def get_result_plugins(self):
# Get result of plugins i.e. Frida Hooks
session = Database.get_session()
counter = 0
for i in range(len(self.plugins)):
# Name of plugin
clazzName = list(self.plugins[i].__dict__.keys())[11]
# Get plugin's class
clazz = self.plugins[i].__getattribute__(clazzName)
query = session.query(clazz).filter(
clazz.application_id == self.current_application.id)
resultQuery = query.all()
clazzDict = clazz.__dict__
keys = list(clazzDict.keys())
pluginList = []
for plugin in query:
attributesDict = {}
for key in keys:
if not key.startswith('_'):
attributesDict[key] = plugin.__getattribute__(key)
if len(attributesDict) != 0:
pluginList.append(attributesDict)
if len(pluginList) != 0:
self.renderPlugins[clazzName] = pluginList
def analyse_sample(self, apk_path):
'''
Analyze the given apk
:param apk_path:
:return:
'''
logging.debug("Core:analyse_sample()")
self.current_application = Application.Application(apk_path)
if not self.check_apk_is_valid():
logging.error(
f"The apk architecture and the device architecture ({self.device.get_device_arch()}) doesn't match for application : {self.current_application.filename}"
)
return
# Database storing
session = Database.get_session()
self.analysis.application.append(self.current_application)
session.add(self.current_application)
session.commit()
logging.info(f"Package name: {self.current_application.package}")
logging.info(
f"Main activity: {self.current_application.get_main_activity()}")
logging.info(f"Path : {self.current_application.path}")
logging.info(f"SHA256 : {self.current_application.get_sha256_hash()}")
time_init = time.time()
module = self.module(self.current_application, self.plugins)
try:
if (self.device.type == "Physical"
and self.current_application.package
in self.device.list_third_party()):
self.device.uninstall_application(
self.current_application.package)
self.device.install_application(self.current_application.path)
self.start_receivers(module)
current_time = 0
while current_time < self.timeout or self.module.stop == False or (
self.timeout == -1 and self.device.check_is_up()):
current_time = time.time() - time_init
logging.debug(current_time)
time.sleep(1)
self.stop_receivers()
if (self.timeout != -1):
self.device.uninstall_application(
self.current_application.package)
except Exception as e:
self.device.uninstall_application(self.current_application.package)
self.stop_receivers()
print(e)
def __init__(self, configuration, device: Device, module, path: str):
self.configuration = configuration
self.device = device
self.path = path
self.module = module
self.session = None
self.timeout = int(configuration['ANALYSIS'].get('analysis_timeout'))
self.plugins = self.load_plugins()
# Object used by the core
self.current_application = None
self.receivers = []
# Database initialisation
session = Database.get_session()
self.analysis = Analysis(uuid=str(uuid.uuid4()), date=datetime.now())
session.add(self.analysis)
session.commit()
def analyse_sample(self, apk_path):
'''
Analyze the given apk
:param apk_path:
:return:
'''
logging.debug("Core:analyse_sample()")
self.current_application = Application.Application(apk_path)
# Database storing
session = Database.get_session()
self.analysis.application.append(self.current_application)
session.add(self.current_application)
session.commit()
logging.info(f"Package name: {self.current_application.package}")
logging.info(
f"Main activity: {self.current_application.get_main_activity()}")
logging.info(f"Path : {self.current_application.path}")
logging.info(f"SHA256 : {self.current_application.get_sha256_hash()}")
time_init = time.time()
module = self.module(self.current_application, self.plugins)
if (self.device.type == "Physical"):
self.device.uninstall_application(self.current_application.package)
self.device.install_application(self.current_application.path)
self.start_receivers(module)
current_time = 0
while current_time < self.timeout or self.module.stop == False or (
self.timeout == -1 and self.device.check_is_up()):
current_time = time.time() - time_init
logging.debug(current_time)
time.sleep(1)
self.stop_receivers()
if (self.timeout != -1):
self.device.uninstall_application(self.current_application.package)
def get_result_plugins(self):
# Get result of plugins i.e. Frida Hooks
session = Database.get_session()
for i in range(len(self.plugins)):
# if there is an instance of the plugin in the database
# logging.error(self.plugins[i].__dict__)
if "Database" in list(self.plugins[i].__dict__.keys()):
# Name of plugin
pluginName = list(self.plugins[i].__dict__.keys())[11]
# Get plugin's class
clazz = self.plugins[i].__getattribute__(pluginName)
# Get plugins for all apps that were analyzed
str_filter = "application_id"
for i in range(len(self.app_ids)):
if i == len(self.app_ids) - 1:
str_filter += f"=={self.app_ids[i]}"
else:
str_filter += f"=={self.app_ids[i]} or application_id"
# query = session.query(clazz).filter(clazz.application_id==self.current_application.id)
query = session.query(clazz).filter(text(str_filter))
resultQuery = query.all()
clazzDict = clazz.__dict__
keys = list(clazzDict.keys())
pluginList = []
for plugin in query:
attributesDict = {}
for key in keys:
if not key.startswith('_'):
attributesDict[key] = plugin.__getattribute__(key)
if len(attributesDict) != 0:
pluginList.append(attributesDict)
if len(pluginList) != 0:
self.renderPlugins[pluginName] = pluginList
def analyse_sample(self, apk_path):
'''
Analyze the given apk
:param apk_path:
:return:
'''
logging.debug("Core:analyse_sample()")
self.current_application = Application.Application(apk_path)
if not self.check_apk_is_valid():
logging.error(
f"The apk architecture and the device architecture ({self.device.get_device_arch()}) doesn't match for application : {self.current_application.filename}"
)
return
# Database storing
session = Database.get_session()
self.analysis.application.append(self.current_application)
session.add(self.current_application)
session.commit()
self.app_ids.append(self.current_application.id)
logging.info(f"Package name: {self.current_application.package}")
logging.info(
f"Main activity: {self.current_application.get_main_activity()}")
logging.info(f"Path : {self.current_application.path}")
logging.info(f"SHA256 : {self.current_application.get_sha256_hash()}")
logging.info(
f"Accessibility services : {self.current_application.get_accessibility_services()}"
)
logging.info(
f"Administrator receivers : {self.current_application.get_administrator_receivers()}"
)
logging.info(
f"Permissions : {self.current_application.get_permissions()}")
time_init = time.time()
module = self.module(self.device, self.current_application,
self.plugins)
try:
if (self.device.type == "Physical"
and self.current_application.package
in self.device.list_third_party()):
self.device.uninstall_application(
self.current_application.package)
self.device.install_application(
self.current_application.path,
self.configuration['ANALYSIS'].getboolean(
'auto_grant_permissions'))
self.start_receivers(module)
# Automatically enable accessibility services of an application
if (self.configuration['ANALYSIS'].getboolean(
'auto_grant_accessibility')):
self.device.enable_accessibility_services(
self.current_application)
current_time = 0
while current_time < self.timeout or self.module.stop == False or (
self.timeout == -1 and self.device.check_is_up()):
current_time = time.time() - time_init
logging.debug(f"{int(current_time)}/{self.timeout} seconds")
time.sleep(1)
self.stop_receivers()
# pulling the internal files if the options is choosed
if (self.configuration['ANALYSIS'].getboolean("pull_files")):
self.device.pull_application_internal_files(
self.current_application.package,
f"{self.report_path}/{self.current_application.package}_{self.current_application.get_sha256_hash()}"
)
if (self.timeout != -1):
self.device.uninstall_application(
self.current_application.package)
except Exception as e:
logging.error(e)
self.device.uninstall_application(self.current_application.package)
self.stop_receivers()