def detect_Telephony_Phone_Call_abuse(x): """ @param x : a VMAnalysis instance @rtype : a list of formatted strings """ formatted_str = [] detector_1 = search_string(x, "android.intent.action.CALL") detector_2 = search_string(x, "android.intent.action.DIAL") detectors = [detector_1, detector_2] if detector_tab_is_not_empty(detectors): local_formatted_str = 'This application makes phone calls' formatted_str.append(local_formatted_str) for res in detectors: if res: try: log_result_path_information(res, "Call Intent", "string") except: logger.warn( "Detector result '%s' is not a PathVariable instance" % res) return formatted_str
def get(self): apps = self.db.session.query(models.StaticAnalyzer).all() or [] if self.request.arguments: app_name = self.get_argument('apk') if app_name.strip('.apk') in [str(i) for i in apps]: logger.warn('Already scanned!') self.render('report.html', app=app_name.strip('.apk'), status="Finished") else: logger.warn("Scan in progress...") info = yield self.extract_and_decompile(app_name) db_obj = models.StaticAnalyzer(app_name.strip('.apk'), info, "Running") self.db.session.add(db_obj) self.db.session.commit() self.redirect('/report?app='+app_name.strip('.apk')+'&status=Running') else: self.render('dashboard.html', apps=apps)
def grab_application_name_description_icon(self, package_name) : """ @param package_name : package name @rtype : (name, description, icon) string tuple """ # Constants REQUEST_TIMEOUT = 4 ERROR_APP_DESC_NOT_FOUND = 'N/A' try : # Content in English url = "http://play.google.com/store/apps/details?id=%s&hl=en" % str(package_name) req = urllib2.Request(url) response = urllib2.urlopen(req, timeout=REQUEST_TIMEOUT) the_page = response.read() p_name = re.compile(ur'''<h1 class="doc-banner-title">(.*)</h1>''') p_desc = re.compile(ur'''(?:\<div id=\"doc-original-text\" \>)(.*)(?:\<\/div\>\<\/div\>\<div class\=\"doc-description-overflow\"\>)''') p_icon = re.compile(ur'''(?:\<div class\=\"doc-banner-icon\"\>)(.*)(?:\<\/div\>\<\/td\><td class="doc-details-ratings-price")''') if p_name.findall(the_page) and p_desc.findall(the_page) and p_icon.findall(the_page) : name = strip_HTML_tags(p_name.findall(the_page)[0].decode("utf-8")) desc = strip_HTML_tags(p_desc.findall(the_page)[0].decode("utf-8")) icon_link = p_icon.findall(the_page)[0] return (name, desc, icon_link) else : logger.warn("'%s' application's description and icon could not be found in the page" % str(package_name)) return ERROR_APP_DESC_NOT_FOUND, ERROR_APP_DESC_NOT_FOUND, ERROR_APP_DESC_NOT_FOUND except HTTPError : logger.warn("'%s' application name does not exist on Google Play" % str(package_name)) return ERROR_APP_DESC_NOT_FOUND, ERROR_APP_DESC_NOT_FOUND, ERROR_APP_DESC_NOT_FOUND
def detect_Telephony_SMS_read(x) : """ @param x : a VMAnalysis instance @rtype : a list of formatted strings """ formatted_str = [] detector_1 = search_string(x, "content://sms/inbox") detectors = [detector_1] if detector_tab_is_not_empty(detectors) : local_formatted_str = 'This application reads the SMS inbox' formatted_str.append(local_formatted_str) for res in detectors : if res : try : log_result_path_information(res, "SMS Inbox", "string") except : logger.warn("Detector result '%s' is not a PathVariable instance" % res) return formatted_str
def detect_ContactAccess_lookup(x) : """ @param x : a VMAnalysis instance @rtype : a list of formatted strings """ formatted_str = [] detector_1 = search_field(x, "Landroid/provider/ContactsContract$CommonDataKinds$Phone;") detectors = [detector_1] if detector_tab_is_not_empty(detectors) : local_formatted_str = 'This application reads or edits contact data' formatted_str.append(local_formatted_str) for res in detectors : if res : try : log_result_path_information(res, "Contact access", "field") except : logger.warn("Detector result '%s' is not a PathVariable instance" % res) return formatted_str