def get_result_plugins(self): # Get result of plugins i.e. Frida Hooks session = Database.get_session() counter = 0 for i in range(len(self.plugins)): # Name of plugin clazzName = list(self.plugins[i].__dict__.keys())[11] # Get plugin's class clazz = self.plugins[i].__getattribute__(clazzName) query = session.query(clazz).filter( clazz.application_id == self.current_application.id) resultQuery = query.all() clazzDict = clazz.__dict__ keys = list(clazzDict.keys()) pluginList = [] for plugin in query: attributesDict = {} for key in keys: if not key.startswith('_'): attributesDict[key] = plugin.__getattribute__(key) if len(attributesDict) != 0: pluginList.append(attributesDict) if len(pluginList) != 0: self.renderPlugins[clazzName] = pluginList
def analyse_sample(self, apk_path): ''' Analyze the given apk :param apk_path: :return: ''' logging.debug("Core:analyse_sample()") self.current_application = Application.Application(apk_path) if not self.check_apk_is_valid(): logging.error( f"The apk architecture and the device architecture ({self.device.get_device_arch()}) doesn't match for application : {self.current_application.filename}" ) return # Database storing session = Database.get_session() self.analysis.application.append(self.current_application) session.add(self.current_application) session.commit() logging.info(f"Package name: {self.current_application.package}") logging.info( f"Main activity: {self.current_application.get_main_activity()}") logging.info(f"Path : {self.current_application.path}") logging.info(f"SHA256 : {self.current_application.get_sha256_hash()}") time_init = time.time() module = self.module(self.current_application, self.plugins) try: if (self.device.type == "Physical" and self.current_application.package in self.device.list_third_party()): self.device.uninstall_application( self.current_application.package) self.device.install_application(self.current_application.path) self.start_receivers(module) current_time = 0 while current_time < self.timeout or self.module.stop == False or ( self.timeout == -1 and self.device.check_is_up()): current_time = time.time() - time_init logging.debug(current_time) time.sleep(1) self.stop_receivers() if (self.timeout != -1): self.device.uninstall_application( self.current_application.package) except Exception as e: self.device.uninstall_application(self.current_application.package) self.stop_receivers() print(e)
def __init__(self, configuration, device: Device, module, path: str): self.configuration = configuration self.device = device self.path = path self.module = module self.session = None self.timeout = int(configuration['ANALYSIS'].get('analysis_timeout')) self.plugins = self.load_plugins() # Object used by the core self.current_application = None self.receivers = [] # Database initialisation session = Database.get_session() self.analysis = Analysis(uuid=str(uuid.uuid4()), date=datetime.now()) session.add(self.analysis) session.commit()
def analyse_sample(self, apk_path): ''' Analyze the given apk :param apk_path: :return: ''' logging.debug("Core:analyse_sample()") self.current_application = Application.Application(apk_path) # Database storing session = Database.get_session() self.analysis.application.append(self.current_application) session.add(self.current_application) session.commit() logging.info(f"Package name: {self.current_application.package}") logging.info( f"Main activity: {self.current_application.get_main_activity()}") logging.info(f"Path : {self.current_application.path}") logging.info(f"SHA256 : {self.current_application.get_sha256_hash()}") time_init = time.time() module = self.module(self.current_application, self.plugins) if (self.device.type == "Physical"): self.device.uninstall_application(self.current_application.package) self.device.install_application(self.current_application.path) self.start_receivers(module) current_time = 0 while current_time < self.timeout or self.module.stop == False or ( self.timeout == -1 and self.device.check_is_up()): current_time = time.time() - time_init logging.debug(current_time) time.sleep(1) self.stop_receivers() if (self.timeout != -1): self.device.uninstall_application(self.current_application.package)
def get_result_plugins(self): # Get result of plugins i.e. Frida Hooks session = Database.get_session() for i in range(len(self.plugins)): # if there is an instance of the plugin in the database # logging.error(self.plugins[i].__dict__) if "Database" in list(self.plugins[i].__dict__.keys()): # Name of plugin pluginName = list(self.plugins[i].__dict__.keys())[11] # Get plugin's class clazz = self.plugins[i].__getattribute__(pluginName) # Get plugins for all apps that were analyzed str_filter = "application_id" for i in range(len(self.app_ids)): if i == len(self.app_ids) - 1: str_filter += f"=={self.app_ids[i]}" else: str_filter += f"=={self.app_ids[i]} or application_id" # query = session.query(clazz).filter(clazz.application_id==self.current_application.id) query = session.query(clazz).filter(text(str_filter)) resultQuery = query.all() clazzDict = clazz.__dict__ keys = list(clazzDict.keys()) pluginList = [] for plugin in query: attributesDict = {} for key in keys: if not key.startswith('_'): attributesDict[key] = plugin.__getattribute__(key) if len(attributesDict) != 0: pluginList.append(attributesDict) if len(pluginList) != 0: self.renderPlugins[pluginName] = pluginList
def analyse_sample(self, apk_path): ''' Analyze the given apk :param apk_path: :return: ''' logging.debug("Core:analyse_sample()") self.current_application = Application.Application(apk_path) if not self.check_apk_is_valid(): logging.error( f"The apk architecture and the device architecture ({self.device.get_device_arch()}) doesn't match for application : {self.current_application.filename}" ) return # Database storing session = Database.get_session() self.analysis.application.append(self.current_application) session.add(self.current_application) session.commit() self.app_ids.append(self.current_application.id) logging.info(f"Package name: {self.current_application.package}") logging.info( f"Main activity: {self.current_application.get_main_activity()}") logging.info(f"Path : {self.current_application.path}") logging.info(f"SHA256 : {self.current_application.get_sha256_hash()}") logging.info( f"Accessibility services : {self.current_application.get_accessibility_services()}" ) logging.info( f"Administrator receivers : {self.current_application.get_administrator_receivers()}" ) logging.info( f"Permissions : {self.current_application.get_permissions()}") time_init = time.time() module = self.module(self.device, self.current_application, self.plugins) try: if (self.device.type == "Physical" and self.current_application.package in self.device.list_third_party()): self.device.uninstall_application( self.current_application.package) self.device.install_application( self.current_application.path, self.configuration['ANALYSIS'].getboolean( 'auto_grant_permissions')) self.start_receivers(module) # Automatically enable accessibility services of an application if (self.configuration['ANALYSIS'].getboolean( 'auto_grant_accessibility')): self.device.enable_accessibility_services( self.current_application) current_time = 0 while current_time < self.timeout or self.module.stop == False or ( self.timeout == -1 and self.device.check_is_up()): current_time = time.time() - time_init logging.debug(f"{int(current_time)}/{self.timeout} seconds") time.sleep(1) self.stop_receivers() # pulling the internal files if the options is choosed if (self.configuration['ANALYSIS'].getboolean("pull_files")): self.device.pull_application_internal_files( self.current_application.package, f"{self.report_path}/{self.current_application.package}_{self.current_application.get_sha256_hash()}" ) if (self.timeout != -1): self.device.uninstall_application( self.current_application.package) except Exception as e: logging.error(e) self.device.uninstall_application(self.current_application.package) self.stop_receivers()