def createDevice(adbNumber, name, mainConfiguration, backupDirectory):
logger = Logger.getLogger(__name__)
if adbNumber is None or int(adbNumber) < 0:
raise Exception(
"Cannot create a device with an invalid adb number, must be >0"
)
if name is None or len(name) == 0:
raise Exception("Cannot create a device if no name is provided.")
logger.debug("Creation of new device named '{0}'.".format(name))
if mainConfiguration.typeOfDevice == 'real':
return PhysicalDevice(adbNumber, name, mainConfiguration,
backupDirectory)
else:
return AVDEmulator(adbNumber, name, mainConfiguration)
def start(self):
"""Starts an automatic analysis"""
if self.mainConfiguration is None:
raise Exception("The main configuration of the manual analysis has failed, cannot start it.")
if self.reportingConfiguration is None:
raise Exception("No reporting configuration found, cannot start the analysis.")
if self.analysisConfiguration is None:
raise Exception("The configuration of the manual analysis has failed, cannot start it.")
self._logger.info(str(self))
# For test purpose
#self.test()
if self.mainConfiguration.typeOfDevice=='emulated':
# first step is to create the templates for all our emulators
self._logger.debug("Create {0} templates, one for each emulator".format(self.analysisConfiguration.maxNumberOfEmulators))
AVDEmulator.createTemplates(self.mainConfiguration, self.analysisConfiguration)
# Create a queue of threads
distributedQueueManager = Manager()
listOfAPKs = distributedQueueManager.Queue()
pool = Pool(processes=self.analysisConfiguration.maxNumberOfEmulators)
# If we have a real device in automatic mode, we have to push backup to sdcard, and push TWRP script to /cache/recovery/
# at each experiment. This is done in AVD logic.
else:
# Create a queue of threads
distributedQueueManager = Manager()
listOfAPKs = distributedQueueManager.Queue()
self.analysisConfiguration.maxNumberOfEmulators = 1
pool = Pool(processes=self.analysisConfiguration.maxNumberOfEmulators)
# Tell threads to analyze APKs which are push to the queue
workerArgs = [(listOfAPKs, iEmulator, self.mainConfiguration, self.analysisConfiguration, self.reportingConfiguration) for iEmulator in range(self.analysisConfiguration.maxNumberOfEmulators)]
self._logger.debug(workerArgs)
try:
pool.map_async(executeExperiment, workerArgs)
# Continuously scan the directory and add identified APKs to ensure at least next emulators round is ready
while True:
if listOfAPKs.qsize() > self.analysisConfiguration.maxNumberOfEmulators*2:
time.sleep(5)
continue
for directory in self.analysisConfiguration.apkFiles:
#self._logger.info("Analyzing directory: {0}".format(directory))
filenames = os.listdir(directory)
if len(filenames) == 0:
self._logger.debug("All APKs have been pushed to the analyzing queue, sleeping 5 secs...")
time.sleep(5)
else:
apkFileName = random.choice(filenames)
apkFileInputPath = os.path.join(directory, apkFileName)
if not os.access(apkFileInputPath, os.R_OK):
self._logger.error("You don't have read access to file {0}, not pushing file to queue.".format(apkFileInputPath))
continue
# compute Sha1 on name the file with it
sha1=self._computeSha1(apkFileInputPath)
apkFileOutputPath = os.path.join(self.analysisConfiguration.outputDirectory, sha1+".apk")
# move APK to output dir
shutil.move(apkFileInputPath, apkFileOutputPath)
self._logger.info("Pushing APK {0} in queue.".format(apkFileOutputPath))
listOfAPKs.put(apkFileOutputPath)
except KeyboardInterrupt:
self._logger.error("Automatic analysis interrupted by a keyboard Exception.")
def start(self):
"""Starts a manual analysis"""
if self.mainConfiguration is None:
raise Exception("No main configuration found, cannot start the analysis..")
if self.reportingConfiguration is None:
raise Exception("No reporting configuration found, cannot start the analysis.")
if self.analysisConfiguration is None:
raise Exception("No analysis configuration found, cannot start the analysis.")
self._logger.info(str(self))
# Build the identifier experiment
idXp = self._generateIdXp(self.analysisConfiguration.apkFiles)
# Targeted APK
analyzedAPKFile = self.analysisConfiguration.apkFiles[0]
# Execute the analysis on the first emulator
iEmulator = 0
emulatorName = "Emulator_{0}".format(iEmulator)
# Create a new report for this analysis
Analysis.createReport(self.reporter, idXp, emulatorName, "unknown", analyzedAPKFile, "manual", None)
# Execute static analysis
staticAnalysis = StaticAnalysis(analyzedAPKFile, self.mainConfiguration, self.reporter, idXp)
Analysis.reportEvent(
self.reporter, idXp, "Analysis", "Executing Static Analysis on {0}".format(analyzedAPKFile)
)
staticAnalysis.execute()
self._logger.info(staticAnalysis)
Analysis.reportEvent(self.reporter, idXp, "Emulator", "creation of the Emulator {0}".format(emulatorName))
if self.mainConfiguration.typeOfDevice == "emulated":
# first step is to create the templates for all our emulators
self._logger.debug(
"Create {0} templates, one for each emulator".format(self.analysisConfiguration.maxNumberOfEmulators)
)
AVDEmulator.createTemplates(self.mainConfiguration, self.analysisConfiguration)
device = self._createEmulator(iEmulator, emulatorName)
else:
device = Analysis.createDevice(
iEmulator,
self.mainConfiguration.deviceId,
self.mainConfiguration,
self.analysisConfiguration.backupDirectory,
)
if device is None:
raise Exception("Something has prevented the creation of an device.")
# Starts the device
Analysis.reportEvent(self.reporter, idXp, "Emulator", "start")
device.start()
# Install preparation applications
# A real device do not need preparation applications
if self.mainConfiguration.typeOfDevice == "emulated":
for prepareAPK in self.analysisConfiguration.prepareAPKs:
Analysis.reportEvent(self.reporter, idXp, "Emulator", "installAPK", prepareAPK)
device.installAPK(prepareAPK)
# Execute preparation applications
for prepareAPK in self.analysisConfiguration.prepareAPKs:
Analysis.reportEvent(
self.reporter, idXp, "Emulator", "startActivity", os.path.basename(prepareAPK)[:-4]
)
device.startActivity(os.path.basename(prepareAPK)[:-4])
else:
self._logger.debug("Continuing...")
# Writes the experiment configuration on the device
Analysis.reportEvent(self.reporter, idXp, "Emulator", "writeConfiguration")
self._writeConfigurationOnEmulator(device, idXp)
if self.mainConfiguration.typeOfDevice == "emulated":
sleepDuration = 30
self._logger.debug("Waiting {0} seconds for the device to prepare...".format(sleepDuration))
time.sleep(sleepDuration)
# Install the targeted application
for analysisAPK in self.analysisConfiguration.apkFiles:
Analysis.reportEvent(self.reporter, idXp, "Emulator", "installAPK", analysisAPK)
device.installAPK(analysisAPK)
Analysis.reportEvent(self.reporter, idXp, "Emulator", "Launching main activity", staticAnalysis.mainActivity)
self._logger.info("Starting main activity: {0}".format(staticAnalysis.mainActivity))
device.startActivityFromPackage(staticAnalysis.packageName, staticAnalysis.mainActivity)
# The user is now requested to perform any operations he wants
# this script waits for the device process to be closed
self._logger.info("Proceed to the stimulation of the environnment.")
self._logger.info("Once achieved, close the device and waits for the hooker to finish.")
Analysis.reportEvent(self.reporter, idXp, "Emulator", "waitToBeClosed")
device.waitToBeClosed()
if self.mainConfiguration.typeOfDevice == "real":
device.stop(True)
Analysis.reportEvent(self.reporter, idXp, "Emulator", "closed")
self._logger.info("Device has finished, IDXP is {0}".format(idXp))
def start(self):
"""Starts an automatic analysis"""
if self.mainConfiguration is None:
raise Exception(
"The main configuration of the manual analysis has failed, cannot start it."
)
if self.reportingConfiguration is None:
raise Exception(
"No reporting configuration found, cannot start the analysis.")
if self.analysisConfiguration is None:
raise Exception(
"The configuration of the manual analysis has failed, cannot start it."
)
self._logger.info(str(self))
# For test purpose
#self.test()
if self.mainConfiguration.typeOfDevice == 'emulated':
# first step is to create the templates for all our emulators
self._logger.debug(
"Create {0} templates, one for each emulator".format(
self.analysisConfiguration.maxNumberOfEmulators))
AVDEmulator.createTemplates(self.mainConfiguration,
self.analysisConfiguration)
# Create a queue of threads
distributedQueueManager = Manager()
listOfAPKs = distributedQueueManager.Queue()
pool = Pool(
processes=self.analysisConfiguration.maxNumberOfEmulators)
# If we have a real device in automatic mode, we have to push backup to sdcard, and push TWRP script to /cache/recovery/
# at each experiment. This is done in AVD logic.
else:
# Create a queue of threads
distributedQueueManager = Manager()
listOfAPKs = distributedQueueManager.Queue()
self.analysisConfiguration.maxNumberOfEmulators = 1
pool = Pool(
processes=self.analysisConfiguration.maxNumberOfEmulators)
# Tell threads to analyze APKs which are push to the queue
workerArgs = [(listOfAPKs, iEmulator, self.mainConfiguration,
self.analysisConfiguration, self.reportingConfiguration)
for iEmulator in range(
self.analysisConfiguration.maxNumberOfEmulators)]
self._logger.debug(workerArgs)
try:
pool.map_async(executeExperiment, workerArgs)
# Continuously scan the directory and add identified APKs to ensure at least next emulators round is ready
while True:
if listOfAPKs.qsize(
) > self.analysisConfiguration.maxNumberOfEmulators * 2:
time.sleep(5)
continue
for directory in self.analysisConfiguration.apkFiles:
#self._logger.info("Analyzing directory: {0}".format(directory))
filenames = os.listdir(directory)
if len(filenames) == 0:
self._logger.debug(
"All APKs have been pushed to the analyzing queue, sleeping 5 secs..."
)
time.sleep(5)
else:
apkFileName = random.choice(filenames)
apkFileInputPath = os.path.join(directory, apkFileName)
if not os.access(apkFileInputPath, os.R_OK):
self._logger.error(
"You don't have read access to file {0}, not pushing file to queue."
.format(apkFileInputPath))
continue
# compute Sha1 on name the file with it
sha1 = self._computeSha1(apkFileInputPath)
apkFileOutputPath = os.path.join(
self.analysisConfiguration.outputDirectory,
sha1 + ".apk")
# move APK to output dir
shutil.move(apkFileInputPath, apkFileOutputPath)
self._logger.info("Pushing APK {0} in queue.".format(
apkFileOutputPath))
listOfAPKs.put(apkFileOutputPath)
except KeyboardInterrupt:
self._logger.error(
"Automatic analysis interrupted by a keyboard Exception.")
def start(self):
"""Starts a manual analysis"""
if self.mainConfiguration is None:
raise Exception(
"No main configuration found, cannot start the analysis..")
if self.reportingConfiguration is None:
raise Exception(
"No reporting configuration found, cannot start the analysis.")
if self.analysisConfiguration is None:
raise Exception(
"No analysis configuration found, cannot start the analysis.")
self._logger.info(str(self))
# Build the identifier experiment
idXp = self._generateIdXp(self.analysisConfiguration.apkFiles)
# Targeted APK
analyzedAPKFile = self.analysisConfiguration.apkFiles[0]
# Execute the analysis on the first emulator
iEmulator = 0
emulatorName = "Emulator_{0}".format(iEmulator)
# Create a new report for this analysis
Analysis.createReport(self.reporter, idXp, emulatorName, "unknown",
analyzedAPKFile, "manual", None)
# Execute static analysis
staticAnalysis = StaticAnalysis(analyzedAPKFile,
self.mainConfiguration, self.reporter,
idXp)
Analysis.reportEvent(
self.reporter, idXp, "Analysis",
"Executing Static Analysis on {0}".format(analyzedAPKFile))
staticAnalysis.execute()
self._logger.info(staticAnalysis)
Analysis.reportEvent(
self.reporter, idXp, "Emulator",
"creation of the Emulator {0}".format(emulatorName))
if self.mainConfiguration.typeOfDevice == 'emulated':
# first step is to create the templates for all our emulators
self._logger.debug(
"Create {0} templates, one for each emulator".format(
self.analysisConfiguration.maxNumberOfEmulators))
AVDEmulator.createTemplates(self.mainConfiguration,
self.analysisConfiguration)
device = self._createEmulator(iEmulator, emulatorName)
else:
device = Analysis.createDevice(
iEmulator, self.mainConfiguration.deviceId,
self.mainConfiguration,
self.analysisConfiguration.backupDirectory)
if device is None:
raise Exception(
"Something has prevented the creation of an device.")
# Starts the device
Analysis.reportEvent(self.reporter, idXp, "Emulator", "start")
device.start()
# Install preparation applications
# A real device do not need preparation applications
if self.mainConfiguration.typeOfDevice == 'emulated':
for prepareAPK in self.analysisConfiguration.prepareAPKs:
Analysis.reportEvent(self.reporter, idXp, "Emulator",
"installAPK", prepareAPK)
device.installAPK(prepareAPK)
# Execute preparation applications
for prepareAPK in self.analysisConfiguration.prepareAPKs:
Analysis.reportEvent(self.reporter, idXp, "Emulator",
"startActivity",
os.path.basename(prepareAPK)[:-4])
device.startActivity(os.path.basename(prepareAPK)[:-4])
else:
self._logger.debug("Continuing...")
# Writes the experiment configuration on the device
Analysis.reportEvent(self.reporter, idXp, "Emulator",
"writeConfiguration")
self._writeConfigurationOnEmulator(device, idXp)
if self.mainConfiguration.typeOfDevice == 'emulated':
sleepDuration = 30
self._logger.debug(
"Waiting {0} seconds for the device to prepare...".format(
sleepDuration))
time.sleep(sleepDuration)
# Install the targeted application
for analysisAPK in self.analysisConfiguration.apkFiles:
Analysis.reportEvent(self.reporter, idXp, "Emulator", "installAPK",
analysisAPK)
device.installAPK(analysisAPK)
Analysis.reportEvent(self.reporter, idXp, "Emulator",
"Launching main activity",
staticAnalysis.mainActivity)
self._logger.info("Starting main activity: {0}".format(
staticAnalysis.mainActivity))
device.startActivityFromPackage(staticAnalysis.packageName,
staticAnalysis.mainActivity)
# The user is now requested to perform any operations he wants
# this script waits for the device process to be closed
self._logger.info("Proceed to the stimulation of the environnment.")
self._logger.info(
"Once achieved, close the device and waits for the hooker to finish."
)
Analysis.reportEvent(self.reporter, idXp, "Emulator", "waitToBeClosed")
device.waitToBeClosed()
if self.mainConfiguration.typeOfDevice == 'real':
device.stop(True)
Analysis.reportEvent(self.reporter, idXp, "Emulator", "closed")
self._logger.info("Device has finished, IDXP is {0}".format(idXp))