def start():
onlyfiles = [
f for f in listdir(fuzzerConfig.path_for_crash_samples)
if isfile(join(fuzzerConfig.path_for_crash_samples, f))
]
for x in range(len(onlyfiles)):
#clean tombstones
adb_android.shell("rm /data/tombstones/*")
#push file to device
adb_android.push(fuzzerConfig.path_for_crash_samples + onlyfiles[x],
"/data/local/tmp")
#run the file
adb_android.shell(fuzzerConfig.target_android_executable +
' /data/local/tmp/' + onlyfiles[x])
#collect the crash
result = adb_android.shell(
"ls -l /data/tombstones/ | grep tombstone_00")
if (len(result) < 2):
pass
#No Tombstones generated , its a false positive
else:
adb_android.pull(
'/data/tombstones/tombstone_00',
fuzzerConfig.path_for_confirmed_samples + "tombstone_" +
onlyfiles[x])
def find_files():
onlyfiles = [
f for f in listdir(fuzzerConfig.path_to_unique_crashes)
if isfile(join(fuzzerConfig.path_to_unique_crashes, f))
]
for x in range(len(onlyfiles)):
print "File being debugged: " + fuzzerConfig.path_to_unique_crashes + onlyfiles[
x]
adb_android.push(fuzzerConfig.path_to_unique_crashes + onlyfiles[x],
"/data/local/tmp/crash.dex")
def run_on_android_emulator():
onlyfiles = [f for f in listdir(fuzzerConfig.path_to_mutated_dex) if isfile(join(fuzzerConfig.path_to_mutated_dex, f))]
for x in range(len(onlyfiles)):
print fuzzerConfig.path_to_mutated_dex+onlyfiles[x]
#adb logcat -c to clear logs from logcat
adb_android.push(fuzzerConfig.path_to_mutated_dex+onlyfiles[x], '/data/local/tmp/')
adb_android.shell('log -p F -t CRASH_LOGGER SIGSEGV : '+onlyfiles[x])
adb_android.shell(fuzzerConfig.target_android_executable+' /data/local/tmp/'+onlyfiles[x])
adb_android.shell("rm /data/local/tmp/"+onlyfiles[x])
save_logs()
def push_db(args):
# Find a writable location
temp_dir = _find_nonroot_writable_dir()
try:
# Copy the DB to the phone first
print yellow('Pushing the DB to the device...')
status_code, output = adb_android.push(args.input_file,
'%s/EnMicroMsg.db' % temp_dir)
print yellow('Copying the DB to its final home...')
_su_shell_command('cp %s/EnMicroMsg.db %s' %
(temp_dir, args.database_path))
except:
print
print red('=' * 80)
print red('An error occurred.')
sys.exit(1)
else:
print
print green('=' * 80)
print green('Success!')
finally:
# Make sure to clean up!
print yellow('Cleaning up...')
_shell_command('rm -f %s/EnMicroMsg.db' % temp_dir)
def start():
onlyfiles = [f for f in listdir(fuzzerConfig.path_for_crash_samples) if isfile(join(fuzzerConfig.path_for_crash_samples, f))]
for x in range(len(onlyfiles)):
#clean tombstones
adb_android.shell("rm /data/tombstones/*")
#push file to device
adb_android.push(fuzzerConfig.path_for_crash_samples+onlyfiles[x],"/data/local/tmp")
#run the file
adb_android.shell(fuzzerConfig.target_android_executable+' /data/local/tmp/' + onlyfiles[x])
#collect the crash
result = adb_android.shell("ls -l /data/tombstones/ | grep tombstone_00")
if(len(result)<2):
pass
#No Tombstones generated , its a false positive
else:
adb_android.pull('/data/tombstones/tombstone_00',fuzzerConfig.path_for_confirmed_samples+"tombstone_"+onlyfiles[x])
def run_on_android_emulator():
onlyfiles = [
f for f in listdir(fuzzerConfig.path_to_mutated_dex)
if isfile(join(fuzzerConfig.path_to_mutated_dex, f))
]
for x in range(len(onlyfiles)):
print fuzzerConfig.path_to_mutated_dex + onlyfiles[x]
#adb logcat -c to clear logs from logcat
adb_android.push(fuzzerConfig.path_to_mutated_dex + onlyfiles[x],
'/data/local/tmp/')
adb_android.shell('log -p F -t CRASH_LOGGER SIGSEGV : ' + onlyfiles[x])
adb_android.shell(fuzzerConfig.target_android_executable +
' /data/local/tmp/' + onlyfiles[x])
adb_android.shell("rm /data/local/tmp/" + onlyfiles[x])
save_logs()
def push_db(args):
# Find a writable location
temp_dir = _find_nonroot_writable_dir()
try:
# Copy the DB to the phone first
print yellow('Pushing the DB to the device...')
status_code, output = adb_android.push(args.input_file, '%s/EnMicroMsg.db' % temp_dir)
print yellow('Copying the DB to its final home...')
_su_shell_command('cp %s/EnMicroMsg.db %s' % (temp_dir, args.database_path))
except:
print
print red('=' * 80)
print red('An error occurred.')
sys.exit(1)
else:
print
print green('=' * 80)
print green('Success!')
finally:
# Make sure to clean up!
print yellow('Cleaning up...')
_shell_command('rm -f %s/EnMicroMsg.db' % temp_dir)
def copy_gdb_server_to_device(): adb_android.push(fuzzerConfig.path_to_thridparty+"android_gdb/gdbserver","/data/local/tmp/")
def copy_gdb_server_to_device():
adb_android.push(fuzzerConfig.path_to_thridparty + "android_gdb/gdbserver",
"/data/local/tmp/")