def get_context_from_db_entry_ios(db_entry):
"""Return the context for IOS ZIP from DB"""
try:
print "\n[INFO] Analysis is already Done. Fetching data from the DB..."
context = {
'title': db_entry[0].TITLE,
'name': db_entry[0].APPNAMEX,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'plist': db_entry[0].INFOPLIST,
'bin_name': db_entry[0].BINNAME,
'id': db_entry[0].IDF,
'ver': db_entry[0].VERSION,
'sdk': db_entry[0].SDK,
'pltfm': db_entry[0].PLTFM,
'min': db_entry[0].MINX,
'files': python_list(db_entry[0].FILES),
'file_analysis': db_entry[0].SFILESX,
'api': python_dict(db_entry[0].API),
'insecure': python_dict(db_entry[0].CODEANAL),
'urls': python_list(db_entry[0].URLnFile),
'domains': python_dict(db_entry[0].DOMAINS),
'emails': python_list(db_entry[0].EmailnFile),
'permissions': python_list(db_entry[0].PERMISSIONS),
'insecure_connections': python_list(db_entry[0].INSECCON)
}
return context
except:
PrintException("[ERROR] Fetching from DB")
def get_context_from_db_entry_ios(db_entry):
"""Return the context for IOS ZIP from DB"""
try:
print(
"\n[INFO] Analysis is already Done. Fetching data from the DB...")
context = {
'title': db_entry[0].TITLE,
'name': db_entry[0].APPNAMEX,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'plist': db_entry[0].INFOPLIST,
'bin_name': db_entry[0].BINNAME,
'id': db_entry[0].IDF,
'ver': db_entry[0].VERSION,
'sdk': db_entry[0].SDK,
'pltfm': db_entry[0].PLTFM,
'min': db_entry[0].MINX,
'files': python_list(db_entry[0].FILES),
'file_analysis': db_entry[0].SFILESX,
'api': python_dict(db_entry[0].API),
'insecure': python_dict(db_entry[0].CODEANAL),
'urls': python_list(db_entry[0].URLnFile),
'domains': python_dict(db_entry[0].DOMAINS),
'emails': python_list(db_entry[0].EmailnFile),
'permissions': python_list(db_entry[0].PERMISSIONS),
'insecure_connections': python_list(db_entry[0].INSECCON)
}
return context
except:
PrintException("[ERROR] Fetching from DB")
def get_context_from_db_entry(db_entry):
"""Return the context for APK/ZIP from DB"""
try:
print "\n[INFO] Analysis is already Done. Fetching data from the DB..."
context = {
'title': db_entry[0].TITLE,
'name': db_entry[0].APP_NAME,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'packagename': db_entry[0].PACKAGENAME,
'mainactivity': db_entry[0].MAINACTIVITY,
'targetsdk': db_entry[0].TARGET_SDK,
'maxsdk': db_entry[0].MAX_SDK,
'minsdk': db_entry[0].MIN_SDK,
'androvername': db_entry[0].ANDROVERNAME,
'androver': db_entry[0].ANDROVER,
'manifest': python_list(db_entry[0].MANIFEST_ANAL),
'permissions': python_dict(db_entry[0].PERMISSIONS),
'binary_analysis': python_list(db_entry[0].BIN_ANALYSIS),
'files': python_list(db_entry[0].FILES),
'certz': db_entry[0].CERTZ,
'activities': python_list(db_entry[0].ACTIVITIES),
'receivers': python_list(db_entry[0].RECEIVERS),
'providers': python_list(db_entry[0].PROVIDERS),
'services': python_list(db_entry[0].SERVICES),
'libraries': python_list(db_entry[0].LIBRARIES),
'browsable_activities': python_dict(db_entry[0].BROWSABLE),
'act_count': db_entry[0].CNT_ACT,
'prov_count': db_entry[0].CNT_PRO,
'serv_count': db_entry[0].CNT_SER,
'bro_count': db_entry[0].CNT_BRO,
'certinfo': db_entry[0].CERT_INFO,
'issued': db_entry[0].ISSUED,
'native': db_entry[0].NATIVE,
'dynamic': db_entry[0].DYNAMIC,
'reflection': db_entry[0].REFLECT,
'crypto': db_entry[0].CRYPTO,
'obfus': db_entry[0].OBFUS,
'api': db_entry[0].API,
'dang': db_entry[0].DANG,
'urls': db_entry[0].URLS,
'domains': python_dict(db_entry[0].DOMAINS),
'emails': db_entry[0].EMAILS,
'strings': python_list(db_entry[0].STRINGS),
'zipped': db_entry[0].ZIPPED,
'mani': db_entry[0].MANI,
'e_act': db_entry[0].E_ACT,
'e_ser': db_entry[0].E_SER,
'e_bro': db_entry[0].E_BRO,
'e_cnt': db_entry[0].E_CNT,
'apkid': python_dict(db_entry[0].APK_ID),
}
return context
except:
PrintException("[ERROR] Fetching from DB")
def get_context_from_db_entry(db_entry):
"""Return the context for APK/ZIP from DB"""
try:
print "\n[INFO] Analysis is already Done. Fetching data from the DB..."
context = {
'title': db_entry[0].TITLE,
'name': db_entry[0].APP_NAME,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'packagename': db_entry[0].PACKAGENAME,
'mainactivity': db_entry[0].MAINACTIVITY,
'targetsdk': db_entry[0].TARGET_SDK,
'maxsdk': db_entry[0].MAX_SDK,
'minsdk': db_entry[0].MIN_SDK,
'androvername': db_entry[0].ANDROVERNAME,
'androver': db_entry[0].ANDROVER,
'manifest': python_list(db_entry[0].MANIFEST_ANAL),
'permissions': python_dict(db_entry[0].PERMISSIONS),
'binary_analysis': python_list(db_entry[0].BIN_ANALYSIS),
'files': python_list(db_entry[0].FILES),
'certz': db_entry[0].CERTZ,
'activities': python_list(db_entry[0].ACTIVITIES),
'receivers': python_list(db_entry[0].RECEIVERS),
'providers': python_list(db_entry[0].PROVIDERS),
'services': python_list(db_entry[0].SERVICES),
'libraries': python_list(db_entry[0].LIBRARIES),
'browsable_activities': python_dict(db_entry[0].BROWSABLE),
'act_count': db_entry[0].CNT_ACT,
'prov_count': db_entry[0].CNT_PRO,
'serv_count': db_entry[0].CNT_SER,
'bro_count': db_entry[0].CNT_BRO,
'certinfo': db_entry[0].CERT_INFO,
'issued': db_entry[0].ISSUED,
'native': db_entry[0].NATIVE,
'dynamic': db_entry[0].DYNAMIC,
'reflection': db_entry[0].REFLECT,
'crypto': db_entry[0].CRYPTO,
'obfus': db_entry[0].OBFUS,
'api': db_entry[0].API,
'dang': db_entry[0].DANG,
'urls': db_entry[0].URLS,
'domains': python_dict(db_entry[0].DOMAINS),
'emails': db_entry[0].EMAILS,
'strings': python_list(db_entry[0].STRINGS),
'zipped': db_entry[0].ZIPPED,
'mani': db_entry[0].MANI,
'e_act': db_entry[0].E_ACT,
'e_ser': db_entry[0].E_SER,
'e_bro': db_entry[0].E_BRO,
'e_cnt': db_entry[0].E_CNT,
}
return context
except:
PrintException("[ERROR] Fetching from DB")
def get_context_from_db_entry(db_entry: QuerySet) -> dict:
"""Return the context for APK/ZIP from DB."""
try:
logger.info('Analysis is already Done. Fetching data from the DB...')
context = {
'version': settings.MOBSF_VER,
'title': 'Static Analysis',
'file_name': db_entry[0].FILE_NAME,
'app_name': db_entry[0].APP_NAME,
'app_type': db_entry[0].APP_TYPE,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'package_name': db_entry[0].PACKAGE_NAME,
'main_activity': db_entry[0].MAIN_ACTIVITY,
'exported_activities': db_entry[0].EXPORTED_ACTIVITIES,
'browsable_activities':
python_dict(db_entry[0].BROWSABLE_ACTIVITIES),
'activities': python_list(db_entry[0].ACTIVITIES),
'receivers': python_list(db_entry[0].RECEIVERS),
'providers': python_list(db_entry[0].PROVIDERS),
'services': python_list(db_entry[0].SERVICES),
'libraries': python_list(db_entry[0].LIBRARIES),
'target_sdk': db_entry[0].TARGET_SDK,
'max_sdk': db_entry[0].MAX_SDK,
'min_sdk': db_entry[0].MIN_SDK,
'version_name': db_entry[0].VERSION_NAME,
'version_code': db_entry[0].VERSION_CODE,
'icon_hidden': db_entry[0].ICON_HIDDEN,
'icon_found': db_entry[0].ICON_FOUND,
'permissions': python_dict(db_entry[0].PERMISSIONS),
'certificate_analysis':
python_dict(db_entry[0].CERTIFICATE_ANALYSIS),
'manifest_analysis': python_list(db_entry[0].MANIFEST_ANALYSIS),
'network_security': python_list(db_entry[0].NETWORK_SECURITY),
'binary_analysis': python_list(db_entry[0].BINARY_ANALYSIS),
'file_analysis': python_list(db_entry[0].FILE_ANALYSIS),
'android_api': python_dict(db_entry[0].ANDROID_API),
'code_analysis': python_dict(db_entry[0].CODE_ANALYSIS),
'urls': python_list(db_entry[0].URLS),
'domains': python_dict(db_entry[0].DOMAINS),
'emails': python_list(db_entry[0].EMAILS),
'strings': python_list(db_entry[0].STRINGS),
'firebase_urls': python_list(db_entry[0].FIREBASE_URLS),
'files': python_list(db_entry[0].FILES),
'exported_count': python_dict(db_entry[0].EXPORTED_COUNT),
'apkid': python_dict(db_entry[0].APKID),
'trackers': python_dict(db_entry[0].TRACKERS),
'playstore_details': python_dict(db_entry[0].PLAYSTORE_DETAILS),
'secrets': python_list(db_entry[0].SECRETS),
}
return context
except Exception:
logger.exception('Fetching from DB')
def get_context_from_db_entry(db_entry: QuerySet) -> dict:
"""Return the context for APK/ZIP from DB."""
try:
logger.info('Analysis is already Done. Fetching data from the DB...')
context = {
'title': db_entry[0].TITLE,
'name': db_entry[0].APP_NAME,
'real_name': db_entry[0].REAL_NAME,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'packagename': db_entry[0].PACKAGENAME,
'mainactivity': db_entry[0].MAINACTIVITY,
'targetsdk': db_entry[0].TARGET_SDK,
'maxsdk': db_entry[0].MAX_SDK,
'minsdk': db_entry[0].MIN_SDK,
'androvername': db_entry[0].ANDROVERNAME,
'androver': db_entry[0].ANDROVER,
'manifest': python_list(db_entry[0].MANIFEST_ANAL),
'permissions': python_dict(db_entry[0].PERMISSIONS),
'binary_analysis': python_list(db_entry[0].BIN_ANALYSIS),
'files': python_list(db_entry[0].FILES),
'certz': db_entry[0].CERTZ,
'icon_hidden': db_entry[0].ICON_HIDDEN,
'icon_found': db_entry[0].ICON_FOUND,
'activities': python_list(db_entry[0].ACTIVITIES),
'receivers': python_list(db_entry[0].RECEIVERS),
'providers': python_list(db_entry[0].PROVIDERS),
'services': python_list(db_entry[0].SERVICES),
'libraries': python_list(db_entry[0].LIBRARIES),
'browsable_activities': python_dict(db_entry[0].BROWSABLE),
'act_count': db_entry[0].CNT_ACT,
'prov_count': db_entry[0].CNT_PRO,
'serv_count': db_entry[0].CNT_SER,
'bro_count': db_entry[0].CNT_BRO,
'certinfo': db_entry[0].CERT_INFO,
'issued': db_entry[0].ISSUED,
'sha256Digest': db_entry[0].SHA256DIGEST,
'api': python_dict(db_entry[0].API),
'findings': python_dict(db_entry[0].DANG),
'urls': python_list(db_entry[0].URLS),
'domains': python_dict(db_entry[0].DOMAINS),
'emails': python_list(db_entry[0].EMAILS),
'strings': python_list(db_entry[0].STRINGS),
'zipped': db_entry[0].ZIPPED,
'mani': db_entry[0].MANI,
'e_act': db_entry[0].E_ACT,
'e_ser': db_entry[0].E_SER,
'e_bro': db_entry[0].E_BRO,
'e_cnt': db_entry[0].E_CNT,
'apkid': python_dict(db_entry[0].APK_ID),
'play_details': python_dict(db_entry[0].PLAY_DETAILS),
'firebase': python_list(db_entry[0].FIREBASE),
'trackers': python_dict(db_entry[0].TRACKERS),
}
return context
except Exception:
logger.exception('Fetching from DB')
def get_context_from_db_entry(db_entry):
"""Return the context for IPA/ZIP from DB."""
try:
logger.info('Analysis is already Done. Fetching data from the DB...')
context = {
'version': settings.MOBSF_VER,
'title': 'Static Analysis',
'file_name': db_entry[0].FILE_NAME,
'app_name': db_entry[0].APP_NAME,
'app_type': db_entry[0].APP_TYPE,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'build': db_entry[0].BUILD,
'app_version': db_entry[0].APP_VERSION,
'sdk_name': db_entry[0].SDK_NAME,
'platform': db_entry[0].PLATFORM,
'min_os_version': db_entry[0].MIN_OS_VERSION,
'bundle_id': db_entry[0].BUNDLE_ID,
'bundle_url_types': python_list(db_entry[0].BUNDLE_URL_TYPES),
'bundle_supported_platforms':
python_list(db_entry[0].BUNDLE_SUPPORTED_PLATFORMS),
'info_plist': db_entry[0].INFO_PLIST,
'binary_info': python_dict(db_entry[0].MACHO_INFO),
'permissions': python_list(db_entry[0].PERMISSIONS),
'ats_analysis': python_list(db_entry[0].ATS_ANALYSIS),
'binary_analysis': python_list(db_entry[0].BINARY_ANALYSIS),
'ios_api': python_dict(db_entry[0].IOS_API),
'code_analysis': python_dict(db_entry[0].CODE_ANALYSIS),
'file_analysis': python_list(db_entry[0].FILE_ANALYSIS),
'libraries': python_list(db_entry[0].LIBRARIES),
'files': python_list(db_entry[0].FILES),
'urls': python_list(db_entry[0].URLS),
'domains': python_dict(db_entry[0].DOMAINS),
'emails': python_list(db_entry[0].EMAILS),
'strings': python_list(db_entry[0].STRINGS),
'firebase_urls': python_list(db_entry[0].FIREBASE_URLS),
'appstore_details': python_dict(db_entry[0].APPSTORE_DETAILS),
}
return context
except Exception:
logger.exception('Fetching from DB')
def get_context_from_db_entry_ipa(db_entry):
"""Return the context for IPA from DB"""
try:
logger.info("Analysis is already Done. Fetching data from the DB...")
context = {
'title': db_entry[0].TITLE,
'file_name': db_entry[0].FILE_NAME,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'plist': db_entry[0].INFOPLIST,
'bin_name': db_entry[0].BINNAME,
'id': db_entry[0].IDF,
'build': db_entry[0].BUILD,
'version': db_entry[0].VERSION,
'sdk': db_entry[0].SDK,
'pltfm': db_entry[0].PLTFM,
'min': db_entry[0].MINX,
'bin_anal': python_list(db_entry[0].BIN_ANAL),
'libs': python_list(db_entry[0].LIBS),
'files': python_list(db_entry[0].FILES),
'file_analysis': python_list(db_entry[0].SFILESX),
'strings': python_list(db_entry[0].STRINGS),
'permissions': python_list(db_entry[0].PERMISSIONS),
'insecure_connections': python_list(db_entry[0].INSECCON),
'bundle_name': db_entry[0].BUNDLE_NAME,
'bundle_url_types': python_list(db_entry[0].BUNDLE_URL_TYPES),
'bundle_supported_platforms': python_list(db_entry[0].BUNDLE_SUPPORTED_PLATFORMS),
'bundle_localizations': python_list(db_entry[0].BUNDLE_LOCALIZATIONS),
'binary_info': python_dict(db_entry[0].MACHOINFO),
'bin_type': db_entry[0].BINTYPE,
'appstore_details': python_dict(db_entry[0].APPSTORE_DETAILS),
}
return context
except:
PrintException("Fetching from DB")
def get_context_from_db_entry_ipa(db_entry):
"""Return the context for IPA from DB"""
try:
logger.info("Analysis is already Done. Fetching data from the DB...")
context = {
'title': db_entry[0].TITLE,
'file_name': db_entry[0].FILE_NAME,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'plist': db_entry[0].INFOPLIST,
'bin_name': db_entry[0].BINNAME,
'id': db_entry[0].IDF,
'build': db_entry[0].BUILD,
'version': db_entry[0].VERSION,
'sdk': db_entry[0].SDK,
'pltfm': db_entry[0].PLTFM,
'min': db_entry[0].MINX,
'bin_anal': python_list(db_entry[0].BIN_ANAL),
'libs': python_list(db_entry[0].LIBS),
'files': python_list(db_entry[0].FILES),
'file_analysis': python_list(db_entry[0].SFILESX),
'strings': python_list(db_entry[0].STRINGS),
'permissions': python_list(db_entry[0].PERMISSIONS),
'insecure_connections': python_list(db_entry[0].INSECCON),
'bundle_name': db_entry[0].BUNDLE_NAME,
'bundle_url_types': python_list(db_entry[0].BUNDLE_URL_TYPES),
'bundle_supported_platforms': python_list(db_entry[0].BUNDLE_SUPPORTED_PLATFORMS),
'bundle_localizations': python_list(db_entry[0].BUNDLE_LOCALIZATIONS),
'binary_info': python_dict(db_entry[0].MACHOINFO),
'bin_type': db_entry[0].BINTYPE,
'appstore_details': python_dict(db_entry[0].APPSTORE_DETAILS),
}
return context
except:
PrintException("Fetching from DB")
def get_context_from_db_entry_ios(db_entry):
"""Return the context for IOS ZIP from DB"""
try:
print("\n[INFO] Analysis is already Done. Fetching data from the DB...")
context = {
'title': db_entry[0].TITLE,
'file_name': db_entry[0].FILE_NAME,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'plist': db_entry[0].INFOPLIST,
'bin_name': db_entry[0].BINNAME,
'id': db_entry[0].IDF,
'build': db_entry[0].BUILD,
'version': db_entry[0].VERSION,
'sdk': db_entry[0].SDK,
'pltfm': db_entry[0].PLTFM,
'min': db_entry[0].MINX,
'files': python_list(db_entry[0].FILES),
'file_analysis': db_entry[0].SFILESX,
'api': python_dict(db_entry[0].API),
'insecure': python_dict(db_entry[0].CODEANAL),
'urls': python_list(db_entry[0].URLnFile),
'domains': python_dict(db_entry[0].DOMAINS),
'emails': python_list(db_entry[0].EmailnFile),
'permissions': python_list(db_entry[0].PERMISSIONS),
'insecure_connections': python_list(db_entry[0].INSECCON),
'bundle_name': db_entry[0].BUNDLE_NAME,
'bundle_url_types': python_list(db_entry[0].BUNDLE_URL_TYPES),
'bundle_supported_platforms': python_list(db_entry[0].BUNDLE_SUPPORTED_PLATFORMS),
'bundle_localizations': python_list(db_entry[0].BUNDLE_LOCALIZATIONS),
}
return context
except:
PrintException("[ERROR] Fetching from DB")
def get_context_from_db_entry_ios(db_entry):
"""Return the context for IOS ZIP from DB"""
try:
print("\n[INFO] Analysis is already Done. Fetching data from the DB...")
context = {
'title': db_entry[0].TITLE,
'file_name': db_entry[0].FILE_NAME,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'plist': db_entry[0].INFOPLIST,
'bin_name': db_entry[0].BINNAME,
'id': db_entry[0].IDF,
'build': db_entry[0].BUILD,
'version': db_entry[0].VERSION,
'sdk': db_entry[0].SDK,
'pltfm': db_entry[0].PLTFM,
'min': db_entry[0].MINX,
'files': python_list(db_entry[0].FILES),
'file_analysis': python_list(db_entry[0].SFILESX),
'api': python_dict(db_entry[0].API),
'insecure': python_dict(db_entry[0].CODEANAL),
'urls': python_list(db_entry[0].URLnFile),
'domains': python_dict(db_entry[0].DOMAINS),
'emails': python_list(db_entry[0].EmailnFile),
'permissions': python_list(db_entry[0].PERMISSIONS),
'insecure_connections': python_list(db_entry[0].INSECCON),
'bundle_name': db_entry[0].BUNDLE_NAME,
'bundle_url_types': python_list(db_entry[0].BUNDLE_URL_TYPES),
'bundle_supported_platforms': python_list(db_entry[0].BUNDLE_SUPPORTED_PLATFORMS),
'bundle_localizations': python_list(db_entry[0].BUNDLE_LOCALIZATIONS),
}
return context
except:
PrintException("[ERROR] Fetching from DB")
def get_context_from_db_entry_zip(db_entry):
"""Get the context from an DB entry, zip type."""
print "\n[INFO] Analysis is already Done. Fetching data from the DB..."
context = {
'title' : db_entry[0].TITLE,
'name' : db_entry[0].APP_NAME,
'size' : db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1' : db_entry[0].SHA1,
'sha256' : db_entry[0].SHA256,
'packagename' : db_entry[0].PACKAGENAME,
'mainactivity' : db_entry[0].MAINACTIVITY,
'targetsdk' : db_entry[0].TARGET_SDK,
'maxsdk' : db_entry[0].MAX_SDK,
'minsdk' : db_entry[0].MIN_SDK,
'androvername' : db_entry[0].ANDROVERNAME,
'androver': db_entry[0].ANDROVER,
'manifest': db_entry[0].MANIFEST_ANAL,
'permissions' : db_entry[0].PERMISSIONS,
'files' : python_list(db_entry[0].FILES),
'certz' : db_entry[0].CERTZ,
'activities' : python_list(db_entry[0].ACTIVITIES),
'receivers' : python_list(db_entry[0].RECEIVERS),
'providers' : python_list(db_entry[0].PROVIDERS),
'services' : python_list(db_entry[0].SERVICES),
'libraries' : python_list(db_entry[0].LIBRARIES),
'act_count' : db_entry[0].CNT_ACT,
'prov_count' : db_entry[0].CNT_PRO,
'serv_count' : db_entry[0].CNT_SER,
'bro_count' : db_entry[0].CNT_BRO,
'native' : db_entry[0].NATIVE,
'dynamic' : db_entry[0].DYNAMIC,
'reflection' : db_entry[0].REFLECT,
'crypto': db_entry[0].CRYPTO,
'obfus': db_entry[0].OBFUS,
'api': db_entry[0].API,
'dang': db_entry[0].DANG,
'urls': db_entry[0].URLS,
'domains': python_dict(db_entry[0].DOMAINS),
'emails': db_entry[0].EMAILS,
'mani': db_entry[0].MANI,
'e_act': db_entry[0].E_ACT,
'e_ser': db_entry[0].E_SER,
'e_bro': db_entry[0].E_BRO,
'e_cnt': db_entry[0].E_CNT,
}
return context
def PDF(request):
try:
MD5 = request.GET['md5']
TYP = request.GET['type']
m = re.match('^[0-9a-f]{32}$', MD5)
if m:
if TYP in ['APK', 'ANDZIP']:
DB = StaticAnalyzerAndroid.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (Android)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APP_NAME,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'packagename': DB[0].PACKAGENAME,
'mainactivity': DB[0].MAINACTIVITY,
'targetsdk': DB[0].TARGET_SDK,
'maxsdk': DB[0].MAX_SDK,
'minsdk': DB[0].MIN_SDK,
'androvername': DB[0].ANDROVERNAME,
'androver': DB[0].ANDROVER,
'manifest': DB[0].MANIFEST_ANAL,
'permissions': DB[0].PERMISSIONS,
'files': python_list(DB[0].FILES),
'certz': DB[0].CERTZ,
'activities': python_list(DB[0].ACTIVITIES),
'receivers': python_list(DB[0].RECEIVERS),
'providers': python_list(DB[0].PROVIDERS),
'services': python_list(DB[0].SERVICES),
'libraries': python_list(DB[0].LIBRARIES),
'act_count': DB[0].CNT_ACT,
'prov_count': DB[0].CNT_PRO,
'serv_count': DB[0].CNT_SER,
'bro_count': DB[0].CNT_BRO,
'certinfo': DB[0].CERT_INFO,
'issued': DB[0].ISSUED,
'native': DB[0].NATIVE,
'dynamic': DB[0].DYNAMIC,
'reflection': DB[0].REFLECT,
'crypto': DB[0].CRYPTO,
'obfus': DB[0].OBFUS,
'api': DB[0].API,
'dang': DB[0].DANG,
'urls': DB[0].URLS,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EMAILS,
'strings': python_list(DB[0].STRINGS),
'zipped': DB[0].ZIPPED,
'mani': DB[0].MANI
}
if TYP == 'APK':
template = get_template("static_analysis_pdf.html")
else:
template = get_template("static_analysis_zip_pdf.html")
else:
return HttpResponse(
json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('IPA|IOSZIP', TYP):
if TYP == 'IPA':
DB = StaticAnalyzerIPA.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS IPA)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'strings': DB[0].STRINGS
}
template = get_template("ios_binary_analysis_pdf.html")
else:
return HttpResponse(
json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif TYP == 'IOSZIP':
DB = StaticAnalyzerIOSZIP.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS ZIP)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'api': DB[0].HTML,
'insecure': DB[0].CODEANAL,
'urls': DB[0].URLnFile,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EmailnFile
}
template = get_template("ios_source_analysis_pdf.html")
else:
return HttpResponse(
json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('APPX', TYP):
if TYP == 'APPX':
db_entry = StaticAnalyzerWindows.objects.filter( # pylint: disable-msg=E1101
MD5=MD5)
if db_entry.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (APPX)"
context = {
'title':
db_entry[0].TITLE,
'name':
db_entry[0].APP_NAME,
'pub_name':
db_entry[0].PUB_NAME,
'size':
db_entry[0].SIZE,
'md5':
db_entry[0].MD5,
'sha1':
db_entry[0].SHA1,
'sha256':
db_entry[0].SHA256,
'bin_name':
db_entry[0].BINNAME,
'version':
db_entry[0].VERSION,
'arch':
db_entry[0].ARCH,
'compiler_version':
db_entry[0].COMPILER_VERSION,
'visual_studio_version':
db_entry[0].VISUAL_STUDIO_VERSION,
'visual_studio_edition':
db_entry[0].VISUAL_STUDIO_EDITION,
'target_os':
db_entry[0].TARGET_OS,
'appx_dll_version':
db_entry[0].APPX_DLL_VERSION,
'proj_guid':
db_entry[0].PROJ_GUID,
'opti_tool':
db_entry[0].OPTI_TOOL,
'target_run':
db_entry[0].TARGET_RUN,
'files':
python_list(db_entry[0].FILES),
'strings':
db_entry[0].STRINGS,
'bin_an_results':
python_list(db_entry[0].BIN_AN_RESULTS),
'bin_an_warnings':
python_list(db_entry[0].BIN_AN_WARNINGS)
}
template = get_template(
"windows_binary_analysis_pdf.html")
else:
return HttpResponse(
json.dumps({"type": "Type is not Allowed"}),
content_type="application/json; charset=utf-8")
html = template.render(context)
result = StringIO()
pdf = pisa.pisaDocument(StringIO("{0}".format(
html.encode('utf-8'))),
result,
encoding='utf-8')
if not pdf.err:
return HttpResponse(result.getvalue(),
content_type='application/pdf')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponse(json.dumps({"md5": "Invalid MD5"}),
content_type="application/json; charset=utf-8")
except:
PrintException("[ERROR] PDF Report Generation Error")
return HttpResponseRedirect('/error/')
def StaticAnalyzer_iOS(request):
try:
# Input validation
print "[INFO] iOS Static Analysis Started"
TYP = request.GET['type']
RESCAN = str(request.GET.get('rescan', 0))
m = re.match('^[0-9a-f]{32}$', request.GET['checksum'])
if ((m) and (request.GET['name'].lower().endswith('.ipa')
or request.GET['name'].lower().endswith('.zip'))
and (TYP in ['ipa', 'ios'])):
DIR = settings.BASE_DIR # BASE DIR
APP_NAME = request.GET['name'] # APP ORGINAL NAME
MD5 = request.GET['checksum'] # MD5
APP_DIR = os.path.join(settings.UPLD_DIR,
MD5 + '/') # APP DIRECTORY
TOOLS_DIR = os.path.join(DIR,
'StaticAnalyzer/tools/mac/') # TOOLS DIR
if TYP == 'ipa':
# DB
DB = StaticAnalyzerIPA.objects.filter(MD5=MD5)
if DB.exists() and RESCAN == '0':
print "\n[INFO] Analysis is already Done. Fetching data from the DB..."
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'strings': DB[0].STRINGS,
}
else:
print "[INFO] iOS Binary (IPA) Analysis Started"
APP_FILE = MD5 + '.ipa' # NEW FILENAME
APP_PATH = APP_DIR + APP_FILE # APP PATH
BIN_DIR = os.path.join(APP_DIR, "Payload/")
# ANALYSIS BEGINS
SIZE = str(FileSize(APP_PATH)) + 'MB' # FILE SIZE
SHA1, SHA256 = HashGen(APP_PATH) # SHA1 & SHA256 HASHES
print "[INFO] Extracting IPA"
Unzip(APP_PATH, APP_DIR) # EXTRACT IPA
# Get Files, normalize + to x, and convert binary plist ->
# xml
FILES, SFILES = iOS_ListFiles(BIN_DIR, MD5, True, 'ipa')
INFO_PLIST, BIN_NAME, ID, VER, SDK, PLTFM, MIN, LIBS, BIN_ANAL, STRINGS = BinaryAnalysis(
BIN_DIR, TOOLS_DIR, APP_DIR)
# Saving to DB
print "\n[INFO] Connecting to DB"
if RESCAN == '1':
print "\n[INFO] Updating Database..."
StaticAnalyzerIPA.objects.filter(MD5=MD5).update(
TITLE='Static Analysis',
APPNAMEX=APP_NAME,
SIZE=SIZE,
MD5=MD5,
SHA1=SHA1,
SHA256=SHA256,
INFOPLIST=INFO_PLIST,
BINNAME=BIN_NAME,
IDF=ID,
VERSION=VER,
SDK=SDK,
PLTFM=PLTFM,
MINX=MIN,
BIN_ANAL=BIN_ANAL,
LIBS=LIBS,
FILES=FILES,
SFILESX=SFILES,
STRINGS=STRINGS)
elif RESCAN == '0':
print "\n[INFO] Saving to Database"
STATIC_DB = StaticAnalyzerIPA(TITLE='Static Analysis',
APPNAMEX=APP_NAME,
SIZE=SIZE,
MD5=MD5,
SHA1=SHA1,
SHA256=SHA256,
INFOPLIST=INFO_PLIST,
BINNAME=BIN_NAME,
IDF=ID,
VERSION=VER,
SDK=SDK,
PLTFM=PLTFM,
MINX=MIN,
BIN_ANAL=BIN_ANAL,
LIBS=LIBS,
FILES=FILES,
SFILESX=SFILES,
STRINGS=STRINGS)
STATIC_DB.save()
context = {
'title': 'Static Analysis',
'name': APP_NAME,
'size': SIZE,
'md5': MD5,
'sha1': SHA1,
'sha256': SHA256,
'plist': INFO_PLIST,
'bin_name': BIN_NAME,
'id': ID,
'ver': VER,
'sdk': SDK,
'pltfm': PLTFM,
'min': MIN,
'bin_anal': BIN_ANAL,
'libs': LIBS,
'files': FILES,
'file_analysis': SFILES,
'strings': STRINGS,
}
template = "static_analysis/ios_binary_analysis.html"
return render(request, template, context)
elif TYP == 'ios':
DB = StaticAnalyzerIOSZIP.objects.filter(MD5=MD5)
if DB.exists() and RESCAN == '0':
print "\n[INFO] Analysis is already Done. Fetching data from the DB..."
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'api': DB[0].HTML,
'insecure': DB[0].CODEANAL,
'urls': DB[0].URLnFile,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EmailnFile,
'strings': DB[0].STRINGS
}
else:
print "[INFO] iOS Source Code Analysis Started"
APP_FILE = MD5 + '.zip' # NEW FILENAME
APP_PATH = APP_DIR + APP_FILE # APP PATH
# ANALYSIS BEGINS - Already Unzipped
print "[INFO] ZIP Already Extracted"
SIZE = str(FileSize(APP_PATH)) + 'MB' # FILE SIZE
SHA1, SHA256 = HashGen(APP_PATH) # SHA1 & SHA256 HASHES
FILES, SFILES = iOS_ListFiles(APP_DIR, MD5, False, 'ios')
HTML, CODEANAL, URLnFile, DOMAINS, EmailnFile, INFO_PLIST, BIN_NAME, ID, VER, SDK, PLTFM, MIN = iOS_Source_Analysis(
APP_DIR, MD5)
LIBS, BIN_ANAL = '', ''
# Saving to DB
print "\n[INFO] Connecting to DB"
if RESCAN == '1':
print "\n[INFO] Updating Database..."
StaticAnalyzerIOSZIP.objects.filter(MD5=MD5).update(
TITLE='Static Analysis',
APPNAMEX=APP_NAME,
SIZE=SIZE,
MD5=MD5,
SHA1=SHA1,
SHA256=SHA256,
INFOPLIST=INFO_PLIST,
BINNAME=BIN_NAME,
IDF=ID,
VERSION=VER,
SDK=SDK,
PLTFM=PLTFM,
MINX=MIN,
BIN_ANAL=BIN_ANAL,
LIBS=LIBS,
FILES=FILES,
SFILESX=SFILES,
HTML=HTML,
CODEANAL=CODEANAL,
URLnFile=URLnFile,
DOMAINS=DOMAINS,
EmailnFile=EmailnFile)
elif RESCAN == '0':
print "\n[INFO] Saving to Database"
STATIC_DB = StaticAnalyzerIOSZIP(
TITLE='Static Analysis',
APPNAMEX=APP_NAME,
SIZE=SIZE,
MD5=MD5,
SHA1=SHA1,
SHA256=SHA256,
INFOPLIST=INFO_PLIST,
BINNAME=BIN_NAME,
IDF=ID,
VERSION=VER,
SDK=SDK,
PLTFM=PLTFM,
MINX=MIN,
BIN_ANAL=BIN_ANAL,
LIBS=LIBS,
FILES=FILES,
SFILESX=SFILES,
HTML=HTML,
CODEANAL=CODEANAL,
URLnFile=URLnFile,
DOMAINS=DOMAINS,
EmailnFile=EmailnFile)
STATIC_DB.save()
context = {
'title': 'Static Analysis',
'name': APP_NAME,
'size': SIZE,
'md5': MD5,
'sha1': SHA1,
'sha256': SHA256,
'plist': INFO_PLIST,
'bin_name': BIN_NAME,
'id': ID,
'ver': VER,
'sdk': SDK,
'pltfm': PLTFM,
'min': MIN,
'bin_anal': BIN_ANAL,
'libs': LIBS,
'files': FILES,
'file_analysis': SFILES,
'api': HTML,
'insecure': CODEANAL,
'urls': URLnFile,
'domains': DOMAINS,
'emails': EmailnFile
}
template = "static_analysis/ios_source_analysis.html"
return render(request, template, context)
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except Exception as exp:
PrintException("[ERROR] Static Analyzer iOS")
context = {'title': 'Error', 'exp': exp.message, 'doc': exp.__doc__}
template = "general/error.html"
return render(request, template, context)
def StaticAnalyzer_iOS(request):
try:
#Input validation
print "[INFO] iOS Static Analysis Started"
TYP=request.GET['type']
RESCAN= str(request.GET.get('rescan', 0))
m=re.match('^[0-9a-f]{32}$',request.GET['checksum'])
if ((m) and (request.GET['name'].lower().endswith('.ipa') or request.GET['name'].lower().endswith('.zip')) and (TYP in ['ipa', 'ios'])):
DIR=settings.BASE_DIR #BASE DIR
APP_NAME=request.GET['name'] #APP ORGINAL NAME
MD5=request.GET['checksum'] #MD5
APP_DIR=os.path.join(settings.UPLD_DIR, MD5+'/') #APP DIRECTORY
TOOLS_DIR=os.path.join(DIR, 'StaticAnalyzer/tools/mac/') #TOOLS DIR
if TYP=='ipa':
#DB
DB=StaticAnalyzerIPA.objects.filter(MD5=MD5)
if DB.exists() and RESCAN=='0':
print "\n[INFO] Analysis is already Done. Fetching data from the DB..."
context = {
'title' : DB[0].TITLE,
'name' : DB[0].APPNAMEX,
'size' : DB[0].SIZE,
'md5': DB[0].MD5,
'sha1' : DB[0].SHA1,
'sha256' : DB[0].SHA256,
'plist' : DB[0].INFOPLIST,
'bin_name' : DB[0].BINNAME,
'id' : DB[0].IDF,
'ver' : DB[0].VERSION,
'sdk' : DB[0].SDK,
'pltfm' : DB[0].PLTFM,
'min' : DB[0].MINX,
'bin_anal' : DB[0].BIN_ANAL,
'libs' : DB[0].LIBS,
'files' : python_list(DB[0].FILES),
'file_analysis' : DB[0].SFILESX,
'strings' : DB[0].STRINGS,
}
else:
print "[INFO] iOS Binary (IPA) Analysis Started"
APP_FILE=MD5 + '.ipa' #NEW FILENAME
APP_PATH=APP_DIR+APP_FILE #APP PATH
BIN_DIR=os.path.join(APP_DIR,"Payload/")
#ANALYSIS BEGINS
SIZE=str(FileSize(APP_PATH)) + 'MB' #FILE SIZE
SHA1, SHA256= HashGen(APP_PATH) #SHA1 & SHA256 HASHES
print "[INFO] Extracting IPA"
Unzip(APP_PATH,APP_DIR) #EXTRACT IPA
FILES,SFILES=iOS_ListFiles(BIN_DIR,MD5,True,'ipa') #Get Files, normalize + to x, and convert binary plist -> xml
INFO_PLIST,BIN_NAME,ID,VER,SDK,PLTFM,MIN,LIBS,BIN_ANAL,STRINGS=BinaryAnalysis(BIN_DIR,TOOLS_DIR,APP_DIR)
#Saving to DB
print "\n[INFO] Connecting to DB"
if RESCAN=='1':
print "\n[INFO] Updating Database..."
StaticAnalyzerIPA.objects.filter(MD5=MD5).update(TITLE='Static Analysis',APPNAMEX=APP_NAME,SIZE=SIZE,MD5=MD5,SHA1=SHA1,SHA256=SHA256,INFOPLIST=INFO_PLIST,BINNAME=BIN_NAME,IDF=ID,VERSION=VER,SDK=SDK,PLTFM=PLTFM,MINX=MIN,BIN_ANAL=BIN_ANAL,LIBS=LIBS,FILES=FILES,SFILESX=SFILES,STRINGS=STRINGS)
elif RESCAN=='0':
print "\n[INFO] Saving to Database"
STATIC_DB=StaticAnalyzerIPA(TITLE='Static Analysis',APPNAMEX=APP_NAME,SIZE=SIZE,MD5=MD5,SHA1=SHA1,SHA256=SHA256,INFOPLIST=INFO_PLIST,BINNAME=BIN_NAME,IDF=ID,VERSION=VER,SDK=SDK,PLTFM=PLTFM,MINX=MIN,BIN_ANAL=BIN_ANAL,LIBS=LIBS,FILES=FILES,SFILESX=SFILES,STRINGS=STRINGS)
STATIC_DB.save()
context = {
'title' : 'Static Analysis',
'name' : APP_NAME,
'size' : SIZE,
'md5': MD5,
'sha1' : SHA1,
'sha256' : SHA256,
'plist' : INFO_PLIST,
'bin_name' : BIN_NAME,
'id' : ID,
'ver' : VER,
'sdk' : SDK,
'pltfm' : PLTFM,
'min' : MIN,
'bin_anal' : BIN_ANAL,
'libs' : LIBS,
'files' : FILES,
'file_analysis' : SFILES,
'strings' : STRINGS,
}
template="ios_binary_analysis.html"
return render(request,template,context)
elif TYP=='ios':
DB=StaticAnalyzerIOSZIP.objects.filter(MD5=MD5)
if DB.exists() and RESCAN=='0':
print "\n[INFO] Analysis is already Done. Fetching data from the DB..."
context = {
'title' : DB[0].TITLE,
'name' : DB[0].APPNAMEX,
'size' : DB[0].SIZE,
'md5': DB[0].MD5,
'sha1' : DB[0].SHA1,
'sha256' : DB[0].SHA256,
'plist' : DB[0].INFOPLIST,
'bin_name' : DB[0].BINNAME,
'id' : DB[0].IDF,
'ver' : DB[0].VERSION,
'sdk' : DB[0].SDK,
'pltfm' : DB[0].PLTFM,
'min' : DB[0].MINX,
'bin_anal' : DB[0].BIN_ANAL,
'libs' : DB[0].LIBS,
'files' : python_list(DB[0].FILES),
'file_analysis' : DB[0].SFILESX,
'api' : DB[0].HTML,
'insecure' : DB[0].CODEANAL,
'urls' : DB[0].URLnFile,
'domains': python_dict(DB[0].DOMAINS),
'emails' : DB[0].EmailnFile,
'strings' : DB[0].STRINGS
}
else:
print "[INFO] iOS Source Code Analysis Started"
APP_FILE=MD5 + '.zip' #NEW FILENAME
APP_PATH=APP_DIR+APP_FILE #APP PATH
#ANALYSIS BEGINS - Already Unzipped
print "[INFO] ZIP Already Extracted"
SIZE=str(FileSize(APP_PATH)) + 'MB' #FILE SIZE
SHA1, SHA256= HashGen(APP_PATH) #SHA1 & SHA256 HASHES
FILES,SFILES=iOS_ListFiles(APP_DIR,MD5,False,'ios')
HTML,CODEANAL,URLnFile,DOMAINS,EmailnFile,INFO_PLIST,BIN_NAME,ID,VER,SDK,PLTFM,MIN=iOS_Source_Analysis(APP_DIR,MD5)
LIBS,BIN_ANAL='',''
#Saving to DB
print "\n[INFO] Connecting to DB"
if RESCAN=='1':
print "\n[INFO] Updating Database..."
StaticAnalyzerIOSZIP.objects.filter(MD5=MD5).update(TITLE = 'Static Analysis',
APPNAMEX=APP_NAME,
SIZE=SIZE,
MD5=MD5,
SHA1=SHA1,
SHA256=SHA256,
INFOPLIST=INFO_PLIST,
BINNAME=BIN_NAME,
IDF=ID,
VERSION=VER,
SDK=SDK,
PLTFM=PLTFM,
MINX=MIN,
BIN_ANAL=BIN_ANAL,
LIBS=LIBS,
FILES=FILES,
SFILESX=SFILES,
HTML=HTML,
CODEANAL=CODEANAL,
URLnFile=URLnFile,
DOMAINS=DOMAINS,
EmailnFile=EmailnFile)
elif RESCAN=='0':
print "\n[INFO] Saving to Database"
STATIC_DB=StaticAnalyzerIOSZIP(TITLE = 'Static Analysis',
APPNAMEX=APP_NAME,
SIZE=SIZE,
MD5=MD5,
SHA1=SHA1,
SHA256=SHA256,
INFOPLIST=INFO_PLIST,
BINNAME=BIN_NAME,
IDF=ID,
VERSION=VER,
SDK=SDK,
PLTFM=PLTFM,
MINX=MIN,
BIN_ANAL=BIN_ANAL,
LIBS=LIBS,
FILES=FILES,
SFILESX=SFILES,
HTML=HTML,
CODEANAL=CODEANAL,
URLnFile=URLnFile,
DOMAINS=DOMAINS,
EmailnFile=EmailnFile)
STATIC_DB.save()
context = {
'title' : 'Static Analysis',
'name' : APP_NAME,
'size' : SIZE,
'md5': MD5,
'sha1' : SHA1,
'sha256' : SHA256,
'plist' : INFO_PLIST,
'bin_name' : BIN_NAME,
'id' : ID,
'ver' : VER,
'sdk' : SDK,
'pltfm' : PLTFM,
'min' : MIN,
'bin_anal' : BIN_ANAL,
'libs' : LIBS,
'files' : FILES,
'file_analysis' : SFILES,
'api' : HTML,
'insecure' : CODEANAL,
'urls' : URLnFile,
'domains': DOMAINS,
'emails' : EmailnFile
}
template="ios_source_analysis.html"
return render(request,template,context)
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except Exception as e:
PrintException("[ERROR] Static Analyzer iOS")
context = {
'title' : 'Error',
'exp' : e.message,
'doc' : e.__doc__
}
template="error.html"
return render(request,template,context)
def PDF(request):
try:
MD5 = request.GET['md5']
TYP = request.GET['type']
m = re.match('^[0-9a-f]{32}$', MD5)
if m:
if TYP in ['APK', 'ANDZIP']:
DB = StaticAnalyzerAndroid.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (Android)"
context = get_context_from_db_entry(DB)
if TYP == 'APK':
template = get_template("pdf/static_analysis_pdf.html")
else:
template = get_template(
"pdf/static_analysis_zip_pdf.html")
else:
return HttpResponse(
json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('IPA|IOSZIP', TYP):
if TYP == 'IPA':
DB = StaticAnalyzerIPA.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS IPA)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'strings': python_list(DB[0].STRINGS),
'permissions': python_list(DB[0].PERMISSIONS)
}
template = get_template(
"pdf/ios_binary_analysis_pdf.html")
else:
return HttpResponse(
json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif TYP == 'IOSZIP':
DB = StaticAnalyzerIOSZIP.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS ZIP)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'api': DB[0].HTML,
'insecure': DB[0].CODEANAL,
'urls': DB[0].URLnFile,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EmailnFile,
'permissions': python_list(DB[0].PERMISSIONS)
}
template = get_template(
"pdf/ios_source_analysis_pdf.html")
else:
return HttpResponse(
json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('APPX', TYP):
if TYP == 'APPX':
db_entry = StaticAnalyzerWindows.objects.filter( # pylint: disable-msg=E1101
MD5=MD5)
if db_entry.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (APPX)"
context = {
'title':
db_entry[0].TITLE,
'name':
db_entry[0].APP_NAME,
'pub_name':
db_entry[0].PUB_NAME,
'size':
db_entry[0].SIZE,
'md5':
db_entry[0].MD5,
'sha1':
db_entry[0].SHA1,
'sha256':
db_entry[0].SHA256,
'bin_name':
db_entry[0].BINNAME,
'version':
db_entry[0].VERSION,
'arch':
db_entry[0].ARCH,
'compiler_version':
db_entry[0].COMPILER_VERSION,
'visual_studio_version':
db_entry[0].VISUAL_STUDIO_VERSION,
'visual_studio_edition':
db_entry[0].VISUAL_STUDIO_EDITION,
'target_os':
db_entry[0].TARGET_OS,
'appx_dll_version':
db_entry[0].APPX_DLL_VERSION,
'proj_guid':
db_entry[0].PROJ_GUID,
'opti_tool':
db_entry[0].OPTI_TOOL,
'target_run':
db_entry[0].TARGET_RUN,
'files':
python_list(db_entry[0].FILES),
'strings':
python_list(db_entry[0].STRINGS),
'bin_an_results':
python_list(db_entry[0].BIN_AN_RESULTS),
'bin_an_warnings':
python_list(db_entry[0].BIN_AN_WARNINGS)
}
template = get_template(
"pdf/windows_binary_analysis_pdf.html")
else:
return HttpResponse(
json.dumps({"type": "Type is not Allowed"}),
content_type="application/json; charset=utf-8")
html = template.render(context)
result = StringIO()
pdf = pisa.pisaDocument(StringIO("{0}".format(
html.encode('utf-8'))),
result,
encoding='utf-8')
if not pdf.err:
return HttpResponse(result.getvalue(),
content_type='application/pdf')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponse(json.dumps({"md5": "Invalid MD5"}),
content_type="application/json; charset=utf-8")
except:
PrintException("[ERROR] PDF Report Generation Error")
return HttpResponseRedirect('/error/')
def XML(request):
try:
MD5 = request.GET['md5']
TYP = request.GET['type']
m = re.match('^[0-9a-f]{32}$', MD5)
if m:
if TYP in ['APK', 'ANDZIP']:
DB = StaticAnalyzerAndroid.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (Android)"
context = get_context_from_db_entry(DB)
if TYP == 'APK':
template = get_template("pdf/static_analysis_pdf.html")
else:
template = get_template(
"pdf/static_analysis_zip_pdf.html")
else:
return HttpResponse(
json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('IPA|IOSZIP', TYP):
if TYP == 'IPA':
DB = StaticAnalyzerIPA.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS IPA)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'strings': python_list(DB[0].STRINGS),
'permissions': python_list(DB[0].PERMISSIONS)
}
template = get_template(
"pdf/ios_binary_analysis_pdf.html")
else:
return HttpResponse(
json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif TYP == 'IOSZIP':
DB = StaticAnalyzerIOSZIP.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS ZIP)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'api': DB[0].HTML,
'insecure': DB[0].CODEANAL,
'urls': DB[0].URLnFile,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EmailnFile,
'permissions': python_list(DB[0].PERMISSIONS)
}
template = get_template(
"pdf/ios_source_analysis_pdf.html")
else:
return HttpResponse(
json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('APPX', TYP):
if TYP == 'APPX':
db_entry = StaticAnalyzerWindows.objects.filter( # pylint: disable-msg=E1101
MD5=MD5)
if db_entry.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (APPX)"
context = {
'title':
db_entry[0].TITLE,
'name':
db_entry[0].APP_NAME,
'pub_name':
db_entry[0].PUB_NAME,
'size':
db_entry[0].SIZE,
'md5':
db_entry[0].MD5,
'sha1':
db_entry[0].SHA1,
'sha256':
db_entry[0].SHA256,
'bin_name':
db_entry[0].BINNAME,
'version':
db_entry[0].VERSION,
'arch':
db_entry[0].ARCH,
'compiler_version':
db_entry[0].COMPILER_VERSION,
'visual_studio_version':
db_entry[0].VISUAL_STUDIO_VERSION,
'visual_studio_edition':
db_entry[0].VISUAL_STUDIO_EDITION,
'target_os':
db_entry[0].TARGET_OS,
'appx_dll_version':
db_entry[0].APPX_DLL_VERSION,
'proj_guid':
db_entry[0].PROJ_GUID,
'opti_tool':
db_entry[0].OPTI_TOOL,
'target_run':
db_entry[0].TARGET_RUN,
'files':
python_list(db_entry[0].FILES),
'strings':
python_list(db_entry[0].STRINGS),
'bin_an_results':
python_list(db_entry[0].BIN_AN_RESULTS),
'bin_an_warnings':
python_list(db_entry[0].BIN_AN_WARNINGS)
}
template = get_template(
"pdf/windows_binary_analysis_pdf.html")
else:
return HttpResponse(
json.dumps({"type": "Type is not Allowed"}),
content_type="application/json; charset=utf-8")
html = template.render(context)
memorandum = etree.Element("memorandum")
etree.SubElement(
memorandum, "titul"
).text = context.get("title") + " - " + context.get("name")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "fileInformation")
etree.SubElement(precuinat, "title").text = "File Information"
etree.SubElement(precuinat, "nom").text = context.get("name")
etree.SubElement(precuinat, "tam").text = context.get("size")
etree.SubElement(precuinat, "md5").text = context.get("md5")
etree.SubElement(precuinat, "sha1").text = context.get("sha1")
etree.SubElement(precuinat, "sha256").text = context.get("sha256")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "appInformation")
etree.SubElement(precuinat, "title").text = "App Information"
etree.SubElement(precuinat,
"packagename").text = context.get("packagename")
etree.SubElement(precuinat,
"mainactivity").text = context.get("mainactivity")
etree.SubElement(precuinat,
"targetsdk").text = context.get("targetsdk")
etree.SubElement(precuinat, "minsdk").text = context.get("minsdk")
etree.SubElement(precuinat, "maxsdk").text = context.get("maxsdk")
etree.SubElement(precuinat,
"androvername").text = context.get("androvername")
etree.SubElement(precuinat,
"androver").text = context.get("androver")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "codeNature")
etree.SubElement(precuinat, "title").text = "Code Nature"
etree.SubElement(precuinat, "native").text = context.get("native")
etree.SubElement(precuinat,
"dynamic").text = context.get("dynamic")
etree.SubElement(precuinat,
"reflection").text = context.get("reflection")
etree.SubElement(precuinat, "crypto").text = context.get("crypto")
etree.SubElement(precuinat, "obfus").text = context.get("obfus")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "certificate")
etree.SubElement(precuinat, "title").text = "Certificate"
etree.SubElement(precuinat,
"certinfo").text = context.get("certinfo")
etree.SubElement(
precuinat,
"issued").text = "Certificate Status: " + context.get("issued")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "permissions")
etree.SubElement(precuinat, "title").text = "Permissions"
dic = context.get("permissions")
for perm, desc in dic.items():
etree.SubElement(
precuinat,
"perm").text = "PERMISSION: " + perm + " " + desc[0]
etree.SubElement(precuinat, "info").text = "INFO: " + desc[1]
etree.SubElement(
precuinat, "description").text = "DESCRIPTION: " + desc[2]
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "SOLibraryBinaryAnalis")
etree.SubElement(precuinat,
"title").text = "ANDROID LIBRARY BINARY ANALYSIS"
dic = context.get("binary_analysis")
dic2 = dic[0]
for i, j in dic2.items():
etree.SubElement(precuinat, "key").text = i
etree.SubElement(precuinat, "value").text = j
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "brossableActivities")
etree.SubElement(precuinat, "title").text = "Brossable Activities"
dic = context.get("browsable_activities")
for i, j in dic.items():
etree.SubElement(precuinat, "activity").text = "ACTIVITY " + i
etree.SubElement(precuinat, "intent").text = "INTENT " + j
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "manifestAnalysis")
etree.SubElement(precuinat, "title").text = "Manifest Analysis"
dic = context.get("manifest")
for p in dic:
for i, j in p.items():
etree.SubElement(precuinat, "key").text = i
etree.SubElement(precuinat, "value").text = j
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "codeAnalysis")
etree.SubElement(precuinat, "title").text = "Code Analysis"
etree.SubElement(precuinat, "contenido").text = context.get("dang")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "AndroidAPI")
etree.SubElement(precuinat, "title").text = "Android API"
etree.SubElement(precuinat, "contenido").text = context.get("api")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "urls")
etree.SubElement(precuinat, "title").text = "URLS"
etree.SubElement(precuinat, "contenido").text = context.get("urls")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "malwareChecks")
etree.SubElement(precuinat, "title").text = "Malware Checks"
dic = context.get("domain")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "emails")
etree.SubElement(precuinat, "title").text = "Emails"
etree.SubElement(precuinat,
"contenido").text = context.get("emails")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "fileAnalysis")
etree.SubElement(precuinat, "title").text = "File Analysis"
etree.SubElement(precuinat,
"contenido").text = context.get("certz")
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "strings")
etree.SubElement(precuinat, "title").text = "Strings"
list = context.get("strings")
for var in list:
etree.SubElement(precuinat, "strings").text = var
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "activities")
etree.SubElement(precuinat, "title").text = "Activities"
list = context.get("activities")
for act in list:
etree.SubElement(precuinat, "activity").text = act
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "providers")
etree.SubElement(precuinat, "title").text = "Providers"
list = context.get("providers")
for prov in list:
etree.SubElement(precuinat, "provider").text = prov
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "receivers")
etree.SubElement(precuinat, "title").text = "Receivers"
list = context.get("receivers")
for rec in list:
etree.SubElement(precuinat, "receiver").text = rec
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "services")
etree.SubElement(precuinat, "title").text = "Services"
list = context.get("services")
for ser in list:
etree.SubElement(precuinat, "service").text = ser
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "libraries")
etree.SubElement(precuinat, "title").text = "Libraries"
list = context.get("libraries")
for lib in list:
etree.SubElement(precuinat, "library").text = lib
precuinat = etree.SubElement(memorandum, "precuinat")
precuinat.set("category", "files")
etree.SubElement(precuinat, "title").text = "Files"
list = context.get("files")
for f in list:
etree.SubElement(precuinat, "file").text = f
g = open('./xml/t.xml', 'w')
g.write('<?xml version="1.0"?>')
# print(etree.tostring(memorandum, xml_declaration=True, encoding = 'iso-8859-1'))
g.write(etree.tostring(memorandum))
g.close()
g = open('./xml/t.xml', 'r')
response = HttpResponse(g,
content_type='application/force-download')
response['Content-Disposition'] = 'attachment; filename=t.xml'
g.close()
return response
else:
return HttpResponse(json.dumps({"md5": "Invalid MD5"}),
content_type="application/json; charset=utf-8")
except:
PrintException("[ERROR] XML Report Generation Error")
return HttpResponseRedirect('/error/')
def PDF(request):
try:
MD5=request.GET['md5']
TYP=request.GET['type']
m=re.match('^[0-9a-f]{32}$',MD5)
if m:
if TYP in ['APK','ANDZIP']:
DB=StaticAnalyzerAndroid.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (Android)"
context = {
'title' : DB[0].TITLE,
'name' : DB[0].APP_NAME,
'size' : DB[0].SIZE,
'md5': DB[0].MD5,
'sha1' : DB[0].SHA1,
'sha256' : DB[0].SHA256,
'packagename' : DB[0].PACKAGENAME,
'mainactivity' : DB[0].MAINACTIVITY,
'targetsdk' : DB[0].TARGET_SDK,
'maxsdk' : DB[0].MAX_SDK,
'minsdk' : DB[0].MIN_SDK,
'androvername' : DB[0].ANDROVERNAME,
'androver': DB[0].ANDROVER,
'manifest': DB[0].MANIFEST_ANAL,
'permissions' : DB[0].PERMISSIONS,
'files' : python_list(DB[0].FILES),
'certz' : DB[0].CERTZ,
'activities' : python_list(DB[0].ACTIVITIES),
'receivers' : python_list(DB[0].RECEIVERS),
'providers' : python_list(DB[0].PROVIDERS),
'services' : python_list(DB[0].SERVICES),
'libraries' : python_list(DB[0].LIBRARIES),
'act_count' : DB[0].CNT_ACT,
'prov_count' : DB[0].CNT_PRO,
'serv_count' : DB[0].CNT_SER,
'bro_count' : DB[0].CNT_BRO,
'certinfo': DB[0].CERT_INFO,
'issued':DB[0].ISSUED,
'native' : DB[0].NATIVE,
'dynamic' : DB[0].DYNAMIC,
'reflection' : DB[0].REFLECT,
'crypto': DB[0].CRYPTO,
'obfus': DB[0].OBFUS,
'api': DB[0].API,
'dang': DB[0].DANG,
'urls': DB[0].URLS,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EMAILS,
'strings': python_list(DB[0].STRINGS),
'zipped' : DB[0].ZIPPED,
'mani': DB[0].MANI
}
if TYP=='APK':
template= get_template("static_analysis_pdf.html")
else:
template= get_template("static_analysis_zip_pdf.html")
elif re.findall('IPA|IOSZIP',TYP):
if TYP=='IPA':
DB=StaticAnalyzerIPA.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS IPA)"
context = {
'title' : DB[0].TITLE,
'name' : DB[0].APPNAMEX,
'size' : DB[0].SIZE,
'md5': DB[0].MD5,
'sha1' : DB[0].SHA1,
'sha256' : DB[0].SHA256,
'plist' : DB[0].INFOPLIST,
'bin_name' : DB[0].BINNAME,
'id' : DB[0].IDF,
'ver' : DB[0].VERSION,
'sdk' : DB[0].SDK,
'pltfm' : DB[0].PLTFM,
'min' : DB[0].MINX,
'bin_anal' : DB[0].BIN_ANAL,
'libs' : DB[0].LIBS,
'files' : python_list(DB[0].FILES),
'file_analysis' : DB[0].SFILESX,
'strings' : DB[0].STRINGS
}
template= get_template("ios_binary_analysis_pdf.html")
elif TYP=='IOSZIP':
DB=StaticAnalyzerIOSZIP.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS ZIP)"
context = {
'title' : DB[0].TITLE,
'name' : DB[0].APPNAMEX,
'size' : DB[0].SIZE,
'md5': DB[0].MD5,
'sha1' : DB[0].SHA1,
'sha256' : DB[0].SHA256,
'plist' : DB[0].INFOPLIST,
'bin_name' : DB[0].BINNAME,
'id' : DB[0].IDF,
'ver' : DB[0].VERSION,
'sdk' : DB[0].SDK,
'pltfm' : DB[0].PLTFM,
'min' : DB[0].MINX,
'bin_anal' : DB[0].BIN_ANAL,
'libs' : DB[0].LIBS,
'files' : python_list(DB[0].FILES),
'file_analysis' : DB[0].SFILESX,
'api' : DB[0].HTML,
'insecure' : DB[0].CODEANAL,
'urls' : DB[0].URLnFile,
'domains': python_dict(DB[0].DOMAINS),
'emails' : DB[0].EmailnFile
}
template= get_template("ios_source_analysis_pdf.html")
else:
return HttpResponseRedirect('/error/')
html = template.render(context)
result = StringIO()
pdf = pisa.pisaDocument(StringIO( "{0}".format(html.encode('utf-8'))), result, encoding='utf-8')
if not pdf.err:
return HttpResponse(result.getvalue(), content_type='application/pdf')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] PDF Report Generation Error")
return HttpResponseRedirect('/error/')
def PDF(request):
try:
MD5=request.GET['md5']
TYP=request.GET['type']
m=re.match('^[0-9a-f]{32}$',MD5)
if m:
if TYP in ['APK','ANDZIP']:
DB=StaticAnalyzerAndroid.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (Android)"
context = {
'title' : DB[0].TITLE,
'name' : DB[0].APP_NAME,
'size' : DB[0].SIZE,
'md5': DB[0].MD5,
'sha1' : DB[0].SHA1,
'sha256' : DB[0].SHA256,
'packagename' : DB[0].PACKAGENAME,
'mainactivity' : DB[0].MAINACTIVITY,
'targetsdk' : DB[0].TARGET_SDK,
'maxsdk' : DB[0].MAX_SDK,
'minsdk' : DB[0].MIN_SDK,
'androvername' : DB[0].ANDROVERNAME,
'androver': DB[0].ANDROVER,
'manifest': DB[0].MANIFEST_ANAL,
'permissions' : DB[0].PERMISSIONS,
'files' : python_list(DB[0].FILES),
'certz' : DB[0].CERTZ,
'activities' : python_list(DB[0].ACTIVITIES),
'receivers' : python_list(DB[0].RECEIVERS),
'providers' : python_list(DB[0].PROVIDERS),
'services' : python_list(DB[0].SERVICES),
'libraries' : python_list(DB[0].LIBRARIES),
'act_count' : DB[0].CNT_ACT,
'prov_count' : DB[0].CNT_PRO,
'serv_count' : DB[0].CNT_SER,
'bro_count' : DB[0].CNT_BRO,
'certinfo': DB[0].CERT_INFO,
'issued':DB[0].ISSUED,
'native' : DB[0].NATIVE,
'dynamic' : DB[0].DYNAMIC,
'reflection' : DB[0].REFLECT,
'crypto': DB[0].CRYPTO,
'obfus': DB[0].OBFUS,
'api': DB[0].API,
'dang': DB[0].DANG,
'urls': DB[0].URLS,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EMAILS,
'strings': python_list(DB[0].STRINGS),
'zipped' : DB[0].ZIPPED,
'mani': DB[0].MANI
}
if TYP=='APK':
template= get_template("static_analysis_pdf.html")
else:
template= get_template("static_analysis_zip_pdf.html")
elif re.findall('IPA|IOSZIP',TYP):
if TYP=='IPA':
DB=StaticAnalyzerIPA.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS IPA)"
context = {
'title' : DB[0].TITLE,
'name' : DB[0].APPNAMEX,
'size' : DB[0].SIZE,
'md5': DB[0].MD5,
'sha1' : DB[0].SHA1,
'sha256' : DB[0].SHA256,
'plist' : DB[0].INFOPLIST,
'bin_name' : DB[0].BINNAME,
'id' : DB[0].IDF,
'ver' : DB[0].VERSION,
'sdk' : DB[0].SDK,
'pltfm' : DB[0].PLTFM,
'min' : DB[0].MINX,
'bin_anal' : DB[0].BIN_ANAL,
'libs' : DB[0].LIBS,
'files' : python_list(DB[0].FILES),
'file_analysis' : DB[0].SFILESX,
'strings' : DB[0].STRINGS
}
template= get_template("ios_binary_analysis_pdf.html")
elif TYP=='IOSZIP':
DB=StaticAnalyzerIOSZIP.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS ZIP)"
context = {
'title' : DB[0].TITLE,
'name' : DB[0].APPNAMEX,
'size' : DB[0].SIZE,
'md5': DB[0].MD5,
'sha1' : DB[0].SHA1,
'sha256' : DB[0].SHA256,
'plist' : DB[0].INFOPLIST,
'bin_name' : DB[0].BINNAME,
'id' : DB[0].IDF,
'ver' : DB[0].VERSION,
'sdk' : DB[0].SDK,
'pltfm' : DB[0].PLTFM,
'min' : DB[0].MINX,
'bin_anal' : DB[0].BIN_ANAL,
'libs' : DB[0].LIBS,
'files' : python_list(DB[0].FILES),
'file_analysis' : DB[0].SFILESX,
'api' : DB[0].HTML,
'insecure' : DB[0].CODEANAL,
'urls' : DB[0].URLnFile,
'domains': python_dict(DB[0].DOMAINS),
'emails' : DB[0].EmailnFile
}
template= get_template("ios_source_analysis_pdf.html")
else:
return HttpResponseRedirect('/error/')
html = template.render(context)
result = StringIO()
pdf = pisa.pisaDocument(StringIO( "{0}".format(html.encode('utf-8'))), result, encoding='utf-8')
if not pdf.err:
return HttpResponse(result.getvalue(), content_type='application/pdf')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] PDF Report Generation Error")
return HttpResponseRedirect('/error/')
def PDF(request):
try:
MD5 = request.GET['md5']
TYP = request.GET['type']
m = re.match('^[0-9a-f]{32}$', MD5)
if m:
if TYP in ['APK', 'ANDZIP']:
DB = StaticAnalyzerAndroid.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (Android)"
context = get_context_from_db_entry(DB)
if TYP == 'APK':
template = get_template("pdf/static_analysis_pdf.html")
else:
template = get_template(
"pdf/static_analysis_zip_pdf.html")
else:
return HttpResponse(json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('IPA|IOSZIP', TYP):
if TYP == 'IPA':
DB = StaticAnalyzerIPA.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS IPA)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'strings': python_list(DB[0].STRINGS),
'permissions': python_list(DB[0].PERMISSIONS)
}
template = get_template(
"pdf/ios_binary_analysis_pdf.html")
else:
return HttpResponse(json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif TYP == 'IOSZIP':
DB = StaticAnalyzerIOSZIP.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS ZIP)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'api': DB[0].HTML,
'insecure': DB[0].CODEANAL,
'urls': DB[0].URLnFile,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EmailnFile,
'permissions': python_list(DB[0].PERMISSIONS)
}
template = get_template(
"pdf/ios_source_analysis_pdf.html")
else:
return HttpResponse(json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('APPX', TYP):
if TYP == 'APPX':
db_entry = StaticAnalyzerWindows.objects.filter( # pylint: disable-msg=E1101
MD5=MD5
)
if db_entry.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (APPX)"
context = {
'title': db_entry[0].TITLE,
'name': db_entry[0].APP_NAME,
'pub_name': db_entry[0].PUB_NAME,
'size': db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1': db_entry[0].SHA1,
'sha256': db_entry[0].SHA256,
'bin_name': db_entry[0].BINNAME,
'version': db_entry[0].VERSION,
'arch': db_entry[0].ARCH,
'compiler_version': db_entry[0].COMPILER_VERSION,
'visual_studio_version': db_entry[0].VISUAL_STUDIO_VERSION,
'visual_studio_edition': db_entry[0].VISUAL_STUDIO_EDITION,
'target_os': db_entry[0].TARGET_OS,
'appx_dll_version': db_entry[0].APPX_DLL_VERSION,
'proj_guid': db_entry[0].PROJ_GUID,
'opti_tool': db_entry[0].OPTI_TOOL,
'target_run': db_entry[0].TARGET_RUN,
'files': python_list(db_entry[0].FILES),
'strings': python_list(db_entry[0].STRINGS),
'bin_an_results': python_list(db_entry[0].BIN_AN_RESULTS),
'bin_an_warnings': python_list(db_entry[0].BIN_AN_WARNINGS)
}
template = get_template(
"pdf/windows_binary_analysis_pdf.html")
else:
return HttpResponse(json.dumps({"type": "Type is not Allowed"}),
content_type="application/json; charset=utf-8")
html = template.render(context)
result = StringIO()
pdf = pisa.pisaDocument(StringIO("{0}".format(
html.encode('utf-8'))), result, encoding='utf-8')
if not pdf.err:
return HttpResponse(result.getvalue(), content_type='application/pdf')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponse(json.dumps({"md5": "Invalid MD5"}),
content_type="application/json; charset=utf-8")
except:
PrintException("[ERROR] PDF Report Generation Error")
return HttpResponseRedirect('/error/')
def PDF(request):
try:
MD5 = request.GET['md5']
TYP = request.GET['type']
m = re.match('^[0-9a-f]{32}$', MD5)
if m:
if TYP in ['APK', 'ANDZIP']:
DB = StaticAnalyzerAndroid.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (Android)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APP_NAME,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'packagename': DB[0].PACKAGENAME,
'mainactivity': DB[0].MAINACTIVITY,
'targetsdk': DB[0].TARGET_SDK,
'maxsdk': DB[0].MAX_SDK,
'minsdk': DB[0].MIN_SDK,
'androvername': DB[0].ANDROVERNAME,
'androver': DB[0].ANDROVER,
'manifest': DB[0].MANIFEST_ANAL,
'permissions': DB[0].PERMISSIONS,
'files': python_list(DB[0].FILES),
'certz': DB[0].CERTZ,
'activities': python_list(DB[0].ACTIVITIES),
'receivers': python_list(DB[0].RECEIVERS),
'providers': python_list(DB[0].PROVIDERS),
'services': python_list(DB[0].SERVICES),
'libraries': python_list(DB[0].LIBRARIES),
'act_count': DB[0].CNT_ACT,
'prov_count': DB[0].CNT_PRO,
'serv_count': DB[0].CNT_SER,
'bro_count': DB[0].CNT_BRO,
'certinfo': DB[0].CERT_INFO,
'issued': DB[0].ISSUED,
'native': DB[0].NATIVE,
'dynamic': DB[0].DYNAMIC,
'reflection': DB[0].REFLECT,
'crypto': DB[0].CRYPTO,
'obfus': DB[0].OBFUS,
'api': DB[0].API,
'dang': DB[0].DANG,
'urls': DB[0].URLS,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EMAILS,
'strings': python_list(DB[0].STRINGS),
'zipped': DB[0].ZIPPED,
'mani': DB[0].MANI
}
if TYP == 'APK':
template = get_template("static_analysis_pdf.html")
else:
template = get_template("static_analysis_zip_pdf.html")
else:
return HttpResponse(json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('IPA|IOSZIP', TYP):
if TYP == 'IPA':
DB = StaticAnalyzerIPA.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS IPA)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'strings': DB[0].STRINGS
}
template = get_template("ios_binary_analysis_pdf.html")
else:
return HttpResponse(json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif TYP == 'IOSZIP':
DB = StaticAnalyzerIOSZIP.objects.filter(MD5=MD5)
if DB.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (IOS ZIP)"
context = {
'title': DB[0].TITLE,
'name': DB[0].APPNAMEX,
'size': DB[0].SIZE,
'md5': DB[0].MD5,
'sha1': DB[0].SHA1,
'sha256': DB[0].SHA256,
'plist': DB[0].INFOPLIST,
'bin_name': DB[0].BINNAME,
'id': DB[0].IDF,
'ver': DB[0].VERSION,
'sdk': DB[0].SDK,
'pltfm': DB[0].PLTFM,
'min': DB[0].MINX,
'bin_anal': DB[0].BIN_ANAL,
'libs': DB[0].LIBS,
'files': python_list(DB[0].FILES),
'file_analysis': DB[0].SFILESX,
'api': DB[0].HTML,
'insecure': DB[0].CODEANAL,
'urls': DB[0].URLnFile,
'domains': python_dict(DB[0].DOMAINS),
'emails': DB[0].EmailnFile
}
template = get_template("ios_source_analysis_pdf.html")
else:
return HttpResponse(json.dumps({"report": "Report not Found"}),
content_type="application/json; charset=utf-8")
elif re.findall('APPX',TYP):
if TYP == 'APPX':
db_entry = StaticAnalyzerWindows.objects.filter( # pylint: disable-msg=E1101
MD5=MD5
)
if db_entry.exists():
print "\n[INFO] Fetching data from DB for PDF Report Generation (APPX)"
context = {
'title' : db_entry[0].TITLE,
'name' : db_entry[0].APP_NAME,
'pub_name' : db_entry[0].PUB_NAME,
'size' : db_entry[0].SIZE,
'md5': db_entry[0].MD5,
'sha1' : db_entry[0].SHA1,
'sha256' : db_entry[0].SHA256,
'bin_name' : db_entry[0].BINNAME,
'version' : db_entry[0].VERSION,
'arch' : db_entry[0].ARCH,
'compiler_version' : db_entry[0].COMPILER_VERSION,
'visual_studio_version' : db_entry[0].VISUAL_STUDIO_VERSION,
'visual_studio_edition' : db_entry[0].VISUAL_STUDIO_EDITION,
'target_os' : db_entry[0].TARGET_OS,
'appx_dll_version' : db_entry[0].APPX_DLL_VERSION,
'proj_guid' : db_entry[0].PROJ_GUID,
'opti_tool' : db_entry[0].OPTI_TOOL,
'target_run' : db_entry[0].TARGET_RUN,
'files' : python_list(db_entry[0].FILES),
'strings' : db_entry[0].STRINGS,
'bin_an_results' : python_list(db_entry[0].BIN_AN_RESULTS),
'bin_an_warnings' : python_list(db_entry[0].BIN_AN_WARNINGS)
}
template= get_template("windows_binary_analysis_pdf.html")
else:
return HttpResponse(json.dumps({"type": "Type is not Allowed"}),
content_type="application/json; charset=utf-8")
html = template.render(context)
result = StringIO()
pdf = pisa.pisaDocument(StringIO("{0}".format(
html.encode('utf-8'))), result, encoding='utf-8')
if not pdf.err:
return HttpResponse(result.getvalue(), content_type='application/pdf')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponse(json.dumps({"md5": "Invalid MD5"}),
content_type="application/json; charset=utf-8")
except:
PrintException("[ERROR] PDF Report Generation Error")
return HttpResponseRedirect('/error/')