def run(self):
files = Utils.grep(r'setJavaScriptEnabled\(true\)',
self.ANALYSIS.LOCAL_SOURCE)
if files:
self.REPORT = True
self.DETAILS = Utils.grep_details(files,
self.ANALYSIS.LOCAL_SOURCE)
def run(self):
activities = Utils.grep(r'extends PreferenceActivity',
self.ANALYSIS.LOCAL_SOURCE)
if activities and self.ANALYSIS.MANIFEST.get_sdk('min') < '18':
self.REPORT = True
self.DETAILS = Utils.grep_details(activities,
self.ANALYSIS.LOCAL_SOURCE)
def run(self):
files = Utils.grep(r'addJavascriptInterface\(|@JavascriptInterface',
self.ANALYSIS.LOCAL_SOURCE)
if files:
self.REPORT = True
self.DETAILS = Utils.grep_details(files,
self.ANALYSIS.LOCAL_SOURCE)
def run(self):
for response in ANDROID_STATIC_RESPONSES:
files = Utils.grep(r'' + response + '', self.ANALYSIS.LOCAL_SOURCE)
if files:
self.REPORT = True
self.DETAILS = '* {static}'.format(static=response+'\n')
self.DETAILS += Utils.grep_details(files, self.ANALYSIS.LOCAL_SOURCE)
def run(self):
files = Utils.grep(self.REGEX, self.ANALYSIS.LOCAL_SOURCE)
if files:
cipher_files = Utils.grep(self.CIPHERS, self.ANALYSIS.LOCAL_SOURCE)
if files and cipher_files:
self.REPORT = True
self.DETAILS = Utils.grep_details(cipher_files,
self.ANALYSIS.LOCAL_SOURCE)
def run(self):
result = Utils.grep(regex=self.REGEX, source=self.ANALYSIS.LOCAL_CLASS_DUMP, working_path=self.ANALYSIS.LOCAL_WORKING_FOLDER)
result[self.ANALYSIS.LOCAL_WORKING_BIN] = Utils.strings_grep_command(source_file=self.ANALYSIS.LOCAL_WORKING_BIN, command='-E "{regex}"'.format(regex=self.REGEX))
if not result[self.ANALYSIS.LOCAL_WORKING_BIN]:
result.pop(self.ANALYSIS.LOCAL_WORKING_BIN)
if result:
self.REPORT = True
self.DETAILS = Utils.grep_details(result, working_path=self.ANALYSIS.LOCAL_WORKING_FOLDER)
def run(self):
self.ANALYSIS.UTILS.launch_app(self.ANALYSIS.PACKAGE)
if self.ANALYSIS.PACKAGE in self.ANALYSIS.UTILS.processes():
self.REPORT = True
result = Utils.grep(self.REGEX,
source=self.ANALYSIS.LOCAL_SOURCE,
ignore_case=True)
if result:
self.REPORT = True
self.ISSUE_TITLE = 'Application Performs Root Detection'
self.FINDINGS = 'The Team observed that the application did performe some type fo root detection:\n'
self.DETAILS = Utils.grep_details(result,
self.ANALYSIS.LOCAL_SOURCE)
def run(self):
result = Utils.grep(regex=self.REGEX,
source=self.ANALYSIS.LOCAL_CLASS_DUMP,
working_path=self.ANALYSIS.LOCAL_WORKING_FOLDER,
ignore_case=True)
result[self.ANALYSIS.LOCAL_WORKING_BIN] = Utils.strings_grep_command(
source_file=self.ANALYSIS.LOCAL_WORKING_BIN,
command='-iE "{regex}"'.format(regex=self.REGEX))
if not result[self.ANALYSIS.LOCAL_WORKING_BIN]:
result.pop(self.ANALYSIS.LOCAL_WORKING_BIN)
self.REPORT = True
if result:
self.ISSUE_TITLE = 'Application Performs Jailbreak Detection'
self.FINDINGS = 'The Team found that the application implemented jailbreak detection mechanisms:\n'
self.DETAILS = Utils.grep_details(
result, working_path=self.ANALYSIS.LOCAL_WORKING_FOLDER)
def run(self):
remove_urls = []
urls = Utils.grep(self.REGEX, self.ANALYSIS.LOCAL_SMALI + "*")
if urls:
for f in urls:
for finding in urls[f]:
if any(ignore in finding['code']
for ignore in IGNORE) or any(
e == finding['code']
for e in ['http://', 'https://']):
urls[f].remove(finding)
if not urls[f]:
remove_urls += [f]
for f in remove_urls:
urls.pop(f)
if urls:
self.REPORT = True
self.DETAILS = Utils.grep_details(urls, self.ANALYSIS.LOCAL_SMALI)
def run(self):
logs = Utils.grep(r'Log\.(w|i|v|e)\(', self.ANALYSIS.LOCAL_SOURCE)
if logs:
self.REPORT = True
self.DETAILS = Utils.grep_details(logs, self.ANALYSIS.LOCAL_SOURCE)
def run(self):
Log.w('Checking emulator detection (this may take a while)')
if self.ANALYSIS.UTILS.check_dependencies(['avd'], install=True):
# get devices
devices = self.ANALYSIS.UTILS.devices()
# start emulator
sleep(2)
process = Utils.emulator()
Log.w('Waiting for emulator to start')
sleep(30)
if self.ANALYSIS.UTILS.CREATED_AVD:
Log.w(
'AVD just created, allowing 3 more minutes before proceeding'
)
sleep(180)
# diff devices -> get emulator
emulator = list(set(self.ANALYSIS.UTILS.devices()) - set(devices))
if len(emulator) == 1:
emulator = emulator[0]
Log.w('Waiting for {emulator}'.format(emulator=emulator))
while not self.ANALYSIS.UTILS.online(emulator):
sleep(5)
if not self.ANALYSIS.UTILS.unlocked(emulator):
Log.w('Please unlock the emulator')
while not self.ANALYSIS.UTILS.unlocked(emulator):
sleep(5)
# install and run the apk in emulator
self.ANALYSIS.UTILS.install_on(emulator,
self.ANALYSIS.WORKING_APK_FILE)
self.ANALYSIS.UTILS.launch_app(device=emulator,
package=self.ANALYSIS.PACKAGE)
Log.w('Launching the app on the emulator')
sleep(10)
# check if app in ps
if self.ANALYSIS.PACKAGE in self.ANALYSIS.UTILS.processes(
emulator, root=False):
self.REPORT = True
else:
Log.e(
'More than one new device detected - emulator checks not performed'
)
# terminate emulator
process.kill()
Log.d('Checking for code that references to emulator checks')
self.DETAILS = ''
result = Utils.grep_command(
'-arin -e "generic.*Build\.FINGERPRINT" -e "Build\.FINGERPRINT.*generic -e "sdk.*Build\.PRODUCT" -e "Build\.PRODUCT.*sdk" -e "Secure\.ANDROID_ID" -e "getSensorList" {src}'
.format(src=self.ANALYSIS.LOCAL_SOURCE),
self.ANALYSIS.LOCAL_SOURCE)
if result:
self.DETAILS += Utils.grep_details(result,
self.ANALYSIS.LOCAL_SOURCE)
self.REPORT = True