def rm_breakpoint(name, path, line):
fullcode = safe_read(f"{ORKESTRA_OUTPUT_DIR}/{name}/sources/{path}")
text = fullcode.split("\n")[int(line)]
if not java_is_declaration(text):
return jsonify({"removed": False})
method, overloads = java_parse_declaration(text, fullcode)
breakpoints[path_to_class_name(path)].remove(
f"{line}/{path_to_class_name(path)}/{method}")
logger.info(
f"stopped monitoring Class={path_to_class_name(path)}, Method={method}, Overloads={overloads}"
)
return jsonify({
"removed":
dbg.method.detach(path_to_class_name(path), method, overloads),
"class":
path_to_class_name(path),
"method":
method,
"overloads":
overloads,
"line":
line,
"text":
text
})
def set_breakpoint(name, path, line):
fullcode = safe_read(f"{ORKESTRA_OUTPUT_DIR}/{name}/sources/{path}")
text = fullcode.split("\n")[int(line)]
if not java_is_declaration(text):
return jsonify({"added": False, "text": text})
method, overloads = java_parse_declaration(text, fullcode)
dbg.method.monitor(
class_name=path_to_class_name(path),
overloads=overloads,
method=method,
)
logger.info(
f"started monitoring Class={path_to_class_name(path)}, Method={method}, Overloads={overloads}"
)
bp = breakpoints.get(path_to_class_name(path), [])
bp.append(f"{line}/{path_to_class_name(path)}/{method}")
breakpoints[path_to_class_name(path)] = bp
return jsonify({
"added": True,
"class": path_to_class_name(path),
"method": method,
"overloads": overloads,
"line": line,
"text": text,
})
def decompile(name):
Jadx(f"{ORKESTRA_UPLOAD_DIR}/{name}").decompile()
manifest = safe_read(
f"{ORKESTRA_OUTPUT_DIR}/{name}/resources/AndroidManifest.xml")
package = re.findall('package="(.*?)"', manifest)[0]
logger.info(f"decompiled package={package} file={name}")
return redirect(f"/?apk={name}&package={package}")
def upload():
uploaded_file = request.files['file']
if uploaded_file.filename != '':
uploaded_file.save(
f"{ORKESTRA_UPLOAD_DIR}/{os.path.basename(uploaded_file.filename)}"
)
logger.info(
f"uploaded file={uploaded_file.filename} path={uploaded_file.filename}"
)
return redirect(
f"/apk/{os.path.basename(uploaded_file.filename)}/decompile")
def code(name, path):
content = safe_read(f'{ORKESTRA_OUTPUT_DIR}/{name}/sources/{path}')
if content == -1:
return make_response('', 404)
logger.info(f"requested file read on dir={name} path={path}")
return (f"""
<input id='workPackage' value='{name}' type='hidden'/>
<input id='workFile' value='{name}/{path}' type='hidden'/>
<input id='workClass' value='{path_to_class_name(path)}' type='hidden'/>
<input id='workBP' value='{",".join(breakpoints.get(path_to_class_name(path), ""))}' type='hidden'/>
<pre><code class='java'>{content}</code></pre>
""")
def download_files(self):
if not os.path.isdir(self.__bin_dir):
logger.info(
f"unable to found {self.__bin_dir} directory .. is this the first run?"
)
os.mkdir(self.__bin_dir)
else:
logger.info(f"found servers directory on {self.__bin_dir}")
return # FIXME
logger.info(f"downloading required server files to {self.__bin_dir}")
response = requests.get(
"https://github.com/frida/frida/releases/latest").text
urls = re.findall('<a href=\"/frida/frida/releases/download/.*?\"',
response)
servers = [
"https://github.com" + re.findall('"(.*)"', url)[0] for url in urls
if url.find("frida-server") != -1 and url.find("android") != -1
]
for server in servers:
self.__download(server,
self.__bin_dir + "/" + server.split("/")[-1])
def decompile(self):
if os.name != "nt": subprocess.check_call(f"chmod +x {JADX_BIN}", shell=True)
cmd = f'{JADX_BIN} "{self.input}" -d "output/{os.path.basename(self.input)}"'
logger.info(f"starting jadx using command: {cmd} ")
subprocess.check_call(cmd,shell=True)
def debugger_sync():
if len(dbg.method.invokes):
result = dbg.method.invokes.pop(0)
logger.info(f"received invoke {result}")
return jsonify(result)
return jsonify({})
def debugger_spawn(package):
if dbg.spawn(package):
logger.done(f"spawned package={package}")
return jsonify({"spawned": True})
logger.info(f"unable to spawn package={package}")
return jsonify({"spawned": False})
def decompile(self):
cmd = f"{JADX_BIN} {self.input} -d output/{os.path.basename(self.input)}"
logger.info(f"starting jadx using command: {cmd} ")
subprocess.check_call(cmd)
