java') and any(
                        re.search(cls, repath)
                        for cls in settings.SKIP_CLASSES) is False):
                    dat = ''
                    with io.open(jfile_path,
                                 mode='r',
                                 encoding="utf8",
                                 errors="ignore") as file_pointer:
                        dat = file_pointer.read()

                    # Code Analysis
                    # print "[INFO] Doing Code Analysis on - " + jfile_path
                    relative_java_path = jfile_path.replace(java_src, '')
                    code_rule_matcher(code_findings, list(perms.keys()), dat,
                                      relative_java_path, code_rules)
                    # API Check
                    api_rule_matcher(api_findings, list(perms.keys()), dat,
                                     relative_java_path, api_rules)
                    # Extract URLs and Emails
                    urls, urls_nf, emails_nf = url_n_email_extract(
                        dat, relative_java_path)
                    url_list.extend(urls)
                    url_n_file.extend(urls_nf)
                    email_n_file.extend(emails_nf)
        # Domain Extraction and Malware Check
        logger.info("Performing Malware Check on extracted Domains")
        domains = malware_check(list(set(url_list)))
        logger.info("Finished Code Analysis, Email and URL Extraction")
        code_an_dic = {
            'api': api_findings,
            'findings': code_findings,
            'urls': url_n_file,
            'domains': domains,
            'emails': email_n_file,
        }
        return code_an_dic
    except:
        PrintException("Performing Code Analysis")
Exemple #4
0
def ios_source_analysis(src):
    """IOS Objective-C Code Analysis."""
    try:
        logger.info('Starting iOS Source Code and PLIST Analysis')
        api_rules = ios_apis.CODE_APIS
        code_rules = ios_rules.CODE_RULES
        code_findings = {}
        api_findings = {}
        email_n_file = []
        url_n_file = []
        url_list = []
        domains = {}

        for dirname, _, files in os.walk(src):
            for jfile in files:
                if jfile.endswith('.m'):

                    jfile_path = os.path.join(src, dirname, jfile)
                    if '+' in jfile:
                        new_path = os.path.join(src, dirname,
                                                jfile.replace('+', 'x'))
                        shutil.move(jfile_path, new_path)
                        jfile_path = new_path
                    dat = ''
                    with io.open(jfile_path,
                                 mode='r',
                                 encoding='utf8',
                                 errors='ignore') as flip:
                        dat = flip.read()

                    # Code Analysis
                    relative_src_path = jfile_path.replace(src, '')
                    code_rule_matcher(code_findings, [], dat,
                                      relative_src_path, code_rules)
                    # API Analysis
                    api_rule_matcher(api_findings, [], dat, relative_src_path,
                                     api_rules)

                    # Extract URLs and Emails
                    urls, urls_nf, emails_nf = url_n_email_extract(
                        dat, relative_src_path)
                    url_list.extend(urls)
                    url_n_file.extend(urls_nf)
                    email_n_file.extend(emails_nf)
        urls_list = list(set(url_list))
        # Domain Extraction and Malware Check
        logger.info('Performing Malware Check on extracted Domains')
        domains = malware_check(urls_list)
        logger.info('Finished Code Analysis, Email and URL Extraction')
        code_analysis_dict = {
            'api': api_findings,
            'code_anal': code_findings,
            'urls_list': urls_list,
            'urlnfile': url_n_file,
            'domains': domains,
            'emailnfile': email_n_file,
        }
        return code_analysis_dict

    except Exception:
        logger.exception('iOS Source Code Analysis')
Exemple #5
0
def code_analysis(app_dir, perms, typ):
    """Perform the code analysis."""
    try:
        logger.info('Static Android Code Analysis Started')
        api_rules = android_apis.APIS
        code_rules = android_rules.RULES
        code_findings = {}
        api_findings = {}
        email_n_file = []
        url_n_file = []
        url_list = []

        if typ == 'apk':
            java_src = os.path.join(app_dir, 'java_source/')
        elif typ == 'studio':
            java_src = os.path.join(app_dir, 'app/src/main/java/')
        elif typ == 'eclipse':
            java_src = os.path.join(app_dir, 'src/')
        logger.info('Code Analysis Started on - %s',
                    filename_from_path(java_src))
        # pylint: disable=unused-variable
        # Needed by os.walk
        for dir_name, _sub_dir, files in os.walk(java_src):
            for jfile in files:
                jfile_path = os.path.join(java_src, dir_name, jfile)
                if '+' in jfile:
                    p_2 = os.path.join(java_src, dir_name,
                                       jfile.replace('+', 'x'))
                    shutil.move(jfile_path, p_2)
                    jfile_path = p_2
                repath = dir_name.replace(java_src, '') + '/'
                if (jfile.endswith('.java') and any(
                        re.search(cls, repath)
                        for cls in settings.SKIP_CLASSES) is False):
                    dat = ''
                    with io.open(
                            jfile_path,
                            mode='r',
                            encoding='utf8',
                            errors='ignore',
                    ) as file_pointer:
                        dat = file_pointer.read()

                    # Code Analysis
                    relative_java_path = jfile_path.replace(java_src, '')
                    code_rule_matcher(code_findings, list(perms.keys()), dat,
                                      relative_java_path, code_rules)
                    # API Check
                    api_rule_matcher(api_findings, list(perms.keys()), dat,
                                     relative_java_path, api_rules)
                    # Extract URLs and Emails
                    urls, urls_nf, emails_nf = url_n_email_extract(
                        dat, relative_java_path)
                    url_list.extend(urls)
                    url_n_file.extend(urls_nf)
                    email_n_file.extend(emails_nf)
        logger.info('Finished Code Analysis, Email and URL Extraction')
        code_an_dic = {
            'api': api_findings,
            'findings': code_findings,
            'urls_list': url_list,
            'urls': url_n_file,
            'emails': email_n_file,
        }
        return code_an_dic
    except Exception:
        logger.exception('Performing Code Analysis')
def code_analysis(app_dir, perms, typ):
    """Perform the code analysis."""
    try:
        logger.info("Static Android Code Analysis Started")
        api_rules = android_apis.APIS
        code_rules = android_rules.RULES
        code_findings = {}
        api_findings = {}
        email_n_file = []
        url_n_file = []
        url_list = []
        domains = {}

        if typ == "apk":
            java_src = os.path.join(app_dir, 'java_source/')
        elif typ == "studio":
            java_src = os.path.join(app_dir, 'app/src/main/java/')
        elif typ == "eclipse":
            java_src = os.path.join(app_dir, 'src/')
        logger.info("Code Analysis Started on - " + filename_from_path(java_src))
        # pylint: disable=unused-variable
        # Needed by os.walk
        for dir_name, sub_dir, files in os.walk(java_src):
            for jfile in files:
                jfile_path = os.path.join(java_src, dir_name, jfile)
                if "+" in jfile:
                    p_2 = os.path.join(java_src, dir_name,
                                       jfile.replace("+", "x"))
                    shutil.move(jfile_path, p_2)
                    jfile_path = p_2
                repath = dir_name.replace(java_src, '')
                if (
                        jfile.endswith('.java') and
                        any(re.search(cls, repath)
                            for cls in settings.SKIP_CLASSES) is False
                ):
                    dat = ''
                    with io.open(
                        jfile_path,
                        mode='r',
                        encoding="utf8",
                        errors="ignore"
                    ) as file_pointer:
                        dat = file_pointer.read()

                    # Code Analysis
                    # print "[INFO] Doing Code Analysis on - " + jfile_path
                    relative_java_path = jfile_path.replace(java_src, '')
                    code_rule_matcher(
                        code_findings, list(perms.keys()), dat, relative_java_path, code_rules)
                    # API Check
                    api_rule_matcher(api_findings, list(perms.keys()),
                                     dat, relative_java_path, api_rules)
                     # Extract URLs and Emails
                    urls, urls_nf, emails_nf = url_n_email_extract(dat, relative_java_path)
                    url_list.extend(urls)
                    url_n_file.extend(urls_nf)
                    email_n_file.extend(emails_nf)
        logger.info("Finished Code Analysis, Email and URL Extraction")
        code_an_dic = {
            'api': api_findings,
            'findings': code_findings,
            'urls_list': url_list,
            'urls': url_n_file,
            'emails': email_n_file,
        }
        return code_an_dic
    except:
        PrintException("Performing Code Analysis")