def strings_on_ipa(bin_path):
"""Extract Strings from IPA."""
try:
logger.info('Running strings against the Binary')
unique_str = []
unique_str = list(set(strings_util(bin_path))) # Make unique
return unique_str
except Exception:
logger.exception('Running strings against the Binary')
def strings_on_ipa(bin_path):
"""Extract Strings from IPA"""
try:
print("[INFO] Running strings against the Binary")
unique_str = []
unique_str = list(set(strings_util(bin_path))) # Make unique
unique_str = [escape(ip_str) for ip_str in unique_str] # Escape evil strings
return unique_str
except:
PrintException("[ERROR] - Running strings against the Binary")
def strings_on_ipa(bin_path):
"""Extract Strings from IPA"""
try:
print("[INFO] Running strings against the Binary")
unique_str = []
unique_str = list(set(strings_util(bin_path))) # Make unique
unique_str = [escape(ip_str)
for ip_str in unique_str] # Escape evil strings
return unique_str
except:
PrintException("[ERROR] - Running strings against the Binary")
def strings_on_ipa(bin_path):
'''Extract Strings from IPA'''
try:
logger.info('Running strings against the Binary')
unique_str = []
unique_str = list(set(strings_util(bin_path))) # Make unique
unique_str = [escape(ip_str)
for ip_str in unique_str] # Escape evil strings
return unique_str
except:
PrintException('Running strings against the Binary')
def strings_on_ipa(bin_path):
'''Extract Strings from IPA'''
try:
logger.info('Running strings against the Binary')
unique_str = []
unique_str = list(set(strings_util(bin_path))) # Make unique
unique_str = [escape(ip_str)
for ip_str in unique_str] # Escape evil strings
return unique_str
except:
PrintException('Running strings against the Binary')
def _binary_analysis(app_dic):
"""Start binary analsis."""
logger.info('Starting Binary Analysis')
bin_an_dic = {}
# Init optional sections to prevent None-Pointer-Errors
bin_an_dic['results'] = []
bin_an_dic['warnings'] = []
# Search for exe
for file_name in app_dic['files']:
if file_name.endswith('.exe'):
bin_an_dic['bin'] = file_name
bin_an_dic['bin_name'] = file_name.replace('.exe', '')
break
if not bin_an_dic['bin_name']:
logger.exception('No executeable in appx.')
bin_path = os.path.join(app_dic['app_dir'], bin_an_dic['bin'])
# Execute strings command
bin_an_dic['strings'] = ''
# Make unique # pylint: disable-msg=R0204
str_list = list(set(strings_util(bin_path)))
str_list = [escape(s) for s in str_list]
bin_an_dic['strings'] = str_list
# Search for unsave function
pattern = re.compile('(alloca|gets|memcpy|printf|scanf|sprintf|sscanf|'
'strcat|StrCat|strcpy|StrCpy|strlen|StrLen|strncat|'
'StrNCat|strncpy|StrNCpy|strtok|swprintf|vsnprintf|'
'vsprintf|vswprintf|wcscat|wcscpy|wcslen|wcsncat|'
'wcsncpy|wcstok|wmemcpy)')
for elem in str_list:
if pattern.match(elem[5:-5]):
result = {
'rule_id':
'Possible Insecure Function',
'status':
'Insecure',
'desc': ('Possible Insecure '
'Function detected: {}').format(elem[5:-5])
}
bin_an_dic['results'].append(result)
# Execute binskim analysis if vm is available
if platform.system() != 'Windows' or 'CI' in os.environ:
if settings.WINDOWS_VM_IP:
logger.info('Windows VM configured.')
global proxy
proxy = xmlrpc.client.ServerProxy( # pylint: disable-msg=C0103
'http://{}:{}'.format(settings.WINDOWS_VM_IP,
settings.WINDOWS_VM_PORT))
name = _upload_sample(bin_path)
bin_an_dic = binskim(name, bin_an_dic)
bin_an_dic = binscope(name, bin_an_dic)
else:
logger.warning('Windows VM not configured in settings.py.'
' Skipping Binskim and Binscope.')
warning = {
'rule_id':
'VM',
'status':
'Info',
'info':
'',
'desc':
'VM is not configured. Please read the readme.md'
' in MobSF/install/windows.',
}
bin_an_dic['results'].append(warning)
else:
logger.info('Running lokal analysis.')
global config
config = configparser.ConfigParser()
# Switch to settings definded path if available
config.read(expanduser('~') + '\\MobSF\\Config\\config.txt')
# Run analysis functions
bin_an_dic = binskim(bin_path,
bin_an_dic,
run_local=True,
app_dir=app_dic['app_dir'])
bin_an_dic = binscope(bin_path,
bin_an_dic,
run_local=True,
app_dir=app_dic['app_dir'])
return bin_an_dic
def _binary_analysis(app_dic):
"""Start binary analsis."""
logger.info("Starting Binary Analysis")
bin_an_dic = {}
# Init optional sections to prevent None-Pointer-Errors
bin_an_dic['results'] = []
bin_an_dic['warnings'] = []
# Search for exe
for file_name in app_dic['files']:
if file_name.endswith(".exe"):
bin_an_dic['bin'] = file_name
bin_an_dic['bin_name'] = file_name.replace(".exe", "")
break
if not bin_an_dic['bin_name']:
PrintException("No executeable in appx.")
bin_path = os.path.join(app_dic['app_dir'], bin_an_dic['bin'])
# Execute strings command
bin_an_dic['strings'] = ""
str_list = list(set(
strings_util(bin_path))) # Make unique # pylint: disable-msg=R0204
str_list = [escape(s) for s in str_list]
bin_an_dic['strings'] = str_list
# Search for unsave function
pattern = re.compile(
"(alloca|gets|memcpy|printf|scanf|sprintf|sscanf|strcat|StrCat|strcpy|StrCpy|strlen|StrLen|strncat|StrNCat|strncpy|StrNCpy|strtok|swprintf|vsnprintf|vsprintf|vswprintf|wcscat|wcscpy|wcslen|wcsncat|wcsncpy|wcstok|wmemcpy)"
)
for elem in str_list:
if pattern.match(elem[5:-5]):
result = {
"rule_id":
'Possible Insecure Function',
"status":
'Insecure',
"desc":
"Possible Insecure Function detected: {}".format(elem[5:-5])
}
bin_an_dic['results'].append(result)
# Execute binskim analysis if vm is available
if platform.system() != 'Windows':
if settings.WINDOWS_VM_IP:
logger.info("Windows VM configured.")
global proxy
proxy = xmlrpc.client.ServerProxy( # pylint: disable-msg=C0103
"http://{}:{}".format(settings.WINDOWS_VM_IP,
settings.WINDOWS_VM_PORT))
name = _upload_sample(bin_path)
bin_an_dic = __binskim(name, bin_an_dic)
bin_an_dic = __binscope(name, bin_an_dic)
else:
logger.warning(
"Windows VM not configured in settings.py. Skipping Binskim and Binscope."
)
warning = {
"rule_id":
"VM",
"status":
"Info",
"info":
"",
"desc":
"VM is not configured. Please read the readme.md in MobSF/install/windows."
}
bin_an_dic['results'].append(warning)
else:
logger.info("Running lokal analysis.")
global config
config = configparser.ConfigParser()
# Switch to settings definded path if available
config.read(expanduser("~") + "\\MobSF\\Config\\config.txt")
# Run analysis functions
bin_an_dic = __binskim(bin_path,
bin_an_dic,
run_local=True,
app_dir=app_dic['app_dir'])
bin_an_dic = __binscope(bin_path,
bin_an_dic,
run_local=True,
app_dir=app_dic['app_dir'])
return bin_an_dic
def _binary_analysis(app_dic):
"""Start binary analsis."""
print("[INFO] Starting Binary Analysis")
bin_an_dic = {}
# Init optional sections to prevent None-Pointer-Errors
bin_an_dic['results'] = []
bin_an_dic['warnings'] = []
# Search for exe
for file_name in app_dic['files']:
if file_name.endswith(".exe"):
bin_an_dic['bin'] = file_name
bin_an_dic['bin_name'] = file_name.replace(".exe", "")
break
if not bin_an_dic['bin_name']:
PrintException("[ERROR] No executeable in appx.")
bin_path = os.path.join(app_dic['app_dir'], bin_an_dic['bin'])
# Execute strings command
bin_an_dic['strings'] = ""
str_list = list(set(strings_util(bin_path))) # Make unique # pylint: disable-msg=R0204
str_list = [escape(s) for s in str_list]
bin_an_dic['strings'] = str_list
# Search for unsave function
pattern = re.compile("(alloca|gets|memcpy|printf|scanf|sprintf|sscanf|strcat|StrCat|strcpy|StrCpy|strlen|StrLen|strncat|StrNCat|strncpy|StrNCpy|strtok|swprintf|vsnprintf|vsprintf|vswprintf|wcscat|wcscpy|wcslen|wcsncat|wcsncpy|wcstok|wmemcpy)")
for elem in str_list:
if pattern.match(elem[5:-5]):
result = {
"rule_id": 'Possible Insecure Function',
"status": 'Insecure',
"desc": "Possible Insecure Function detected: {}".format(elem[5:-5])
}
bin_an_dic['results'].append(result)
# Execute binskim analysis if vm is available
if platform.system() != 'Windows':
if settings.WINDOWS_VM_IP:
print("[INFO] Windows VM configured.")
global proxy
proxy = xmlrpc.client.ServerProxy( # pylint: disable-msg=C0103
"http://{}:{}".format(
settings.WINDOWS_VM_IP,
settings.WINDOWS_VM_PORT
)
)
name = _upload_sample(bin_path)
bin_an_dic = __binskim(name, bin_an_dic)
bin_an_dic = __binscope(name, bin_an_dic)
else:
print("[INFO] Windows VM not configured in settings.py. Skipping Binskim and Binscope.")
warning = {
"rule_id": "VM",
"status": "Info",
"desc": "VM is not configured. Please read the readme.md in MobSF/install/windows."
}
bin_an_dic['results'].append(warning)
else:
print("[INFO] Running lokal analysis.")
global config
config = configparser.ConfigParser()
# Switch to settings definded path if available
config.read(expanduser("~") + "\\MobSF\\Config\\config.txt")
# Run analysis functions
bin_an_dic = __binskim(bin_path, bin_an_dic,
run_local=True, app_dir=app_dic['app_dir'])
bin_an_dic = __binscope(bin_path, bin_an_dic,
run_local=True, app_dir=app_dic['app_dir'])
return bin_an_dic
