def auto_dynamic(md5_hash, package, launcher):
dm_context = start_dm(md5_hash, package, launcher)
env_data = get_env(md5_hash, package, launcher)
download_thread = start_download_logs(md5_hash)
time.sleep(40)
app_info = {
'packagename': package,
'mainactivity': launcher,
'file_md5': md5_hash
}
auto_app_test(app_info)
stop_capfuzz(settings.PORT)
global Is_Downloading
Is_Downloading = False
download_thread.join()
time.sleep(3)
clean()
return
def start_dm(md5_hash, package, launcher):
# Start DM
stop_capfuzz(settings.PORT)
toolsdir = os.path.join(settings.BASE_DIR,
'DynamicAnalyzer/tools/') # TOOLS DIR
adb = getADB(toolsdir)
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_REAL_DEVICE":
print(
"\n[INFO] MobSF will perform Dynamic Analysis on real Android Device"
)
is_avd = False
elif settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
# adb, avd_path, reference_name, dup_name, emulator
is_avd = True
refresh_avd(adb, settings.AVD_PATH, settings.AVD_REFERENCE_NAME,
settings.AVD_DUP_NAME, settings.AVD_EMULATOR)
else:
# Refersh VM
is_avd = False
refresh_vm(settings.UUID, settings.SUUID, settings.VBOX)
context = {
'md5': md5_hash,
'pkg': package,
'lng': launcher,
'title': 'Start Testing',
'AVD': is_avd,
}
return context
def android_dynamic_analyzer(request):
"""Android Dynamic Analyzer View"""
print("\n[INFO] Dynamic Analysis Started")
try:
if request.method == 'POST':
md5_hash = request.POST['md5']
package = request.POST['pkg']
launcher = request.POST['lng']
if re.findall(r';|\$\(|\|\||&&', package) or re.findall(
r';|\$\(|\|\||&&', launcher):
print("[ATTACK] Possible RCE")
return HttpResponseRedirect('/error/')
if re.match('^[0-9a-f]{32}$', md5_hash):
# Delete ScreenCast Cache
screen_file = os.path.join(settings.SCREEN_DIR, 'screen.png')
if os.path.exists(screen_file):
os.remove(screen_file)
# Delete Contents of Screenshot Dir
screen_dir = os.path.join(settings.UPLD_DIR,
md5_hash + '/screenshots-apk/')
if os.path.isdir(screen_dir):
shutil.rmtree(screen_dir)
else:
os.makedirs(screen_dir)
# Start DM
stop_capfuzz(settings.PORT)
toolsdir = os.path.join(settings.BASE_DIR,
'DynamicAnalyzer/tools/') # TOOLS DIR
adb = getADB(toolsdir)
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_REAL_DEVICE":
print(
"\n[INFO] MobSF will perform Dynamic Analysis on real Android Device"
)
is_avd = False
elif settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
# adb, avd_path, reference_name, dup_name, emulator
is_avd = True
refresh_avd(adb, settings.AVD_PATH,
settings.AVD_REFERENCE_NAME,
settings.AVD_DUP_NAME, settings.AVD_EMULATOR)
else:
# Refersh VM
is_avd = False
refresh_vm(settings.UUID, settings.SUUID, settings.VBOX)
context = {
'md5': md5_hash,
'pkg': package,
'lng': launcher,
'title': 'Start Testing',
'AVD': is_avd,
}
template = "dynamic_analysis/start_test.html"
return render(request, template, context)
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] DynamicAnalyzer")
return HttpResponseRedirect('/error/')
def dump_data(request):
"""Downloading Application Data from Device"""
logger.info("Downloading Application Data from Device")
try:
if request.method == 'POST':
data = {}
package = request.POST['pkg']
md5_hash = request.POST['md5']
if re.match('^[0-9a-f]{32}$', md5_hash):
if re.findall(r";|\$\(|\|\||&&", package):
logger.info("[ATTACK] Possible RCE")
return HttpResponseRedirect('/error/')
base_dir = settings.BASE_DIR
apk_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/')
# Let's try to close Proxy a bit early as we don't have much
# control on the order of thread execution
stop_capfuzz(settings.PORT)
logger.info("Deleting Dump Status File")
adb_command(["rm", "/sdcard/mobsec_status"], True)
logger.info("Creating TAR of Application Files.")
adb_command([
"am", "startservice", "-a", package,
"opensecurity.ajin.datapusher/.GetPackageLocation"
], True)
logger.info("Waiting for TAR dump to complete...")
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_REAL_DEVICE":
timeout = settings.DEVICE_TIMEOUT
else:
timeout = settings.VM_TIMEOUT
start_time = time.time()
while True:
current_time = time.time()
if b"MOBSEC-TAR-CREATED" in adb_command(
["cat", "/sdcard/mobsec_status"], shell=True):
break
if (current_time - start_time) > timeout:
logger.error(
"TAR Generation Failed. Process timed out.")
break
logger.info("Dumping Application Files from Device/VM")
adb_command([
"pull", "/data/local/" + package + ".tar",
apk_dir + package + ".tar"
])
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
logger.info("Removing package")
adb_command(["uninstall", package])
stop_avd()
logger.info("Stopping ADB")
adb_command(["kill-server"])
data = {'dump': 'yes'}
return HttpResponse(json.dumps(data),
content_type='application/json')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] Downloading Application Data from Device")
return HttpResponseRedirect('/error/')
def dump_data(request):
"""Downloading Application Data from Device."""
logger.info('Downloading Application Data from Device')
try:
if request.method == 'POST':
data = {}
package = request.POST['pkg']
md5_hash = request.POST['md5']
if re.match('^[0-9a-f]{32}$', md5_hash):
if re.findall(r';|\$\(|\|\||&&', package):
return print_n_send_error_response(request,
'Possible RCE Attack',
True)
apk_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/')
# Let's try to close Proxy a bit early as we don't have much
# control on the order of thread execution
stop_capfuzz(settings.PORT)
logger.info('Deleting Dump Status File')
adb_command(['rm', '/sdcard/mobsec_status'], True)
logger.info('Creating TAR of Application Files.')
dp = 'opensecurity.ajin.datapusher/.GetPackageLocation'
adb_command(['am', 'startservice', '-a', package, dp], True)
logger.info('Waiting for TAR dump to complete...')
if settings.ANDROID_DYNAMIC_ANALYZER == 'MobSF_REAL_DEVICE':
timeout = settings.DEVICE_TIMEOUT
else:
timeout = settings.VM_TIMEOUT
start_time = time.time()
while True:
current_time = time.time()
out = adb_command(['cat', '/sdcard/mobsec_status'],
shell=True)
if b'MOBSEC-TAR-CREATED' in out:
break
if (current_time - start_time) > timeout:
logger.error(
'TAR Generation Failed. Process timed out.')
break
logger.info('Dumping Application Files from Device/VM')
adb_command([
'pull', '/data/local/' + package + '.tar',
apk_dir + package + '.tar'
])
logger.info('Stopping ADB')
adb_command(['kill-server'])
data = {'dump': 'yes'}
return HttpResponse(json.dumps(data),
content_type='application/json')
else:
return print_n_send_error_response(request,
'Invalid Scan Hash', True)
else:
return print_n_send_error_response(request, 'Only POST allowed',
True)
except Exception:
logger.exception('Downloading Application Data from Device')
err = 'Application Data Dump from Device failed'
return print_n_send_error_response(request, err, True)
def android_dynamic_analyzer(request):
"""Android Dynamic Analyzer View"""
print("\n[INFO] Dynamic Analysis Started")
try:
if request.method == 'POST':
md5_hash = request.POST['md5']
package = request.POST['pkg']
launcher = request.POST['lng']
if re.findall(r';|\$\(|\|\||&&', package) or re.findall(r';|\$\(|\|\||&&', launcher):
print("[ATTACK] Possible RCE")
return HttpResponseRedirect('/error/')
if re.match('^[0-9a-f]{32}$', md5_hash):
# Delete ScreenCast Cache
screen_file = os.path.join(settings.SCREEN_DIR, 'screen.png')
if os.path.exists(screen_file):
os.remove(screen_file)
# Delete Contents of Screenshot Dir
screen_dir = os.path.join(
settings.UPLD_DIR, md5_hash + '/screenshots-apk/')
if os.path.isdir(screen_dir):
shutil.rmtree(screen_dir)
else:
os.makedirs(screen_dir)
# Start DM
stop_capfuzz(settings.PORT)
adb = getADB()
is_avd = False
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_REAL_DEVICE":
print(
"\n[INFO] MobSF will perform Dynamic Analysis on real Android Device")
elif settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
# adb, avd_path, reference_name, dup_name, emulator
is_avd = True
if not os.path.exists(settings.AVD_EMULATOR):
return HttpResponseRedirect('/error/')
if not refresh_avd():
return HttpResponseRedirect('/error/')
else:
# Refersh VM
refresh_vm(settings.UUID, settings.SUUID, settings.VBOX)
context = {'md5': md5_hash,
'pkg': package,
'lng': launcher,
'title': 'Start Testing',
'AVD': is_avd, }
template = "dynamic_analysis/start_test.html"
return render(request, template, context)
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] DynamicAnalyzer")
return HttpResponseRedirect('/error/')
def dump_data(request):
"""Downloading Application Data from Device"""
print("\n[INFO] Downloading Application Data from Device")
try:
if request.method == 'POST':
data = {}
package = request.POST['pkg']
md5_hash = request.POST['md5']
if re.match('^[0-9a-f]{32}$', md5_hash):
if re.findall(r";|\$\(|\|\||&&", package):
print("[ATTACK] Possible RCE")
return HttpResponseRedirect('/error/')
base_dir = settings.BASE_DIR
apk_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/')
# Let's try to close Proxy a bit early as we don't have much
# control on the order of thread execution
stop_capfuzz(settings.PORT)
print("\n[INFO] Deleting Dump Status File")
adb_command(["rm", "/sdcard/mobsec_status"], True)
print("\n[INFO] Creating TAR of Application Files.")
adb_command(["am", "startservice", "-a", package,
"opensecurity.ajin.datapusher/.GetPackageLocation"], True)
print("\n[INFO] Waiting for TAR dump to complete...")
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_REAL_DEVICE":
timeout = settings.DEVICE_TIMEOUT
else:
timeout = settings.VM_TIMEOUT
start_time = time.time()
while True:
current_time = time.time()
if b"MOBSEC-TAR-CREATED" in adb_command(["cat", "/sdcard/mobsec_status"], shell=True):
break
if (current_time - start_time) > timeout:
print(
"\n[ERROR] TAR Generation Failed. Process timed out.")
break
print("\n[INFO] Dumping Application Files from Device/VM")
adb_command(["pull", "/data/local/" + package +
".tar", apk_dir + package + ".tar"])
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
print("\n[INFO] Removing package")
adb_command(["uninstall", package])
stop_avd()
print("\n[INFO] Stopping ADB")
adb_command(["kill-server"])
data = {'dump': 'yes'}
return HttpResponse(json.dumps(data), content_type='application/json')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] Downloading Application Data from Device")
return HttpResponseRedirect('/error/')
def android_dynamic_analyzer(request):
"""Android Dynamic Analyzer View."""
logger.info('Dynamic Analysis Started')
try:
if request.method == 'POST':
md5_hash = request.POST['md5']
package = request.POST['pkg']
launcher = request.POST['lng']
if (re.findall(r';|\$\(|\|\||&&', package)
or re.findall(r';|\$\(|\|\||&&', launcher)):
return print_n_send_error_response(request,
'Possible RCE Attack')
if re.match('^[0-9a-f]{32}$', md5_hash):
# Delete ScreenCast Cache
screen_file = os.path.join(settings.SCREEN_DIR, 'screen.png')
if os.path.exists(screen_file):
os.remove(screen_file)
# Delete Contents of Screenshot Dir
screen_dir = os.path.join(
settings.UPLD_DIR, md5_hash + '/screenshots-apk/')
if os.path.isdir(screen_dir):
shutil.rmtree(screen_dir)
else:
os.makedirs(screen_dir)
# Start DM
stop_capfuzz(settings.PORT)
if settings.ANDROID_DYNAMIC_ANALYZER == 'MobSF_REAL_DEVICE':
logger.info(
'MobSF Dynamic Analysis on Real Android Device')
else:
# Refersh VM
refresh_vm(settings.UUID, settings.SUUID, settings.VBOX)
context = {'md5': md5_hash,
'pkg': package,
'lng': launcher,
'title': 'Start Testing'}
template = 'dynamic_analysis/start_test.html'
return render(request, template, context)
else:
return print_n_send_error_response(request,
'Invalid Scan Hash')
else:
return print_n_send_error_response(request,
'Only POST allowed')
except Exception:
logger.exception('DynamicAnalyzer')
return print_n_send_error_response(request,
'Dynamic Analysis Failed.')
def capfuzz_start(request):
"""Start CapFuzz UI"""
print("[INFO] Starting CapFuzz Web UI")
try:
stop_capfuzz(settings.PORT)
start_fuzz_ui(settings.PORT)
time.sleep(3)
print("[INFO] CapFuzz UI Started")
if request.GET['project']:
project = request.GET['project']
else:
project = ""
return HttpResponseRedirect('http://localhost:' + str(settings.PORT) + "/dashboard/" + project)
except:
PrintException("[ERROR] Starting CapFuzz Web UI")
return HttpResponseRedirect('/error/')
def capfuzz_start(request):
"""Start CapFuzz UI"""
print("[INFO] Starting CapFuzz Web UI")
try:
stop_capfuzz(settings.PORT)
start_fuzz_ui(settings.PORT)
time.sleep(3)
print("[INFO] CapFuzz UI Started")
if request.GET['project']:
project = request.GET['project']
else:
project = ""
return HttpResponseRedirect('http://localhost:' + str(settings.PORT) + "/dashboard/" + project)
except:
PrintException("[ERROR] Starting CapFuzz Web UI")
return HttpResponseRedirect('/error/')
def capfuzz_start(request):
"""Start CapFuzz UI"""
logger.info("Starting CapFuzz Web UI")
try:
stop_capfuzz(settings.PORT)
start_fuzz_ui(settings.PORT)
time.sleep(3)
logger.info("CapFuzz UI Started")
if request.GET['project']:
project = request.GET['project']
else:
project = ""
return HttpResponseRedirect('http://localhost:' + str(settings.PORT) + "/dashboard/" + project)
except:
PrintException("Starting CapFuzz Web UI")
return print_n_send_error_response(request, "Error Starting CapFuzz UI")
def capfuzz_start(request):
"""Start CapFuzz UI"""
logger.info("Starting CapFuzz Web UI")
try:
stop_capfuzz(settings.PORT)
start_fuzz_ui(settings.PORT)
time.sleep(3)
logger.info("CapFuzz UI Started")
if request.GET['project']:
project = request.GET['project']
else:
project = ""
return HttpResponseRedirect('http://localhost:' + str(settings.PORT) +
"/dashboard/" + project)
except:
PrintException("Starting CapFuzz Web UI")
return print_n_send_error_response(request,
"Error Starting CapFuzz UI")
def capfuzz_start(request):
"""Start CapFuzz UI."""
logger.info('Starting CapFuzz Web UI')
try:
stop_capfuzz(settings.PORT)
start_fuzz_ui(settings.PORT)
time.sleep(3)
logger.info('CapFuzz UI Started')
if request.GET['project']:
project = request.GET['project']
else:
project = ''
url = ('http://localhost:{}'
'/dashboard/{}'.fomat(str(settings.PORT), project))
return HttpResponseRedirect(url)
except Exception:
logger.exception('Starting CapFuzz Web UI')
err = 'Error Starting CapFuzz UI'
return print_n_send_error_response(request, err)
def dump_data(request):
"""Downloading Application Data from Device"""
print("\n[INFO] Downloading Application Data from Device")
try:
if request.method == 'POST':
data = {}
package = request.POST['pkg']
md5_hash = request.POST['md5']
if re.match('^[0-9a-f]{32}$', md5_hash):
if re.findall(r";|\$\(|\|\||&&", package):
print("[ATTACK] Possible RCE")
return HttpResponseRedirect('/error/')
base_dir = settings.BASE_DIR
apk_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/')
toolsdir = os.path.join(
base_dir, 'DynamicAnalyzer/tools/') # TOOLS DIR
adb = getADB(toolsdir)
# Let's try to close Proxy a bit early as we don't have much
# control on the order of thread execution
stop_capfuzz(settings.PORT)
print("\n[INFO] Deleting Dump Status File")
subprocess.call([adb,
"-s",
get_identifier(),
"shell",
"rm",
"/sdcard/mobsec_status"])
print("\n[INFO] Creating TAR of Application Files.")
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
# tar -cvf /data/local/"+pkg+".tar /data/data/"+pkg+"/",
subprocess.call([adb,
"-s",
get_identifier(),
"shell",
"/data/local/tmp/tar.sh",
package])
else:
subprocess.call([adb,
"-s",
get_identifier(),
"shell",
"am",
"startservice",
"-a",
package,
"opensecurity.ajin.datapusher/.GetPackageLocation"])
print("\n[INFO] Waiting for TAR dump to complete...")
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_REAL_DEVICE":
timeout = settings.DEVICE_TIMEOUT
else:
timeout = settings.VM_TIMEOUT
start_time = time.time()
while True:
current_time = time.time()
if b"MOBSEC-TAR-CREATED" in subprocess.check_output([adb,
"-s",
get_identifier(),
"shell",
"cat",
"/sdcard/mobsec_status"]):
break
if (current_time - start_time) > timeout:
print(
"\n[ERROR] TAR Generation Failed. Process timed out.")
break
print("\n[INFO] Dumping Application Files from Device/VM")
subprocess.call([adb,
"-s",
get_identifier(),
"pull",
"/data/local/" + package + ".tar",
apk_dir + package + ".tar"])
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
stop_avd(adb)
print("\n[INFO] Stopping ADB")
subprocess.call([adb,
"-s",
get_identifier(),
"kill-server"])
data = {'dump': 'yes'}
return HttpResponse(json.dumps(data), content_type='application/json')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] Downloading Application Data from Device")
return HttpResponseRedirect('/error/')
def android_dynamic_analyzer(request):
"""Android Dynamic Analyzer View"""
logger.info("Dynamic Analysis Started")
try:
if request.method == 'POST':
md5_hash = request.POST['md5']
package = request.POST['pkg']
launcher = request.POST['lng']
if re.findall(r';|\$\(|\|\||&&', package) or re.findall(
r';|\$\(|\|\||&&', launcher):
return print_n_send_error_response(request,
"Possible RCE Attack")
if re.match('^[0-9a-f]{32}$', md5_hash):
# Delete ScreenCast Cache
screen_file = os.path.join(settings.SCREEN_DIR, 'screen.png')
if os.path.exists(screen_file):
os.remove(screen_file)
# Delete Contents of Screenshot Dir
screen_dir = os.path.join(settings.UPLD_DIR,
md5_hash + '/screenshots-apk/')
if os.path.isdir(screen_dir):
shutil.rmtree(screen_dir)
else:
os.makedirs(screen_dir)
# Start DM
stop_capfuzz(settings.PORT)
adb = getADB()
is_avd = False
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_REAL_DEVICE":
logger.info(
"MobSF will perform Dynamic Analysis on real Android Device"
)
elif settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
# adb, avd_path, reference_name, dup_name, emulator
is_avd = True
if not os.path.exists(settings.AVD_EMULATOR):
return print_n_send_error_response(
request, "Cannot Find AVD Emulator")
if not refresh_avd():
return print_n_send_error_response(
request, "Cannot Refresh AVD")
else:
# Refersh VM
refresh_vm(settings.UUID, settings.SUUID, settings.VBOX)
context = {
'md5': md5_hash,
'pkg': package,
'lng': launcher,
'title': 'Start Testing',
'AVD': is_avd,
}
template = "dynamic_analysis/start_test.html"
return render(request, template, context)
else:
return print_n_send_error_response(request,
"Invalid Scan Hash")
else:
return print_n_send_error_response(request, "Only POST allowed")
except:
PrintException("DynamicAnalyzer")
return print_n_send_error_response(request, "Dynamic Analysis Failed.")
