def writeConfigurationOnEmulator(emulator, idXP, reportingConfiguration): logger = Logger.getLogger(__name__) configurationContent = """# Hooker Analysis Configuration File # Network configuration [elasticsearch] elasticsearch_mode={0} elasticsearch_nb_thread={1} elasticsearch_ip={2} elasticsearch_port={3} elasticsearch_index={4} elasticsearch_doctype={5} # File configuration [file] file_mode={6} file_name={7} [analysis] idXP={8} """.format(reportingConfiguration.elasticsearchMode, 1, "10.0.2.2", reportingConfiguration.elasticsearchPort, reportingConfiguration.elasticsearchIndex, reportingConfiguration.elasticsearchDoctype, reportingConfiguration.fileMode, "events.logs", idXP) logger.debug( "Deploy the following configuration on emulator {0}: \n{1}".format( emulator.name, configurationContent)) # Write on the emulator emulator.writeContentOnSdCard("experiment.conf", configurationContent)
def __init__(self, esNodes): """Creates and initializes the connection to the specified elasticsearch cluster. The esNodes attributes refers to a list of nodes we should connect to.""" self._logger = Logger.getLogger(__name__) self.esNodes = esNodes self.__initializeConnection()
def writeConfigurationOnEmulator(emulator, idXP, reportingConfiguration): logger = Logger.getLogger(__name__) configurationContent = """# Hooker Analysis Configuration File # Network configuration [elasticsearch] elasticsearch_mode={0} elasticsearch_nb_thread={1} elasticsearch_ip={2} elasticsearch_port={3} elasticsearch_index={4} elasticsearch_doctype={5} # File configuration [file] file_mode={6} file_name={7} [analysis] idXP={8} """.format(reportingConfiguration.elasticsearchMode, 1, "10.0.2.2", reportingConfiguration.elasticsearchPort, reportingConfiguration.elasticsearchIndex, reportingConfiguration.elasticsearchDoctype, reportingConfiguration.fileMode, "events.logs", idXP) logger.debug("Deploy the following configuration on emulator {0}: \n{1}".format(emulator.name, configurationContent)) # Write on the emulator emulator.writeContentOnSdCard("experiment.conf", configurationContent)
def __init__(self, commandLineParser): super(ManualAnalysis, self).__init__( MainConfiguration.build(commandLineParser), ReportingConfiguration.build(commandLineParser), ) self._logger = Logger.getLogger(__name__) self.analysisConfiguration = self.__prepareAnalysis(commandLineParser)
def executeCommand(commandAndArgs): logger = Logger.getLogger(__name__) if isinstance(commandAndArgs, str): commandAndArgs = shlex.split(commandAndArgs) logger.debug("Executing command {0}".format(commandAndArgs)) return subprocess.check_output(commandAndArgs, stderr=subprocess.STDOUT)
def __init__(self, adbPort, name, mainConfiguration): self._logger = Logger.getLogger(__name__) self.name = name self.mainConfiguration = mainConfiguration self.adbPort = adbPort self._hookerDir = "/mnt/sdcard/hooker/" self.serialNumber = '' self.state = AndroidDevice.STATE_NOT_PREPARED
def createTemporaryFolder(): """Create a random named temporary folder.""" logger = Logger.getLogger(__name__) logger.debug("Create temporary directory.") tmpName = "tmp_"+str(uuid.uuid4()) createDirectory(tmpName) return tmpName
def __init__(self, reporter, idXp, emulator, emulatorNumber, host="127.0.0.1"): self._logger = Logger.getLogger(__name__) self.emulatorNumber = emulatorNumber self.emulator = emulator self.reporter = reporter self.idXp = idXp self.__telnetPort = 5554 + (self.emulatorNumber*2) self.__emulatorSerialNumber = "emulator-{0}".format(self.__telnetPort) self.__host = host
def __init__(self, avdName, avdDir, sdkPath): self._logger = Logger.getLogger(__name__) self.__avdName = avdName self.__sdkPath = sdkPath self.__avdDir = avdDir self.__adbPath = "{}/platform-tools/adb".format(self.__sdkPath) self.__emulatorPath = "{}/tools/emulator".format(self.__sdkPath) self.__android_path = "{}/tools/android".format(self.__sdkPath) self.__emulatorProcess = None self.__arch = None
def __init__(self, emulatorNumber, name, mainConfiguration): self._logger = Logger.getLogger(__name__) self.name = name self.state = AVDEmulator.STATE_NOT_PREPARED self.mainConfiguration = mainConfiguration self.emulatorNumber = emulatorNumber self.emulatorPort = 5554 + (self.emulatorNumber*2) self.emulatorSerialNumber = "emulator-{0}".format(self.emulatorPort) self.__emulatorProcess = None self.__duplicateAVD()
def __init__(self, emulatorNumber, name, mainConfiguration): self._logger = Logger.getLogger(__name__) self.name = name self.state = AVDEmulator.STATE_NOT_PREPARED self.mainConfiguration = mainConfiguration self.emulatorNumber = emulatorNumber self.emulatorPort = 5554 + (self.emulatorNumber * 2) self.emulatorSerialNumber = "emulator-{0}".format(self.emulatorPort) self.__emulatorProcess = None self.__duplicateAVD()
def __init__(self, emulatorId, name, mainConfiguration): self._logger = Logger.getLogger(__name__) super(AVDEmulator, self).__init__(5554 + (int(emulatorId) * 2), name, mainConfiguration) self.__emulatorProcess = None self.emulatorId = emulatorId self.__duplicateAVD() self.serialNumber = "emulator-{0}".format(self.adbPort) if self.mainConfiguration.typeOfDevice!='emulated': raise Exception("Type of device is not emulated, please check your configuration")
def __init__(self): self._logger = Logger.getLogger(__name__) self.parser = None self.manualAnalysisRequested = False self.automaticAnalysisRequested = False self.mainOptions = dict() self.manualOptions = dict() self.automaticOptions = dict() self.reportingOptions = dict() self.usage = "usage: %prog [options]" self.__parse()
def executeCommand(commandAndArgs): logger = Logger.getLogger(__name__) if isinstance(commandAndArgs, str): commandAndArgs = shlex.split(commandAndArgs) logger.debug("Executing command {0}".format(commandAndArgs)) try: return subprocess.check_output(commandAndArgs, stderr=subprocess.STDOUT) except Exception, e: logger.error("Error occured while executing command : {0}".format(e)) return None
def __init__(self, adbPort, name, mainConfiguration, backupDirectory, analysisType): super(PhysicalDevice, self).__init__(adbPort, name, mainConfiguration) self.__backupDir = backupDirectory self._logger = Logger.getLogger(__name__) # Check if backup directory contains 2 folders named sdcard and partitions self.__checkBackupDirectories() self.serialNumber = name self.analysisType = analysisType self.checkAPKInstrumenter() # Put the state directly in started, since there is no FS preparation for real device self.state = AndroidDevice.STATE_STARTED
def createEmulator(emulatorNumber, emulatorName, mainConfiguration): logger = Logger.getLogger(__name__) if emulatorNumber is None or int(emulatorNumber)<0: raise Exception("Cannot create an emulator with an invalid emulator number, must be >0") if emulatorName is None or len(emulatorName)==0: raise Exception("Cannot create an emulator if not name is provided.") logger.debug("Creation of new emulator named '{0}'.".format(emulatorName)) return AVDEmulator(emulatorNumber, emulatorName, mainConfiguration)
def createDirectory(directory, force=True): """Create the specified directory but fails if the directory already exists unless force is set to True. In that case, we delete it and re-create it""" logger = Logger.getLogger(__name__) logger.debug("Create directory {0} (force={1})".format(directory, force)) if os.path.exists(directory): if force: shutil.rmtree(directory) else: raise Exception("Specified directoryalready exists, cannot create it.") else: os.mkdirs(directory)
def __init__(self, emulatorId, name, mainConfiguration): self._logger = Logger.getLogger(__name__) super(AVDEmulator, self).__init__(5554 + (int(emulatorId) * 2), name, mainConfiguration) self.__emulatorProcess = None self.emulatorId = emulatorId self.__duplicateAVD() self.serialNumber = "emulator-{0}".format(self.adbPort) if self.mainConfiguration.typeOfDevice != 'emulated': raise Exception( "Type of device is not emulated, please check your configuration" )
def __init__(self, reporter, idXp, emulator, host="127.0.0.1"): self._logger = Logger.getLogger(__name__) self.emulator = emulator self.emulatorNumber = emulator.emulatorId self.reporter = reporter self.idXp = idXp self.__telnetPort = 5554 + (self.emulatorNumber*2) self.__host = host if emulator.mainConfiguration.typeOfDevice=='emulated': self.__emulatorSerialNumber = "emulator-{0}".format(self.__telnetPort) else: self.__emulatorSerialNumber = emulator.name
def __init__(self, reporter, idXp, emulator, emulatorNumber, host="127.0.0.1"): self._logger = Logger.getLogger(__name__) self.emulatorNumber = emulatorNumber self.emulator = emulator self.reporter = reporter self.idXp = idXp self.__telnetPort = 5554 + (self.emulatorNumber * 2) self.__emulatorSerialNumber = "emulator-{0}".format(self.__telnetPort) self.__host = host
def __init__(self, reporter, idXp, emulator, host="127.0.0.1"): self._logger = Logger.getLogger(__name__) self.emulator = emulator self.emulatorNumber = emulator.emulatorId self.reporter = reporter self.idXp = idXp self.__telnetPort = 5554 + (self.emulatorNumber * 2) self.__host = host if emulator.mainConfiguration.typeOfDevice == 'emulated': self.__emulatorSerialNumber = "emulator-{0}".format( self.__telnetPort) else: self.__emulatorSerialNumber = emulator.name
def main(markets, outFolder): """Main function""" logger = Logger.getLogger(__name__) if markets is None or len(markets)==0: raise Exception("Specify at least one market") if outFolder is None: raise Exception("Specify the output folder.") for market in markets: logger.info("Starting Market {0}".format(market)) market.execute(outFolder, es_host=ES_HOST, es_port=ES_PORT) logger.info("Downloading APK from {0} markets.".format(len(markets)))
def createDevice(adbNumber, name, mainConfiguration, backupDirectory, analysisType): logger = Logger.getLogger(__name__) if adbNumber is None or int(adbNumber)<0: raise Exception("Cannot create a device with an invalid adb number, must be > 0") if name is None or len(name)==0: raise Exception("Cannot create a device if no name is provided.") logger.debug("Creation of new device: '{0}'.".format(name)) if mainConfiguration.typeOfDevice=='real': return PhysicalDevice(adbNumber, name, mainConfiguration, backupDirectory, analysisType) else: return AVDEmulator(adbNumber, name, mainConfiguration, analysisType)
def generateIdXp(apkFiles): """Generates and returns the identifier of the experiment based on the provided list of apk following schema: md5("".join(sorted(apkFileNames))+currentDate) """ logger = Logger.getLogger(__name__) apkNames = [os.path.basename(apkFile) for apkFile in apkFiles] strApkNames = ''.join(sorted(apkNames)) logger.warning(strApkNames) currentDate = str(int(round(time.time() * 1000))) # builds an IDXP (md5(apkFile+currentDate)) idXp = str(hashlib.md5(strApkNames+currentDate).hexdigest()) logger.debug("ID Experiment: {0} (based on {1} and {2})".format(idXp, strApkNames, currentDate)) return idXp
def createDevice(adbNumber, name, mainConfiguration, backupDirectory): logger = Logger.getLogger(__name__) if adbNumber is None or int(adbNumber) < 0: raise Exception( "Cannot create a device with an invalid adb number, must be >0" ) if name is None or len(name) == 0: raise Exception("Cannot create a device if no name is provided.") logger.debug("Creation of new device named '{0}'.".format(name)) if mainConfiguration.typeOfDevice == 'real': return PhysicalDevice(adbNumber, name, mainConfiguration, backupDirectory) else: return AVDEmulator(adbNumber, name, mainConfiguration)
def __init__(self, mainConfiguration, reportingConfiguration): self._logger = Logger.getLogger(__name__) self.mainConfiguration = mainConfiguration self.reportingConfiguration = reportingConfiguration self.reporter = Reporter(self.reportingConfiguration)
def __init__(self, es): self.es = es self._logger = Logger.getLogger(__name__)
def executeExperiment(args): """ Executes the analysis for an application. The analysis depends of the scenario the user as defined in configuration. """ logger = Logger.getLogger(__name__) (listOfAPKs, iEmulator, mainConfiguration, analysisConfiguration, reportingConfiguration) = args reporter = Reporter(reportingConfiguration) logger.warning("Execute experiment with scenario: [{0}]".format(', '.join(analysisConfiguration.scenario))) # When you play with emulators, you can modify this variable to sleep a bit longer. # Default has to be >1 SLEEP_FACTOR=1 if mainConfiguration.typeOfDevice == 'emulated': SLEEP_FACTOR = 10 if SLEEP_FACTOR < 1: raise Exception("SLEEP_FACTOR variable cannot be less than 1.") while True: # Pick one APK to analyse try: apkToAnalyze = listOfAPKs.get() # 0xFFFF logger.info("APK to analyze : {0}".format(apkToAnalyze)) # Build the identifier experiment idXp = Analysis.generateIdXp([apkToAnalyze]) # Build the emulator name if mainConfiguration.typeOfDevice=='emulated': emulatorName = "Emulator_{0}".format(iEmulator) else: emulatorName = mainConfiguration.deviceId # Create a new report for this analysis logger.debug("Create report.") Analysis.createReport(reporter, idXp, emulatorName, "unknown", apkToAnalyze, "automatic", None) # Execute static analysis logger.debug("Executing the Static Analysis") staticAnalysis = StaticAnalysis(apkToAnalyze, mainConfiguration, reporter, idXp) staticAnalysis.execute() logger.info(staticAnalysis) # Create the emulator device = Analysis.createDevice(iEmulator, emulatorName, mainConfiguration, analysisConfiguration.backupDirectory) if device is None: raise Exception("Something has prevented the creation of an device.") # Starts the device Analysis.reportEvent(reporter, idXp, "Emulator", "start") device.start() # Install et execute preparation applications if mainConfiguration.typeOfDevice=='emulated': for prepareAPK in analysisConfiguration.prepareAPKs: Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", prepareAPK) device.installAPK(prepareAPK) # Execute preparation applications for prepareAPK in analysisConfiguration.prepareAPKs: Analysis.reportEvent(reporter, idXp, "Emulator", "startActivity", os.path.basename(prepareAPK)[:-4]) device.startActivity(os.path.basename(prepareAPK)[:-4]) # Writes the experiment configuration on the device Analysis.reportEvent(reporter, idXp, "Emulator", "writeConfiguration") Analysis.writeConfigurationOnEmulator(device, idXp, reportingConfiguration) if mainConfiguration.typeOfDevice=='emulated': sleepDuration = 30 logger.debug("Waiting {0} seconds for the device to prepare...".format(sleepDuration)) time.sleep(sleepDuration) # Install the targeted application Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", apkToAnalyze) device.installAPK(apkToAnalyze) time.sleep(5*SLEEP_FACTOR/5) # We then follow the scenario user has filled in configuration for order in analysisConfiguration.scenario: if "execute" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Launching main activity", staticAnalysis.mainActivity) logger.info("Starting main activity: {0}".format(staticAnalysis.mainActivity)) device.startActivityFromPackage(staticAnalysis.packageName, staticAnalysis.mainActivity) time.sleep(5*SLEEP_FACTOR) elif "stimulate" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Stimulating package with monkey", staticAnalysis.packageName) logger.info("Stimulating with monkey: {0}".format(staticAnalysis.packageName)) device.stimulateWithMonkey(staticAnalysis.packageName) time.sleep(10*SLEEP_FACTOR) elif "externalStimulation" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Stimulating phone with external conditions") logger.info("Stimulating phone with external conditions...") externalStimulation = TelnetEmulation(reporter, idXp, device) externalStimulation.start() time.sleep(10*SLEEP_FACTOR) elif "reboot" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Rebooting device") logger.info("Rebooting device.") device.reboot() time.sleep(5*SLEEP_FACTOR) Analysis.reportEvent(reporter, idXp, "Emulator", "Finished analysis", apkToAnalyze) logger.info("Analysis of APK {0} has been finished.") Analysis.reportEvent(reporter, idXp, "Emulator", "closed") device.stop() except KeyboardInterrupt: pass except Exception, e: logger.error("Exception while executing an experiment : {0}".format(e)) tb = traceback.format_exc() logger.error(tb) try: device.stop() except Exception: logger.error("Cannot stop the AVD.")
def __init__(self, commandLineParser): super(AutomaticAnalysis, self).__init__(MainConfiguration.build(commandLineParser), ReportingConfiguration.build(commandLineParser)) self._logger = Logger.getLogger(__name__) self.analysisConfiguration = self.__prepareAnalysis(commandLineParser)
def __init__(self, apkToAnalyze, mainConfiguration, reporter, idXp): self._logger = Logger.getLogger(__name__) self.apkToAnalyze = os.path.abspath(apkToAnalyze) self.androguardPath = mainConfiguration.androguardPath self.reporter = reporter self.idXp = idXp
#| Standard library imports #+---------------------------------------------------------------------------+ import sys import pygeoip #+---------------------------------------------------------------------------+ #| Local imports #+---------------------------------------------------------------------------+ from hooker_common import Logger from hooker_common.elasticsearch.Es import Es from hooker_common.elasticsearch.EsInterrogator import EsInterrogator #ES_IP = "192.168.0.16" ES_IP = "127.0.0.1" ES_PORT = 9200 logger = Logger.getLogger(__name__) def eventToString(event): result = [] result.append("Event {0}".format(event.HookerName)) result.append("ClassName: {0}".format(event.ClassName)) result.append("MethodName: {0}".format(event.MethodName)) result.append("InstanceID: {0}".format(event.InstanceID)) if event.Parameters is not None and len(event.Parameters) > 0: result.append("Parameters:") for parameter in event.Parameters: if parameter is not None and "ParameterType" in parameter.keys( ) and "ParameterValue" in parameter.keys(): result.append("- {0} ({1})".format(parameter["ParameterValue"],
#+---------------------------------------------------------------------------+ #| Standard library imports #+---------------------------------------------------------------------------+ import pygeoip #+---------------------------------------------------------------------------+ #| Local imports #+---------------------------------------------------------------------------+ from hooker_common import Logger from hooker_common.elasticsearch.Es import Es from hooker_common.elasticsearch.EsInterrogator import EsInterrogator #ES_IP = "192.168.0.16" ES_IP = "127.0.0.1" ES_PORT = 9200 logger = Logger.getLogger(__name__) def eventToString(event): result = [] result.append("Event {0}".format(event.HookerName)) result.append("ClassName: {0}".format(event.ClassName)) result.append("MethodName: {0}".format(event.MethodName)) result.append("InstanceID: {0}".format(event.InstanceID)) if event.Parameters is not None and len(event.Parameters) > 0: result.append("Parameters:") for parameter in event.Parameters: if parameter is not None and "ParameterType" in parameter.keys() and "ParameterValue" in parameter.keys(): result.append("- {0} ({1})".format(parameter["ParameterValue"], parameter["ParameterType"])) if event.Return is not None: result.append("Return: {0}".format(event.Return))
def executeExperiment(args): """ Executes the analysis for an application. The analysis depends of the scenario the user as defined in configuration. """ logger = Logger.getLogger(__name__) (listOfAPKs, iEmulator, mainConfiguration, analysisConfiguration, reportingConfiguration) = args reporter = Reporter(reportingConfiguration) logger.warning("Execute experiment with scenario: [{0}]".format(', '.join( analysisConfiguration.scenario))) while True: # Pick one APK to analyse try: apkToAnalyze = listOfAPKs.get() # 0xFFFF logger.info("APK to analyze : {0}".format(apkToAnalyze)) # Build the identifier experiment idXp = Analysis.generateIdXp([apkToAnalyze]) # Build the emulator name emulatorName = "Emulator_{0}".format(iEmulator) # Create a new report for this analysis logger.debug("Create report.") Analysis.createReport(reporter, idXp, emulatorName, "unknown", apkToAnalyze, "automatic", None) # Execute static analysis logger.debug("Executing the Static Analysis") staticAnalysis = StaticAnalysis(apkToAnalyze, mainConfiguration, reporter, idXp) staticAnalysis.execute() logger.info(staticAnalysis) # Create the emulator emulator = Analysis.createEmulator(iEmulator, emulatorName, mainConfiguration) if emulator is None: raise Exception( "Something has prevented the creation of an emulator.") # Starts the emulator Analysis.reportEvent(reporter, idXp, "Emulator", "start") emulator.start() # Install et execute preparation applications for prepareAPK in analysisConfiguration.prepareAPKs: Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", prepareAPK) emulator.installAPK(prepareAPK) # Execute preparation applications for prepareAPK in analysisConfiguration.prepareAPKs: Analysis.reportEvent(reporter, idXp, "Emulator", "startActivity", os.path.basename(prepareAPK)[:-4]) emulator.startActivity(os.path.basename(prepareAPK)[:-4]) # Writes the experiment configuration on the emulator Analysis.reportEvent(reporter, idXp, "Emulator", "writeConfiguration") Analysis.writeConfigurationOnEmulator(emulator, idXp, reportingConfiguration) sleepDuration = 30 logger.debug( "Waiting {0} seconds for the emulator to prepare...".format( sleepDuration)) time.sleep(sleepDuration) # Install the targeted application Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", apkToAnalyze) emulator.installAPK(apkToAnalyze) time.sleep(5) # We then follow the scenario user has filled in configuration for order in analysisConfiguration.scenario: if "execute" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Launching main activity", staticAnalysis.mainActivity) logger.info("Starting main activity: {0}".format( staticAnalysis.mainActivity)) emulator.startActivityFromPackage( staticAnalysis.packageName, staticAnalysis.mainActivity) time.sleep(60) elif "stimulate" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Stimulating package with monkey", staticAnalysis.packageName) logger.info("Stimulating with monkey: {0}".format( staticAnalysis.packageName)) emulator.stimulateWithMonkey(staticAnalysis.packageName) time.sleep(80) elif "externalStimulation" == order: Analysis.reportEvent( reporter, idXp, "Emulator", "Stimulating phone with external conditions") logger.info( "Stimulating phone with external conditions...") externalStimulation = TelnetEmulation( reporter, idXp, emulator, iEmulator) externalStimulation.start() time.sleep(30) elif "reboot" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Rebooting emulator") logger.info("Rebooting emulator.") emulator.rebootAVD() time.sleep(100) Analysis.reportEvent(reporter, idXp, "Emulator", "Finished analysis", apkToAnalyze) logger.info("Analysis of APK {0} has been finished.") Analysis.reportEvent(reporter, idXp, "Emulator", "closed") emulator.stopAVD() except KeyboardInterrupt: pass except Exception, e: logger.error( "Exception while executing an experiment : {0}".format(e)) tb = traceback.format_exc() logger.error(tb) try: emulator.stopAVD() except Exception: logger.error("Cannot stop the AVD.")
def executeExperiment(args): """ Executes the analysis for an application. The analysis depends of the scenario the user as defined in configuration. """ logger = Logger.getLogger(__name__) (listOfAPKs, iEmulator, mainConfiguration, analysisConfiguration, reportingConfiguration) = args reporter = Reporter(reportingConfiguration) logger.warning("Execute experiment with scenario: [{0}]".format(', '.join( analysisConfiguration.scenario))) # When you play with emulators, you can modify this variable to sleep a bit longer. # Default has to be >1 SLEEP_FACTOR = 1 if mainConfiguration.typeOfDevice == 'emulated': SLEEP_FACTOR = 5 if SLEEP_FACTOR < 1: raise Exception("SLEEP_FACTOR variable cannot be less than 1.") while True: # Pick one APK to analyse try: apkToAnalyze = listOfAPKs.get() # 0xFFFF logger.info("APK to analyze : {0}".format(apkToAnalyze)) # Build the identifier experiment idXp = Analysis.generateIdXp([apkToAnalyze]) # Build the emulator name if mainConfiguration.typeOfDevice == 'emulated': emulatorName = "Emulator_{0}".format(iEmulator) else: emulatorName = mainConfiguration.deviceId # Create a new report for this analysis logger.debug("Create report.") Analysis.createReport(reporter, idXp, emulatorName, "unknown", apkToAnalyze, "automatic", mainConfiguration.name) # Execute static analysis logger.debug("Executing the Static Analysis") staticAnalysis = StaticAnalysis(apkToAnalyze, mainConfiguration, reporter, idXp) staticAnalysis.execute() logger.info(staticAnalysis) # Create the emulator if mainConfiguration.typeOfDevice == 'emulated': device = Analysis.createEmulator(iEmulator, emulatorName, mainConfiguration, analysisType="automatic") else: device = Analysis.createDevice( iEmulator, mainConfiguration.deviceId, mainConfiguration, analysisConfiguration.backupDirectory, analysisType="automatic") if device is None: raise Exception( "Something has prevented the creation of an device.") # Starts the device Analysis.reportEvent(reporter, idXp, emulatorName, "Start device") device.start() # Install et execute preparation applications if mainConfiguration.typeOfDevice == 'emulated': for prepareAPK in analysisConfiguration.prepareAPKs: Analysis.reportEvent(reporter, idXp, emulatorName, "Install preparation APK", prepareAPK) device.installAPK(prepareAPK) # Execute preparation applications for prepareAPK in analysisConfiguration.prepareAPKs: Analysis.reportEvent(reporter, idXp, emulatorName, "Start activity", os.path.basename(prepareAPK)[:-4]) device.startActivity(os.path.basename(prepareAPK)[:-4]) # Writes the experiment configuration on the device Analysis.reportEvent(reporter, idXp, emulatorName, "Write configuration file") Analysis.writeConfigurationOnEmulator(device, idXp, reportingConfiguration) if mainConfiguration.typeOfDevice == 'emulated': sleepDuration = 30 logger.debug( "Waiting {0} seconds for the device to prepare...".format( sleepDuration)) time.sleep(sleepDuration) # Install the targeted application Analysis.reportEvent(reporter, idXp, emulatorName, "Install target APK", apkToAnalyze) device.installAPK(apkToAnalyze) time.sleep(5 * SLEEP_FACTOR / 5) # We then follow the scenario user has filled in configuration for order in analysisConfiguration.scenario: if "execute" == order: Analysis.reportEvent(reporter, idXp, emulatorName, "Launching main activity", staticAnalysis.mainActivity) logger.info("Starting main activity: {0}".format( staticAnalysis.mainActivity)) device.startActivityFromPackage( staticAnalysis.packageName, staticAnalysis.mainActivity) time.sleep(5 * SLEEP_FACTOR) elif "stimulate" == order: Analysis.reportEvent(reporter, idXp, emulatorName, "Stimulating package with monkey", staticAnalysis.packageName) logger.info("Stimulating with monkey: {0}".format( staticAnalysis.packageName)) device.stimulateWithMonkey(staticAnalysis.packageName) time.sleep(10 * SLEEP_FACTOR) elif "externalStimulation" == order: Analysis.reportEvent( reporter, idXp, emulatorName, "Stimulating phone with external conditions") logger.info( "Stimulating phone with external conditions...") externalStimulation = TelnetEmulation( reporter, idXp, device) externalStimulation.start() time.sleep(10 * SLEEP_FACTOR) elif "reboot" == order: Analysis.reportEvent(reporter, idXp, emulatorName, "Rebooting device") logger.info("Rebooting device.") device.reboot() time.sleep(5 * SLEEP_FACTOR) Analysis.reportEvent(reporter, idXp, emulatorName, "Analysis has finished", apkToAnalyze) logger.info("Analysis of APK {0} has been finished.") Analysis.reportEvent(reporter, idXp, emulatorName, "Emulator closed") device.stop() except KeyboardInterrupt: logger.debug("Keyboard interrupt caught\n") # Try to stop device if necessary if device is not None: device.stop() break except Exception, e: logger.error( "Exception while executing an experiment : {0}".format(e)) tb = traceback.format_exc() logger.error(tb) try: device.stop() except Exception: logger.error("Cannot stop the AVD, quitting experience.") break
def executeAsyncCommand(commandAndArgs): logger = Logger.getLogger(__name__) logger.debug("Executing Asynchronous command {0}".format(commandAndArgs)) return subprocess.Popen(commandAndArgs, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
def __init__(self, reportingConfiguration): self._logger = Logger.getLogger(__name__) self.reportingConfiguration = reportingConfiguration self.__initializeReporters() if self.reportingConfiguration.elasticsearchMode: self.esInterrogator = EsInterrogator(self.es)
def executeExperiment(args): """ Executes the analysis for an application. The analysis depends of the scenario the user as defined in configuration. """ logger = Logger.getLogger(__name__) (listOfAPKs, iEmulator, mainConfiguration, analysisConfiguration, reportingConfiguration) = args reporter = Reporter(reportingConfiguration) logger.warning("Execute experiment with scenario: [{0}]".format(', '.join(analysisConfiguration.scenario))) while True: # Pick one APK to analyse try: apkToAnalyze = listOfAPKs.get() # 0xFFFF logger.info("APK to analyze : {0}".format(apkToAnalyze)) # Build the identifier experiment idXp = Analysis.generateIdXp([apkToAnalyze]) # Build the emulator name emulatorName = "Emulator_{0}".format(iEmulator) # Create a new report for this analysis logger.debug("Create report.") Analysis.createReport(reporter, idXp, emulatorName, "unknown", apkToAnalyze, "automatic", None) # Execute static analysis logger.debug("Executing the Static Analysis") staticAnalysis = StaticAnalysis(apkToAnalyze, mainConfiguration, reporter, idXp) staticAnalysis.execute() logger.info(staticAnalysis) # Create the emulator emulator = Analysis.createEmulator(iEmulator, emulatorName, mainConfiguration) if emulator is None: raise Exception("Something has prevented the creation of an emulator.") # Starts the emulator Analysis.reportEvent(reporter, idXp, "Emulator", "start") emulator.start() # Install et execute preparation applications for prepareAPK in analysisConfiguration.prepareAPKs: Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", prepareAPK) emulator.installAPK(prepareAPK) # Execute preparation applications for prepareAPK in analysisConfiguration.prepareAPKs: Analysis.reportEvent(reporter, idXp, "Emulator", "startActivity", os.path.basename(prepareAPK)[:-4]) emulator.startActivity(os.path.basename(prepareAPK)[:-4]) # Writes the experiment configuration on the emulator Analysis.reportEvent(reporter, idXp, "Emulator", "writeConfiguration") Analysis.writeConfigurationOnEmulator(emulator, idXp, reportingConfiguration) sleepDuration = 30 logger.debug("Waiting {0} seconds for the emulator to prepare...".format(sleepDuration)) time.sleep(sleepDuration) # Install the targeted application Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", apkToAnalyze) emulator.installAPK(apkToAnalyze) time.sleep(5) # We then follow the scenario user has filled in configuration for order in analysisConfiguration.scenario: if "execute" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Launching main activity", staticAnalysis.mainActivity) logger.info("Starting main activity: {0}".format(staticAnalysis.mainActivity)) emulator.startActivityFromPackage(staticAnalysis.packageName, staticAnalysis.mainActivity) time.sleep(60) elif "stimulate" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Stimulating package with monkey", staticAnalysis.packageName) logger.info("Stimulating with monkey: {0}".format(staticAnalysis.packageName)) emulator.stimulateWithMonkey(staticAnalysis.packageName) time.sleep(80) elif "externalStimulation" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Stimulating phone with external conditions") logger.info("Stimulating phone with external conditions...") externalStimulation = TelnetEmulation(reporter, idXp, emulator, iEmulator) externalStimulation.start() time.sleep(30) elif "reboot" == order: Analysis.reportEvent(reporter, idXp, "Emulator", "Rebooting emulator") logger.info("Rebooting emulator.") emulator.rebootAVD() time.sleep(100) Analysis.reportEvent(reporter, idXp, "Emulator", "Finished analysis", apkToAnalyze) logger.info("Analysis of APK {0} has been finished.") Analysis.reportEvent(reporter, idXp, "Emulator", "closed") emulator.stopAVD() except KeyboardInterrupt: pass except Exception, e: logger.error("Exception while executing an experiment : {0}".format(e)) tb = traceback.format_exc() logger.error(tb) try: emulator.stopAVD() except Exception: logger.error("Cannot stop the AVD.")