def writeConfigurationOnEmulator(emulator, idXP, reportingConfiguration):
logger = Logger.getLogger(__name__)
configurationContent = """# Hooker Analysis Configuration File
# Network configuration
[elasticsearch]
elasticsearch_mode={0}
elasticsearch_nb_thread={1}
elasticsearch_ip={2}
elasticsearch_port={3}
elasticsearch_index={4}
elasticsearch_doctype={5}
# File configuration
[file]
file_mode={6}
file_name={7}
[analysis]
idXP={8}
""".format(reportingConfiguration.elasticsearchMode, 1, "10.0.2.2",
reportingConfiguration.elasticsearchPort,
reportingConfiguration.elasticsearchIndex,
reportingConfiguration.elasticsearchDoctype,
reportingConfiguration.fileMode, "events.logs", idXP)
logger.debug(
"Deploy the following configuration on emulator {0}: \n{1}".format(
emulator.name, configurationContent))
# Write on the emulator
emulator.writeContentOnSdCard("experiment.conf", configurationContent)
def __init__(self, esNodes):
"""Creates and initializes the connection to the specified elasticsearch cluster.
The esNodes attributes refers to a list of nodes we should connect to."""
self._logger = Logger.getLogger(__name__)
self.esNodes = esNodes
self.__initializeConnection()
def writeConfigurationOnEmulator(emulator, idXP, reportingConfiguration):
logger = Logger.getLogger(__name__)
configurationContent = """# Hooker Analysis Configuration File
# Network configuration
[elasticsearch]
elasticsearch_mode={0}
elasticsearch_nb_thread={1}
elasticsearch_ip={2}
elasticsearch_port={3}
elasticsearch_index={4}
elasticsearch_doctype={5}
# File configuration
[file]
file_mode={6}
file_name={7}
[analysis]
idXP={8}
""".format(reportingConfiguration.elasticsearchMode,
1,
"10.0.2.2",
reportingConfiguration.elasticsearchPort,
reportingConfiguration.elasticsearchIndex,
reportingConfiguration.elasticsearchDoctype,
reportingConfiguration.fileMode,
"events.logs",
idXP)
logger.debug("Deploy the following configuration on emulator {0}: \n{1}".format(emulator.name, configurationContent))
# Write on the emulator
emulator.writeContentOnSdCard("experiment.conf", configurationContent)
def __init__(self, commandLineParser):
super(ManualAnalysis, self).__init__(
MainConfiguration.build(commandLineParser),
ReportingConfiguration.build(commandLineParser),
)
self._logger = Logger.getLogger(__name__)
self.analysisConfiguration = self.__prepareAnalysis(commandLineParser)
def __init__(self, esNodes):
"""Creates and initializes the connection to the specified elasticsearch cluster.
The esNodes attributes refers to a list of nodes we should connect to."""
self._logger = Logger.getLogger(__name__)
self.esNodes = esNodes
self.__initializeConnection()
def executeCommand(commandAndArgs):
logger = Logger.getLogger(__name__)
if isinstance(commandAndArgs, str):
commandAndArgs = shlex.split(commandAndArgs)
logger.debug("Executing command {0}".format(commandAndArgs))
return subprocess.check_output(commandAndArgs, stderr=subprocess.STDOUT)
def __init__(self, adbPort, name, mainConfiguration):
self._logger = Logger.getLogger(__name__)
self.name = name
self.mainConfiguration = mainConfiguration
self.adbPort = adbPort
self._hookerDir = "/mnt/sdcard/hooker/"
self.serialNumber = ''
self.state = AndroidDevice.STATE_NOT_PREPARED
def __init__(self, adbPort, name, mainConfiguration):
self._logger = Logger.getLogger(__name__)
self.name = name
self.mainConfiguration = mainConfiguration
self.adbPort = adbPort
self._hookerDir = "/mnt/sdcard/hooker/"
self.serialNumber = ''
self.state = AndroidDevice.STATE_NOT_PREPARED
def createTemporaryFolder():
"""Create a random named temporary folder."""
logger = Logger.getLogger(__name__)
logger.debug("Create temporary directory.")
tmpName = "tmp_"+str(uuid.uuid4())
createDirectory(tmpName)
return tmpName
def __init__(self, reporter, idXp, emulator, emulatorNumber, host="127.0.0.1"):
self._logger = Logger.getLogger(__name__)
self.emulatorNumber = emulatorNumber
self.emulator = emulator
self.reporter = reporter
self.idXp = idXp
self.__telnetPort = 5554 + (self.emulatorNumber*2)
self.__emulatorSerialNumber = "emulator-{0}".format(self.__telnetPort)
self.__host = host
def __init__(self, avdName, avdDir, sdkPath):
self._logger = Logger.getLogger(__name__)
self.__avdName = avdName
self.__sdkPath = sdkPath
self.__avdDir = avdDir
self.__adbPath = "{}/platform-tools/adb".format(self.__sdkPath)
self.__emulatorPath = "{}/tools/emulator".format(self.__sdkPath)
self.__android_path = "{}/tools/android".format(self.__sdkPath)
self.__emulatorProcess = None
self.__arch = None
def __init__(self, emulatorNumber, name, mainConfiguration):
self._logger = Logger.getLogger(__name__)
self.name = name
self.state = AVDEmulator.STATE_NOT_PREPARED
self.mainConfiguration = mainConfiguration
self.emulatorNumber = emulatorNumber
self.emulatorPort = 5554 + (self.emulatorNumber*2)
self.emulatorSerialNumber = "emulator-{0}".format(self.emulatorPort)
self.__emulatorProcess = None
self.__duplicateAVD()
def __init__(self, avdName, avdDir, sdkPath):
self._logger = Logger.getLogger(__name__)
self.__avdName = avdName
self.__sdkPath = sdkPath
self.__avdDir = avdDir
self.__adbPath = "{}/platform-tools/adb".format(self.__sdkPath)
self.__emulatorPath = "{}/tools/emulator".format(self.__sdkPath)
self.__android_path = "{}/tools/android".format(self.__sdkPath)
self.__emulatorProcess = None
self.__arch = None
def __init__(self, emulatorNumber, name, mainConfiguration):
self._logger = Logger.getLogger(__name__)
self.name = name
self.state = AVDEmulator.STATE_NOT_PREPARED
self.mainConfiguration = mainConfiguration
self.emulatorNumber = emulatorNumber
self.emulatorPort = 5554 + (self.emulatorNumber * 2)
self.emulatorSerialNumber = "emulator-{0}".format(self.emulatorPort)
self.__emulatorProcess = None
self.__duplicateAVD()
def __init__(self, emulatorId, name, mainConfiguration):
self._logger = Logger.getLogger(__name__)
super(AVDEmulator, self).__init__(5554 + (int(emulatorId) * 2), name, mainConfiguration)
self.__emulatorProcess = None
self.emulatorId = emulatorId
self.__duplicateAVD()
self.serialNumber = "emulator-{0}".format(self.adbPort)
if self.mainConfiguration.typeOfDevice!='emulated':
raise Exception("Type of device is not emulated, please check your configuration")
def __init__(self):
self._logger = Logger.getLogger(__name__)
self.parser = None
self.manualAnalysisRequested = False
self.automaticAnalysisRequested = False
self.mainOptions = dict()
self.manualOptions = dict()
self.automaticOptions = dict()
self.reportingOptions = dict()
self.usage = "usage: %prog [options]"
self.__parse()
def executeCommand(commandAndArgs):
logger = Logger.getLogger(__name__)
if isinstance(commandAndArgs, str):
commandAndArgs = shlex.split(commandAndArgs)
logger.debug("Executing command {0}".format(commandAndArgs))
try:
return subprocess.check_output(commandAndArgs, stderr=subprocess.STDOUT)
except Exception, e:
logger.error("Error occured while executing command : {0}".format(e))
return None
def __init__(self, adbPort, name, mainConfiguration, backupDirectory, analysisType):
super(PhysicalDevice, self).__init__(adbPort, name, mainConfiguration)
self.__backupDir = backupDirectory
self._logger = Logger.getLogger(__name__)
# Check if backup directory contains 2 folders named sdcard and partitions
self.__checkBackupDirectories()
self.serialNumber = name
self.analysisType = analysisType
self.checkAPKInstrumenter()
# Put the state directly in started, since there is no FS preparation for real device
self.state = AndroidDevice.STATE_STARTED
def __init__(self):
self._logger = Logger.getLogger(__name__)
self.parser = None
self.manualAnalysisRequested = False
self.automaticAnalysisRequested = False
self.mainOptions = dict()
self.manualOptions = dict()
self.automaticOptions = dict()
self.reportingOptions = dict()
self.usage = "usage: %prog [options]"
self.__parse()
def createEmulator(emulatorNumber, emulatorName, mainConfiguration):
logger = Logger.getLogger(__name__)
if emulatorNumber is None or int(emulatorNumber)<0:
raise Exception("Cannot create an emulator with an invalid emulator number, must be >0")
if emulatorName is None or len(emulatorName)==0:
raise Exception("Cannot create an emulator if not name is provided.")
logger.debug("Creation of new emulator named '{0}'.".format(emulatorName))
return AVDEmulator(emulatorNumber, emulatorName, mainConfiguration)
def createDirectory(directory, force=True):
"""Create the specified directory but fails if the directory already
exists unless force is set to True. In that case, we delete it and re-create it"""
logger = Logger.getLogger(__name__)
logger.debug("Create directory {0} (force={1})".format(directory, force))
if os.path.exists(directory):
if force:
shutil.rmtree(directory)
else:
raise Exception("Specified directoryalready exists, cannot create it.")
else:
os.mkdirs(directory)
def __init__(self, emulatorId, name, mainConfiguration):
self._logger = Logger.getLogger(__name__)
super(AVDEmulator, self).__init__(5554 + (int(emulatorId) * 2), name,
mainConfiguration)
self.__emulatorProcess = None
self.emulatorId = emulatorId
self.__duplicateAVD()
self.serialNumber = "emulator-{0}".format(self.adbPort)
if self.mainConfiguration.typeOfDevice != 'emulated':
raise Exception(
"Type of device is not emulated, please check your configuration"
)
def __init__(self, reporter, idXp, emulator, host="127.0.0.1"):
self._logger = Logger.getLogger(__name__)
self.emulator = emulator
self.emulatorNumber = emulator.emulatorId
self.reporter = reporter
self.idXp = idXp
self.__telnetPort = 5554 + (self.emulatorNumber*2)
self.__host = host
if emulator.mainConfiguration.typeOfDevice=='emulated':
self.__emulatorSerialNumber = "emulator-{0}".format(self.__telnetPort)
else:
self.__emulatorSerialNumber = emulator.name
def __init__(self,
reporter,
idXp,
emulator,
emulatorNumber,
host="127.0.0.1"):
self._logger = Logger.getLogger(__name__)
self.emulatorNumber = emulatorNumber
self.emulator = emulator
self.reporter = reporter
self.idXp = idXp
self.__telnetPort = 5554 + (self.emulatorNumber * 2)
self.__emulatorSerialNumber = "emulator-{0}".format(self.__telnetPort)
self.__host = host
def __init__(self, reporter, idXp, emulator, host="127.0.0.1"):
self._logger = Logger.getLogger(__name__)
self.emulator = emulator
self.emulatorNumber = emulator.emulatorId
self.reporter = reporter
self.idXp = idXp
self.__telnetPort = 5554 + (self.emulatorNumber * 2)
self.__host = host
if emulator.mainConfiguration.typeOfDevice == 'emulated':
self.__emulatorSerialNumber = "emulator-{0}".format(
self.__telnetPort)
else:
self.__emulatorSerialNumber = emulator.name
def main(markets, outFolder):
"""Main function"""
logger = Logger.getLogger(__name__)
if markets is None or len(markets)==0:
raise Exception("Specify at least one market")
if outFolder is None:
raise Exception("Specify the output folder.")
for market in markets:
logger.info("Starting Market {0}".format(market))
market.execute(outFolder, es_host=ES_HOST, es_port=ES_PORT)
logger.info("Downloading APK from {0} markets.".format(len(markets)))
def createDevice(adbNumber, name, mainConfiguration, backupDirectory, analysisType):
logger = Logger.getLogger(__name__)
if adbNumber is None or int(adbNumber)<0:
raise Exception("Cannot create a device with an invalid adb number, must be > 0")
if name is None or len(name)==0:
raise Exception("Cannot create a device if no name is provided.")
logger.debug("Creation of new device: '{0}'.".format(name))
if mainConfiguration.typeOfDevice=='real':
return PhysicalDevice(adbNumber, name, mainConfiguration, backupDirectory, analysisType)
else:
return AVDEmulator(adbNumber, name, mainConfiguration, analysisType)
def generateIdXp(apkFiles):
"""Generates and returns the identifier of the experiment
based on the provided list of apk following schema:
md5("".join(sorted(apkFileNames))+currentDate)
"""
logger = Logger.getLogger(__name__)
apkNames = [os.path.basename(apkFile) for apkFile in apkFiles]
strApkNames = ''.join(sorted(apkNames))
logger.warning(strApkNames)
currentDate = str(int(round(time.time() * 1000)))
# builds an IDXP (md5(apkFile+currentDate))
idXp = str(hashlib.md5(strApkNames+currentDate).hexdigest())
logger.debug("ID Experiment: {0} (based on {1} and {2})".format(idXp, strApkNames, currentDate))
return idXp
def createDevice(adbNumber, name, mainConfiguration, backupDirectory):
logger = Logger.getLogger(__name__)
if adbNumber is None or int(adbNumber) < 0:
raise Exception(
"Cannot create a device with an invalid adb number, must be >0"
)
if name is None or len(name) == 0:
raise Exception("Cannot create a device if no name is provided.")
logger.debug("Creation of new device named '{0}'.".format(name))
if mainConfiguration.typeOfDevice == 'real':
return PhysicalDevice(adbNumber, name, mainConfiguration,
backupDirectory)
else:
return AVDEmulator(adbNumber, name, mainConfiguration)
def generateIdXp(apkFiles):
"""Generates and returns the identifier of the experiment
based on the provided list of apk following schema:
md5("".join(sorted(apkFileNames))+currentDate)
"""
logger = Logger.getLogger(__name__)
apkNames = [os.path.basename(apkFile) for apkFile in apkFiles]
strApkNames = ''.join(sorted(apkNames))
logger.warning(strApkNames)
currentDate = str(int(round(time.time() * 1000)))
# builds an IDXP (md5(apkFile+currentDate))
idXp = str(hashlib.md5(strApkNames+currentDate).hexdigest())
logger.debug("ID Experiment: {0} (based on {1} and {2})".format(idXp, strApkNames, currentDate))
return idXp
def __init__(self, mainConfiguration, reportingConfiguration):
self._logger = Logger.getLogger(__name__)
self.mainConfiguration = mainConfiguration
self.reportingConfiguration = reportingConfiguration
self.reporter = Reporter(self.reportingConfiguration)
def __init__(self, es):
self.es = es
self._logger = Logger.getLogger(__name__)
def executeExperiment(args):
"""
Executes the analysis for an application.
The analysis depends of the scenario the user as defined in configuration.
"""
logger = Logger.getLogger(__name__)
(listOfAPKs, iEmulator, mainConfiguration, analysisConfiguration, reportingConfiguration) = args
reporter = Reporter(reportingConfiguration)
logger.warning("Execute experiment with scenario: [{0}]".format(', '.join(analysisConfiguration.scenario)))
# When you play with emulators, you can modify this variable to sleep a bit longer.
# Default has to be >1
SLEEP_FACTOR=1
if mainConfiguration.typeOfDevice == 'emulated':
SLEEP_FACTOR = 10
if SLEEP_FACTOR < 1:
raise Exception("SLEEP_FACTOR variable cannot be less than 1.")
while True:
# Pick one APK to analyse
try:
apkToAnalyze = listOfAPKs.get() # 0xFFFF
logger.info("APK to analyze : {0}".format(apkToAnalyze))
# Build the identifier experiment
idXp = Analysis.generateIdXp([apkToAnalyze])
# Build the emulator name
if mainConfiguration.typeOfDevice=='emulated':
emulatorName = "Emulator_{0}".format(iEmulator)
else:
emulatorName = mainConfiguration.deviceId
# Create a new report for this analysis
logger.debug("Create report.")
Analysis.createReport(reporter, idXp, emulatorName, "unknown", apkToAnalyze, "automatic", None)
# Execute static analysis
logger.debug("Executing the Static Analysis")
staticAnalysis = StaticAnalysis(apkToAnalyze, mainConfiguration, reporter, idXp)
staticAnalysis.execute()
logger.info(staticAnalysis)
# Create the emulator
device = Analysis.createDevice(iEmulator, emulatorName, mainConfiguration, analysisConfiguration.backupDirectory)
if device is None:
raise Exception("Something has prevented the creation of an device.")
# Starts the device
Analysis.reportEvent(reporter, idXp, "Emulator", "start")
device.start()
# Install et execute preparation applications
if mainConfiguration.typeOfDevice=='emulated':
for prepareAPK in analysisConfiguration.prepareAPKs:
Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", prepareAPK)
device.installAPK(prepareAPK)
# Execute preparation applications
for prepareAPK in analysisConfiguration.prepareAPKs:
Analysis.reportEvent(reporter, idXp, "Emulator", "startActivity", os.path.basename(prepareAPK)[:-4])
device.startActivity(os.path.basename(prepareAPK)[:-4])
# Writes the experiment configuration on the device
Analysis.reportEvent(reporter, idXp, "Emulator", "writeConfiguration")
Analysis.writeConfigurationOnEmulator(device, idXp, reportingConfiguration)
if mainConfiguration.typeOfDevice=='emulated':
sleepDuration = 30
logger.debug("Waiting {0} seconds for the device to prepare...".format(sleepDuration))
time.sleep(sleepDuration)
# Install the targeted application
Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", apkToAnalyze)
device.installAPK(apkToAnalyze)
time.sleep(5*SLEEP_FACTOR/5)
# We then follow the scenario user has filled in configuration
for order in analysisConfiguration.scenario:
if "execute" == order:
Analysis.reportEvent(reporter, idXp, "Emulator", "Launching main activity", staticAnalysis.mainActivity)
logger.info("Starting main activity: {0}".format(staticAnalysis.mainActivity))
device.startActivityFromPackage(staticAnalysis.packageName, staticAnalysis.mainActivity)
time.sleep(5*SLEEP_FACTOR)
elif "stimulate" == order:
Analysis.reportEvent(reporter, idXp, "Emulator", "Stimulating package with monkey", staticAnalysis.packageName)
logger.info("Stimulating with monkey: {0}".format(staticAnalysis.packageName))
device.stimulateWithMonkey(staticAnalysis.packageName)
time.sleep(10*SLEEP_FACTOR)
elif "externalStimulation" == order:
Analysis.reportEvent(reporter, idXp, "Emulator", "Stimulating phone with external conditions")
logger.info("Stimulating phone with external conditions...")
externalStimulation = TelnetEmulation(reporter, idXp, device)
externalStimulation.start()
time.sleep(10*SLEEP_FACTOR)
elif "reboot" == order:
Analysis.reportEvent(reporter, idXp, "Emulator", "Rebooting device")
logger.info("Rebooting device.")
device.reboot()
time.sleep(5*SLEEP_FACTOR)
Analysis.reportEvent(reporter, idXp, "Emulator", "Finished analysis", apkToAnalyze)
logger.info("Analysis of APK {0} has been finished.")
Analysis.reportEvent(reporter, idXp, "Emulator", "closed")
device.stop()
except KeyboardInterrupt:
pass
except Exception, e:
logger.error("Exception while executing an experiment : {0}".format(e))
tb = traceback.format_exc()
logger.error(tb)
try:
device.stop()
except Exception:
logger.error("Cannot stop the AVD.")
def __init__(self, commandLineParser):
super(AutomaticAnalysis, self).__init__(MainConfiguration.build(commandLineParser), ReportingConfiguration.build(commandLineParser))
self._logger = Logger.getLogger(__name__)
self.analysisConfiguration = self.__prepareAnalysis(commandLineParser)
def __init__(self, apkToAnalyze, mainConfiguration, reporter, idXp):
self._logger = Logger.getLogger(__name__)
self.apkToAnalyze = os.path.abspath(apkToAnalyze)
self.androguardPath = mainConfiguration.androguardPath
self.reporter = reporter
self.idXp = idXp
#| Standard library imports
#+---------------------------------------------------------------------------+
import sys
import pygeoip
#+---------------------------------------------------------------------------+
#| Local imports
#+---------------------------------------------------------------------------+
from hooker_common import Logger
from hooker_common.elasticsearch.Es import Es
from hooker_common.elasticsearch.EsInterrogator import EsInterrogator
#ES_IP = "192.168.0.16"
ES_IP = "127.0.0.1"
ES_PORT = 9200
logger = Logger.getLogger(__name__)
def eventToString(event):
result = []
result.append("Event {0}".format(event.HookerName))
result.append("ClassName: {0}".format(event.ClassName))
result.append("MethodName: {0}".format(event.MethodName))
result.append("InstanceID: {0}".format(event.InstanceID))
if event.Parameters is not None and len(event.Parameters) > 0:
result.append("Parameters:")
for parameter in event.Parameters:
if parameter is not None and "ParameterType" in parameter.keys(
) and "ParameterValue" in parameter.keys():
result.append("- {0} ({1})".format(parameter["ParameterValue"],
#+---------------------------------------------------------------------------+
#| Standard library imports
#+---------------------------------------------------------------------------+
import pygeoip
#+---------------------------------------------------------------------------+
#| Local imports
#+---------------------------------------------------------------------------+
from hooker_common import Logger
from hooker_common.elasticsearch.Es import Es
from hooker_common.elasticsearch.EsInterrogator import EsInterrogator
#ES_IP = "192.168.0.16"
ES_IP = "127.0.0.1"
ES_PORT = 9200
logger = Logger.getLogger(__name__)
def eventToString(event):
result = []
result.append("Event {0}".format(event.HookerName))
result.append("ClassName: {0}".format(event.ClassName))
result.append("MethodName: {0}".format(event.MethodName))
result.append("InstanceID: {0}".format(event.InstanceID))
if event.Parameters is not None and len(event.Parameters) > 0:
result.append("Parameters:")
for parameter in event.Parameters:
if parameter is not None and "ParameterType" in parameter.keys() and "ParameterValue" in parameter.keys():
result.append("- {0} ({1})".format(parameter["ParameterValue"], parameter["ParameterType"]))
if event.Return is not None:
result.append("Return: {0}".format(event.Return))
def executeExperiment(args):
"""
Executes the analysis for an application.
The analysis depends of the scenario the user as defined in configuration.
"""
logger = Logger.getLogger(__name__)
(listOfAPKs, iEmulator, mainConfiguration, analysisConfiguration,
reportingConfiguration) = args
reporter = Reporter(reportingConfiguration)
logger.warning("Execute experiment with scenario: [{0}]".format(', '.join(
analysisConfiguration.scenario)))
while True:
# Pick one APK to analyse
try:
apkToAnalyze = listOfAPKs.get() # 0xFFFF
logger.info("APK to analyze : {0}".format(apkToAnalyze))
# Build the identifier experiment
idXp = Analysis.generateIdXp([apkToAnalyze])
# Build the emulator name
emulatorName = "Emulator_{0}".format(iEmulator)
# Create a new report for this analysis
logger.debug("Create report.")
Analysis.createReport(reporter, idXp, emulatorName, "unknown",
apkToAnalyze, "automatic", None)
# Execute static analysis
logger.debug("Executing the Static Analysis")
staticAnalysis = StaticAnalysis(apkToAnalyze, mainConfiguration,
reporter, idXp)
staticAnalysis.execute()
logger.info(staticAnalysis)
# Create the emulator
emulator = Analysis.createEmulator(iEmulator, emulatorName,
mainConfiguration)
if emulator is None:
raise Exception(
"Something has prevented the creation of an emulator.")
# Starts the emulator
Analysis.reportEvent(reporter, idXp, "Emulator", "start")
emulator.start()
# Install et execute preparation applications
for prepareAPK in analysisConfiguration.prepareAPKs:
Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK",
prepareAPK)
emulator.installAPK(prepareAPK)
# Execute preparation applications
for prepareAPK in analysisConfiguration.prepareAPKs:
Analysis.reportEvent(reporter, idXp, "Emulator",
"startActivity",
os.path.basename(prepareAPK)[:-4])
emulator.startActivity(os.path.basename(prepareAPK)[:-4])
# Writes the experiment configuration on the emulator
Analysis.reportEvent(reporter, idXp, "Emulator",
"writeConfiguration")
Analysis.writeConfigurationOnEmulator(emulator, idXp,
reportingConfiguration)
sleepDuration = 30
logger.debug(
"Waiting {0} seconds for the emulator to prepare...".format(
sleepDuration))
time.sleep(sleepDuration)
# Install the targeted application
Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK",
apkToAnalyze)
emulator.installAPK(apkToAnalyze)
time.sleep(5)
# We then follow the scenario user has filled in configuration
for order in analysisConfiguration.scenario:
if "execute" == order:
Analysis.reportEvent(reporter, idXp, "Emulator",
"Launching main activity",
staticAnalysis.mainActivity)
logger.info("Starting main activity: {0}".format(
staticAnalysis.mainActivity))
emulator.startActivityFromPackage(
staticAnalysis.packageName,
staticAnalysis.mainActivity)
time.sleep(60)
elif "stimulate" == order:
Analysis.reportEvent(reporter, idXp, "Emulator",
"Stimulating package with monkey",
staticAnalysis.packageName)
logger.info("Stimulating with monkey: {0}".format(
staticAnalysis.packageName))
emulator.stimulateWithMonkey(staticAnalysis.packageName)
time.sleep(80)
elif "externalStimulation" == order:
Analysis.reportEvent(
reporter, idXp, "Emulator",
"Stimulating phone with external conditions")
logger.info(
"Stimulating phone with external conditions...")
externalStimulation = TelnetEmulation(
reporter, idXp, emulator, iEmulator)
externalStimulation.start()
time.sleep(30)
elif "reboot" == order:
Analysis.reportEvent(reporter, idXp, "Emulator",
"Rebooting emulator")
logger.info("Rebooting emulator.")
emulator.rebootAVD()
time.sleep(100)
Analysis.reportEvent(reporter, idXp, "Emulator",
"Finished analysis", apkToAnalyze)
logger.info("Analysis of APK {0} has been finished.")
Analysis.reportEvent(reporter, idXp, "Emulator", "closed")
emulator.stopAVD()
except KeyboardInterrupt:
pass
except Exception, e:
logger.error(
"Exception while executing an experiment : {0}".format(e))
tb = traceback.format_exc()
logger.error(tb)
try:
emulator.stopAVD()
except Exception:
logger.error("Cannot stop the AVD.")
def __init__(self, mainConfiguration, reportingConfiguration):
self._logger = Logger.getLogger(__name__)
self.mainConfiguration = mainConfiguration
self.reportingConfiguration = reportingConfiguration
self.reporter = Reporter(self.reportingConfiguration)
def __init__(self, apkToAnalyze, mainConfiguration, reporter, idXp):
self._logger = Logger.getLogger(__name__)
self.apkToAnalyze = os.path.abspath(apkToAnalyze)
self.androguardPath = mainConfiguration.androguardPath
self.reporter = reporter
self.idXp = idXp
def __init__(self, es):
self.es = es
self._logger = Logger.getLogger(__name__)
def executeExperiment(args):
"""
Executes the analysis for an application.
The analysis depends of the scenario the user as defined in configuration.
"""
logger = Logger.getLogger(__name__)
(listOfAPKs, iEmulator, mainConfiguration, analysisConfiguration,
reportingConfiguration) = args
reporter = Reporter(reportingConfiguration)
logger.warning("Execute experiment with scenario: [{0}]".format(', '.join(
analysisConfiguration.scenario)))
# When you play with emulators, you can modify this variable to sleep a bit longer.
# Default has to be >1
SLEEP_FACTOR = 1
if mainConfiguration.typeOfDevice == 'emulated':
SLEEP_FACTOR = 5
if SLEEP_FACTOR < 1:
raise Exception("SLEEP_FACTOR variable cannot be less than 1.")
while True:
# Pick one APK to analyse
try:
apkToAnalyze = listOfAPKs.get() # 0xFFFF
logger.info("APK to analyze : {0}".format(apkToAnalyze))
# Build the identifier experiment
idXp = Analysis.generateIdXp([apkToAnalyze])
# Build the emulator name
if mainConfiguration.typeOfDevice == 'emulated':
emulatorName = "Emulator_{0}".format(iEmulator)
else:
emulatorName = mainConfiguration.deviceId
# Create a new report for this analysis
logger.debug("Create report.")
Analysis.createReport(reporter, idXp, emulatorName, "unknown",
apkToAnalyze, "automatic",
mainConfiguration.name)
# Execute static analysis
logger.debug("Executing the Static Analysis")
staticAnalysis = StaticAnalysis(apkToAnalyze, mainConfiguration,
reporter, idXp)
staticAnalysis.execute()
logger.info(staticAnalysis)
# Create the emulator
if mainConfiguration.typeOfDevice == 'emulated':
device = Analysis.createEmulator(iEmulator,
emulatorName,
mainConfiguration,
analysisType="automatic")
else:
device = Analysis.createDevice(
iEmulator,
mainConfiguration.deviceId,
mainConfiguration,
analysisConfiguration.backupDirectory,
analysisType="automatic")
if device is None:
raise Exception(
"Something has prevented the creation of an device.")
# Starts the device
Analysis.reportEvent(reporter, idXp, emulatorName, "Start device")
device.start()
# Install et execute preparation applications
if mainConfiguration.typeOfDevice == 'emulated':
for prepareAPK in analysisConfiguration.prepareAPKs:
Analysis.reportEvent(reporter, idXp, emulatorName,
"Install preparation APK", prepareAPK)
device.installAPK(prepareAPK)
# Execute preparation applications
for prepareAPK in analysisConfiguration.prepareAPKs:
Analysis.reportEvent(reporter, idXp, emulatorName,
"Start activity",
os.path.basename(prepareAPK)[:-4])
device.startActivity(os.path.basename(prepareAPK)[:-4])
# Writes the experiment configuration on the device
Analysis.reportEvent(reporter, idXp, emulatorName,
"Write configuration file")
Analysis.writeConfigurationOnEmulator(device, idXp,
reportingConfiguration)
if mainConfiguration.typeOfDevice == 'emulated':
sleepDuration = 30
logger.debug(
"Waiting {0} seconds for the device to prepare...".format(
sleepDuration))
time.sleep(sleepDuration)
# Install the targeted application
Analysis.reportEvent(reporter, idXp, emulatorName,
"Install target APK", apkToAnalyze)
device.installAPK(apkToAnalyze)
time.sleep(5 * SLEEP_FACTOR / 5)
# We then follow the scenario user has filled in configuration
for order in analysisConfiguration.scenario:
if "execute" == order:
Analysis.reportEvent(reporter, idXp, emulatorName,
"Launching main activity",
staticAnalysis.mainActivity)
logger.info("Starting main activity: {0}".format(
staticAnalysis.mainActivity))
device.startActivityFromPackage(
staticAnalysis.packageName,
staticAnalysis.mainActivity)
time.sleep(5 * SLEEP_FACTOR)
elif "stimulate" == order:
Analysis.reportEvent(reporter, idXp, emulatorName,
"Stimulating package with monkey",
staticAnalysis.packageName)
logger.info("Stimulating with monkey: {0}".format(
staticAnalysis.packageName))
device.stimulateWithMonkey(staticAnalysis.packageName)
time.sleep(10 * SLEEP_FACTOR)
elif "externalStimulation" == order:
Analysis.reportEvent(
reporter, idXp, emulatorName,
"Stimulating phone with external conditions")
logger.info(
"Stimulating phone with external conditions...")
externalStimulation = TelnetEmulation(
reporter, idXp, device)
externalStimulation.start()
time.sleep(10 * SLEEP_FACTOR)
elif "reboot" == order:
Analysis.reportEvent(reporter, idXp, emulatorName,
"Rebooting device")
logger.info("Rebooting device.")
device.reboot()
time.sleep(5 * SLEEP_FACTOR)
Analysis.reportEvent(reporter, idXp, emulatorName,
"Analysis has finished", apkToAnalyze)
logger.info("Analysis of APK {0} has been finished.")
Analysis.reportEvent(reporter, idXp, emulatorName,
"Emulator closed")
device.stop()
except KeyboardInterrupt:
logger.debug("Keyboard interrupt caught\n")
# Try to stop device if necessary
if device is not None:
device.stop()
break
except Exception, e:
logger.error(
"Exception while executing an experiment : {0}".format(e))
tb = traceback.format_exc()
logger.error(tb)
try:
device.stop()
except Exception:
logger.error("Cannot stop the AVD, quitting experience.")
break
def executeAsyncCommand(commandAndArgs):
logger = Logger.getLogger(__name__)
logger.debug("Executing Asynchronous command {0}".format(commandAndArgs))
return subprocess.Popen(commandAndArgs, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
def __init__(self, reportingConfiguration):
self._logger = Logger.getLogger(__name__)
self.reportingConfiguration = reportingConfiguration
self.__initializeReporters()
if self.reportingConfiguration.elasticsearchMode:
self.esInterrogator = EsInterrogator(self.es)
def executeExperiment(args):
"""
Executes the analysis for an application.
The analysis depends of the scenario the user as defined in configuration.
"""
logger = Logger.getLogger(__name__)
(listOfAPKs, iEmulator, mainConfiguration, analysisConfiguration, reportingConfiguration) = args
reporter = Reporter(reportingConfiguration)
logger.warning("Execute experiment with scenario: [{0}]".format(', '.join(analysisConfiguration.scenario)))
while True:
# Pick one APK to analyse
try:
apkToAnalyze = listOfAPKs.get() # 0xFFFF
logger.info("APK to analyze : {0}".format(apkToAnalyze))
# Build the identifier experiment
idXp = Analysis.generateIdXp([apkToAnalyze])
# Build the emulator name
emulatorName = "Emulator_{0}".format(iEmulator)
# Create a new report for this analysis
logger.debug("Create report.")
Analysis.createReport(reporter, idXp, emulatorName, "unknown", apkToAnalyze, "automatic", None)
# Execute static analysis
logger.debug("Executing the Static Analysis")
staticAnalysis = StaticAnalysis(apkToAnalyze, mainConfiguration, reporter, idXp)
staticAnalysis.execute()
logger.info(staticAnalysis)
# Create the emulator
emulator = Analysis.createEmulator(iEmulator, emulatorName, mainConfiguration)
if emulator is None:
raise Exception("Something has prevented the creation of an emulator.")
# Starts the emulator
Analysis.reportEvent(reporter, idXp, "Emulator", "start")
emulator.start()
# Install et execute preparation applications
for prepareAPK in analysisConfiguration.prepareAPKs:
Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", prepareAPK)
emulator.installAPK(prepareAPK)
# Execute preparation applications
for prepareAPK in analysisConfiguration.prepareAPKs:
Analysis.reportEvent(reporter, idXp, "Emulator", "startActivity", os.path.basename(prepareAPK)[:-4])
emulator.startActivity(os.path.basename(prepareAPK)[:-4])
# Writes the experiment configuration on the emulator
Analysis.reportEvent(reporter, idXp, "Emulator", "writeConfiguration")
Analysis.writeConfigurationOnEmulator(emulator, idXp, reportingConfiguration)
sleepDuration = 30
logger.debug("Waiting {0} seconds for the emulator to prepare...".format(sleepDuration))
time.sleep(sleepDuration)
# Install the targeted application
Analysis.reportEvent(reporter, idXp, "Emulator", "installAPK", apkToAnalyze)
emulator.installAPK(apkToAnalyze)
time.sleep(5)
# We then follow the scenario user has filled in configuration
for order in analysisConfiguration.scenario:
if "execute" == order:
Analysis.reportEvent(reporter, idXp, "Emulator", "Launching main activity", staticAnalysis.mainActivity)
logger.info("Starting main activity: {0}".format(staticAnalysis.mainActivity))
emulator.startActivityFromPackage(staticAnalysis.packageName, staticAnalysis.mainActivity)
time.sleep(60)
elif "stimulate" == order:
Analysis.reportEvent(reporter, idXp, "Emulator", "Stimulating package with monkey", staticAnalysis.packageName)
logger.info("Stimulating with monkey: {0}".format(staticAnalysis.packageName))
emulator.stimulateWithMonkey(staticAnalysis.packageName)
time.sleep(80)
elif "externalStimulation" == order:
Analysis.reportEvent(reporter, idXp, "Emulator", "Stimulating phone with external conditions")
logger.info("Stimulating phone with external conditions...")
externalStimulation = TelnetEmulation(reporter, idXp, emulator, iEmulator)
externalStimulation.start()
time.sleep(30)
elif "reboot" == order:
Analysis.reportEvent(reporter, idXp, "Emulator", "Rebooting emulator")
logger.info("Rebooting emulator.")
emulator.rebootAVD()
time.sleep(100)
Analysis.reportEvent(reporter, idXp, "Emulator", "Finished analysis", apkToAnalyze)
logger.info("Analysis of APK {0} has been finished.")
Analysis.reportEvent(reporter, idXp, "Emulator", "closed")
emulator.stopAVD()
except KeyboardInterrupt:
pass
except Exception, e:
logger.error("Exception while executing an experiment : {0}".format(e))
tb = traceback.format_exc()
logger.error(tb)
try:
emulator.stopAVD()
except Exception:
logger.error("Cannot stop the AVD.")
