SEAL is a SEAndroid live device analysis tool. It can perform policy analysis on Android devices (real or emulated) connected through ADB. Devices must be rooted or running a debug build. Running the tool on a non-rooted production device will yield incomplete results.
usage: seal [-h] [--adb ADB] [--device <DEVICE>]
{polinfo,files,processes} ...
positional arguments:
{polinfo,files,processes}
sub-command help
polinfo Show policy info from device
files List all files on the device
processes List all processes on the device
optional arguments:
-h, --help show this help message and exit
--adb ADB Path to your local root adb if not in your $PATH
--device <DEVICE> Specify a device to work with
The tool offers functionality through a set of subcommands. The current ones are:
- polinfo - view policy statistics from a connected device
- files - list files on the device, optionally filtering to show only files a specific process has access to
- processes - list processes on the device, optionally filtering to show only processes that have access to a specific file/path
A graphical frontend to the SEAL library is available as SEALX.
The SEAL library may be obtained by cloning this repository. From the command line, do:
$ git clone git@github.com:seandroid-analytics/seal.git
The SEAL library requires the Python bindings to libapol and libqpol from SEToolsv3.
These can be obtained on Ubuntu 14.04 LTS by installing the python-setools
package.
From the resulting directory, run:
$ python seal/seal.py [GLOBAL OPTIONS] <subcommand> [OPTIONS]
To run the graphical version:
$ python seal/sealx.py
You can report bugs in the project issue tracker.
Copyright 2015 Filippo Bonazzi
SEAL is licensed under the Apache License 2.0 (see LICENSE).
SEAL is an open source project being developed at Aalto University as part of the Intel Collaborative Research Institute for Secure Computing (ICRI-SC).