def genIntercept(message):
ins_methodindex = message.get('intercept_index')
if (ins_methodindex != None):
app_global.inspect_conf['overloadIndex'] = int(ins_methodindex)
else:
app_global.inspect_conf['overloadIndex'] = 0
update_conf()
with open('./config/intercept_conf.json') as f:
intercept_conf = f.read()
try:
j_intercept = json.loads(intercept_conf)
except Exception as e:
raise e
print(stylize("[+]Lets do intercept", Info))
clazz_name = j_intercept.get("classname")
methodname = j_intercept.get("methodname")
overloadIndex = j_intercept.get("overloadIndex")
if overloadIndex == None:
overloadIndex = 0
app_global.intercept_script = prepare_script_fragment(
clazz_name, methodname, "intercept", overloadIndex)
socketio.emit('update_intercept_script',
{'script': app_global.intercept_script},
namespace='/eventBus')
def doInspect(message):
app_global.device = frida.get_usb_device()
app_global.onMessageException = ''
ins_classname = message.get('ins_classname')
ins_methodname = message.get('ins_methodname')
if (ins_classname != None) & (ins_methodname != None):
app_global.inspect_conf['classname'] = ins_classname
app_global.inspect_conf['methodname'] = ins_methodname
update_conf()
app_global.inspect_result = 'Please wait'
app_global.script_to_load = prepare_script_fragment(
ins_classname, ins_methodname, "inspect")
try:
load_script()
except Exception as e:
app_global.inspect_result = "<p><code>[!] Exception: {}</code></p>".format(
str(e))
print(stylize("Exception caught in doInspect: {}".format(e), Info))
update_inspect_result = {
'classname': app_global.inspect_conf["classname"],
'methodname': app_global.inspect_conf["methodname"],
'inspect_result': (str(app_global.inspect_result))
}
cache_inspect_html()
socketio.emit('update_inspect_result',
update_inspect_result,
namespace='/eventBus')
app_global.onMessageException = ''
def setDevice(id):
app_global.device = app_global.device_manager.get_device(id)
print(stylize("[+]Changing Device with id {}".format(id), MightBeImportant))
try:
socketio.emit('show_selected_device',
{'device_list': json.dumps(app_global.device_dict), 'selection': str(app_global.device.id)},
namespace='/eventBus')
except Exception as e:
raise e
def onMonitorMessage(message, data):
app_global.onMessageException = ''
if message['type'] == 'send':
if (message.get('payload') != None):
monitor_log = str(message.get('payload'))
# monitor_log = u''.join(monitor_log).encode('utf-8').strip()
else:
monitor_log = " No message payload.."
elif message['type'] == 'error':
if (message.get('description') != None):
app_global.onMessageException = cgi.escape(message.get('description'))
else:
app_global.onMessageException = ' No description'
print(stylize("[!] Monitor Error: {}".format(app_global.onMessageException), Error))
socketio.emit('new_error_message',
{'data': "[!] {}".format(app_global.onMessageException)},
namespace='/eventBus')
monitor_log = message.get('payload') if message.get('payload') else ''
j_monitor_log = json.loads(monitor_log)
mon_type = j_monitor_log.get("monitor_type")
args = j_monitor_log.get("arg_dump")
method = j_monitor_log.get("method_info")
retval = j_monitor_log.get("retval_dump")
if args != None:
args = cgi.escape(args).replace(linebreak, '<br>')
if method != None:
method = cgi.escape(method).replace(linebreak, '<br>')
if retval != None:
retval = cgi.escape(retval).replace(linebreak, '<br>')
monitor_entry = {"methodname": method, "args": args, "retval": retval}
# "types" : ["fileIO", "HTTP", "WEBVIEW", "SQL", "IPC", "MISC", "IGNORE"]
if (mon_type != None) & (mon_type != "IGNORE"):
if mon_type == "fileIO":
app_global.monitor_message['FILEIO'].insert(0, monitor_entry)
elif mon_type == "SHAREDPREFERENCES":
app_global.monitor_message['SHAREDPREFERENCES'].insert(0, monitor_entry)
elif mon_type == "HTTP":
app_global.monitor_message['HTTP'].insert(0, monitor_entry)
elif mon_type == "WEBVIEW":
app_global.monitor_message['WEBVIEW'].insert(0, monitor_entry)
elif mon_type == "SQL":
app_global.monitor_message['SQL'].insert(0, monitor_entry)
elif mon_type == "IPC":
app_global.monitor_message['IPC'].insert(0, monitor_entry)
else: # misc
mon_type = "MISC"
app_global.monitor_message['MISC'].insert(0, monitor_entry)
# socketio.emit('update_monitor_message', {'mon_type': mon_type.upper(), 'monitor_message': app_global.monitor_message},namespace='/eventBus')
app_global.monitor_queue.add(mon_type.upper())
def load_intercept_script(message):
app_global.intercept_script = message.get('script')
app_global.script_to_load = message.get('script')
#print(app_global.intercept_script)
cache_script("intercept_cache", app_global.intercept_script)
try:
load_script()
except Exception as e:
app_global.intercept_exception = "[!] intercept_exception: {}".format(
str(e))
socketio.emit('new_intercept', {
'data': app_global.intercept_exception,
'time': app_global.new_intercept_time
},
namespace='/eventBus')
def listAllApplications():
apps = app_global.device.enumerate_applications()
list_apps = []
# Application(identifier="com.android.providers.contacts", name="Contacts Storage", pid=10449)
for app in apps:
if (str(app).find('pid=') != -1):
regex = re.search('identifier="(.*)"\W*name="(.*)"\W*pid=(.*)\)', str(app))
json_app = {"name": regex.group(2), "identifier": regex.group(1), "pid": regex.group(3)}
else:
regex = re.search('identifier="(.*)"\W*name="(.*)"', str(app))
json_app = {"identifier": regex.group(1), "name": regex.group(2)}
list_apps.append(json_app)
list_apps.sort(key=key_sort_list_apps)
json_apps = json.loads(json.dumps(list_apps))
print(json_apps)
print("Listing All Apps Done!")
socketio.emit('list_applications', {'data': json_apps}, namespace='/eventBus')
print("Sent List Apps Done!")
def getDevice():
try:
print(stylize("[+] Trying to get device..", Info))
app_global.device_dict = {}
app_global.device_manager = frida.get_device_manager()
device_list = app_global.device_manager.enumerate_devices()
if len(device_list) != 0:
remote_device_list = []
for dv in device_list:
if (str(dv.id) != 'local') & (str(dv.id) != 'tcp'):
remote_device_list.append(dv)
if len(remote_device_list) == 1:
app_global.device = remote_device_list[0]
socketio.emit('update_device',
{'data': cgi.escape(str(app_global.device))},
namespace='/eventBus')
elif len(remote_device_list) > 1:
for dv in remote_device_list:
app_global.device_dict[str(dv.id)] = str(dv)
# Interact with user to select device
if app_global.device == None:
socketio.emit('select_device',
{'device_list': json.dumps(app_global.device_dict)},
namespace='/eventBus')
else:
socketio.emit('show_selected_device',
{'device_list': json.dumps(app_global.device_dict),
'selection': str(app_global.device.id)},
namespace='/eventBus')
else:
raise Exception(" No device Found!")
# return str(app_global.device)
except Exception as e:
app_global.device = None
socketio.emit('update_device',
{'data': cgi.escape(str(app_global.device))},
namespace='/eventBus')
print(stylize(str(e), Error))
def run_js():
socketio.emit('run_js_on', {'data': 'xxxxxxxxx'}, namespace='/eventBus')
def load_class():
with open("./save_data/class_filtered.js", 'r', encoding='utf-8') as f:
print("Load_class")
#print(f.read())
socketio.emit('list_class_saved', {'data': f.read()}, namespace='/eventBus')
def onMessage(message, data):
app_global.onMessageException = ''
if message['type'] == 'send':
if (message.get('payload') != None):
info = str(message.get('payload'))
# info = str(u''.join(info).encode('utf-8').strip())
else:
info = " No message payload.."
elif message['type'] == 'error':
if (message.get('description') != None):
app_global.onMessageException = cgi.escape(message.get('description'))
else:
app_global.onMessageException = ' No description'
print(stylize("[!]Error: {}".format(app_global.onMessageException), Error))
socketio.emit('new_error_message',
{'data': "[!] {}".format(app_global.onMessageException)},
namespace='/eventBus')
info = message.get('payload') if message.get('payload') else ''
# IPython.embed()
if "load_environment_script" in info:
env_info = info.replace("load_environment_script", '')
# print (env_info)
# IPython.embed()
j_env_info = json.loads(env_info)
if j_env_info.get("packageCodePath") != None:
with open("./config/env_conf.json", 'w') as f:
json.dump(j_env_info, f)
socketio.emit('update_env_info',
{'data': env_info},
namespace='/eventBus')
# env stuff
if "-hook_scripting-" in info:
#print("hoo00ook")
info = info.replace("-hook_scripting-", '')
j_info = json.loads(info)
args = j_info.get("arg_dump")
method = j_info.get("method_info")
retval = j_info.get("retval_dump")
# special_instruction = j_info.get("special_inst") # experimental
if args != None:
args = cgi.escape(args).replace(linebreak, '<br>')
if method != None:
method = cgi.escape(method).replace(linebreak, '<br>')
if retval != None:
retval = cgi.escape(retval).replace(linebreak, '<br>')
info_dict = {"methodname": method, "args": args, "retval": retval}
app_global.messages.insert(0, info_dict)
# if special_instruction != None: # experimental
# log_r_value(special_instruction)
socketio.emit('new_hook_message',
{'data': json.dumps(info_dict)},
namespace='/eventBus')
if "-hook_multi_scripting-" in info:
#print("hoo00ookmulti")
info = info.replace("-hook_multi_scripting-", '')
j_info = json.loads(info)
args = j_info.get("arg_dump")
method = j_info.get("method_info")
type = j_info.get("type")
time = j_info.get("time")
arg_type = j_info.get("arg_type")
# special_instruction = j_info.get("special_inst") # experimental
if args != None:
args = cgi.escape(args).replace(linebreak, '<br>')
if method != None:
method = cgi.escape(method).replace(linebreak, '<br>')
info_dict = {"methodname": method, "args": args,"type":type, "time":time, "arg_type":arg_type}
app_global.messages.insert(0, info_dict)
# if special_instruction != None: # experimental
# log_r_value(special_instruction)
socketio.emit('new_hook_multi_message',
{'data': json.dumps(info_dict)},
namespace='/eventBus')
if "-enumeration_script-" in info:
enum_msg = info.replace('undefined', '').replace("-enumeration_script-", '')
####
app_global.enum_messages = []
####
app_global.enum_messages.insert(0, enum_msg)
socketio.emit("update_enum_messages", namespace='/eventBus')
if "-time_for_time-" in info:
intercept_msg = info.replace("-time_for_time-", '')
if "-the_time_for_now-" in intercept_msg:
app_global.new_intercept_msg = intercept_msg.split("-the_time_for_now-")[0]
app_global.new_intercept_time = intercept_msg.split("-the_time_for_now-")[1]
else:
app_global.new_intercept_msg = intercept_msg
socketio.emit('new_intercept',
{'data': app_global.new_intercept_msg, 'time': app_global.new_intercept_time},
namespace='/eventBus')
if "-methods_of_class-" in info:
inspect_info = info.replace("-methods_of_class-", '')
j_inspect = json.loads(inspect_info)
overload_info = j_inspect['methodInfo']
overload_count = len(overload_info)
inspect_class_name = app_global.inspect_conf["classname"]
inspect_method_name = app_global.inspect_conf["methodname"]
html_output = ""
if overload_count >= 1:
#html_output = "<p><code>{}</code></p>".format(
# cgi.escape(inspect_class_name) + '.' + cgi.escape(inspect_method_name))
html_output = ""
html_output += """
<form action='/inspect' method='POST'>
<div class="form-row align-items-center">
<div class="col-auto my-1">
<label class="mr-sm-2"> Overloads: </label>
<select class="custom-select mr-sm-2" id="indexSelect">
"""
for i in range(0, overload_count):
html_output += """
<option value={}><code>{}</code></option>
""".format(str(i), cgi.escape(str(json.dumps(overload_info[i]))).replace("\\\"", ""))
html_output += """
</select>
</div>
</div>
</form>
<div class="col-auto my-1">
<button class="btn btn-success" onclick="genIntercept()">Generate Script</button>
<button class="btn btn-primary" class="btn btn-primary" data-toggle="modal" data-target="#intercept_history" onclick="get_intercept_history();">History Scripts</button>
</div>
"""
# elif overload_count == 1:
# html_output = """
# <p><code>{}</code></p>
# <div class="radio">
# <label><input type="radio" name="optradio"><code>{}</code></label>
# </div>
# <div class="col-auto my-1">
# <button class="btn btn-success" onclick="genIntercept()">Generate Script</button>
# <button class="btn btn-primary" class="btn btn-primary" data-toggle="modal" data-target="#intercept_history" onclick="get_intercept_history();">History Scripts</button>
# </div>
# """.format(cgi.escape(inspect_class_name) + '.' + cgi.escape(inspect_method_name), str(overload_info[0]))
else:
html_output = "No such function you fool"
app_global.inspect_result = html_output
cache_inspect_html()
update_inspect_result = {'classname': app_global.inspect_conf["classname"],
'methodname': app_global.inspect_conf["methodname"],
'inspect_result': app_global.inspect_result}
socketio.emit('update_inspect_result', update_inspect_result, namespace='/eventBus')
if "-cant_have_a_shell-" in info:
app_global.new_repl_msg = info.replace("-cant_have_a_shell-", '')
socketio.emit('new_repl',
{'data': app_global.new_repl_msg, 'time': app_global.new_repl_time},
namespace='/eventBus')
def clear_hook_msg():
app_global.messages = []
socketio.emit("clear_hook_msg")