def getDeviceForDynAnalysis():
dev_list = Device.get_devices_list()
devNum = len(dev_list)
if devNum <= 0:
logger.error(
"No device has been detected! Connect your device and restart the application!"
)
return None
if devNum == 1:
return Device.get_device(dev_list[0])
choice = None
if devNum > 1:
print "Select the device to use for analysis:\n"
for i in xrange(0, devNum):
print "%d. %s\n" % ((i + 1), dev_list[i])
while not choice:
try:
choice = int(raw_input())
if choice not in range(1, devNum + 1):
choice = None
print 'Invalid choice! Choose right number!'
except ValueError:
print 'Invalid Number! Choose right number!'
return Device.get_device(dev_list[choice - 1])
def populate(self):
logger.info("Populating Current VM instance ....")
try:
imds_url = config.get('imds', 'imds_url')
response = requests.get(imds_url, headers={"Metadata":"true"})
response_txt = json.loads(response.text)
#populate required instance variables
self.vmId = response_txt['vmId']
self.name = response_txt['name']
self.location = response_txt['location']
self.subscriptionId = response_txt['subscriptionId']
self.vmScaleSetName = response_txt['vmScaleSetName']
self.resourceGroupName = response_txt['resourceGroupName']
self.tags = response_txt['tags']
#populate access_token
accesstoken_url = config.get('imds', 'accesstoken_url')
access_token_response = requests.get(accesstoken_url, headers={"Metadata":"true"})
access_token_text = json.loads(access_token_response.text)
self.access_token = access_token_text['access_token']
logger.info("Returning populated VMInstance")
except:
logger.error("Error populating vm instance")
return self
def main(options, arguments):
inputApkPath = None
resultsDirPath = None
sourceFilesDirPath = None
if (options.inputApk == None):
logger.error("The path to an input file is not specified! Exiting!")
exit(1)
else:
inputApkPath = options.inputApk
if (options.outputDir == None):
logger.error("The path an output directory is not specified! Exiting!")
exit(1)
else:
resultsDirPath = options.outputDir
if not checkInputFile(inputApkPath):
exit(1)
if not checkOutputPath(resultsDirPath):
exit(1)
sourceFilesDirPath = os.path.join(resultsDirPath, "source_files/")
if not checkOutputPath(sourceFilesDirPath):
exit(1)
# if not copyFileToDir(inputApkPath, sourceFilesDirPath):
# exit(1)
# apkFilename = os.path.basename(inputApkPath)
# copiedApkPath = os.path.join(sourceFilesDirPath, apkFilename)
#starting the analysis
perform_analysis(inputApkPath, resultsDirPath, sourceFilesDirPath)
def getPackageUid(self, package_name):
logger.debug("Getting UID of the package [%s]..." % package_name)
uid = -1
if not self.is_alive():
logger.error("The device [%s] is not running!" % self.device_name)
return uid
if package_name == "":
logger.warning("The name of the package is not specified!")
return uid
uid_lines = subprocess.check_output([
'adb', '-s', self.device_name, 'shell', 'cat',
'/data/system/packages.list'
])
lines = uid_lines.splitlines()
for i in range(
0, len(lines)): #first line just announces the list of devices
words = lines[i].split(' ')
if words[0].strip() == package_name:
uid = int(words[1].strip())
break
logger.debug("The UID of the package [%s] is [%d]" %
(package_name, uid))
return uid
def Run():
global error_occurred
if return_output:
output_dest = subprocess.PIPE
else:
# None means direct to stdout
output_dest = None
if stdin_input:
stdin_dest = subprocess.PIPE
else:
stdin_dest = None
pipe = subprocess.Popen(
cmd,
executable='/bin/bash',
stdin=stdin_dest,
stdout=output_dest,
stderr=subprocess.STDOUT,
shell=True)
pid.append(pipe.pid)
try:
output = pipe.communicate(input=stdin_input)[0]
if output is not None and len(output) > 0:
so.append(output)
except OSError, e:
logger.debug("failed to retrieve stdout from: %s" % cmd)
logger.error(e)
so.append("ERROR")
error_occurred = True
def _process_ntc_query_imsi(self, message, address):
"""process the heartbeat message from client.get the number of 4G Mobile translation modules \
and the number of 4G Union translation modules.
message:type:dict
address:type:tuple
"""
response_imsi_list = []
recv_imsi_list = message.get(MsgKey.imsi)#the type of recv_imsi_list list
if recv_imsi_list is None:
logger.error('package format error %s, from address %s:', str(message), str(address))
return False
#get imsi from imsi_list
for imsi in recv_imsi_list:
table_name, store_code = Tool.parse_imsi(imsi, mnc_2_tablename)#parse imsi,return table_name and store_code in database
try:
row = self.database.query(table_name, store_code)
if row:
pass
else:
response_imsi_list.append(imsi)#返回未查询到的imsi列表
except Exception as e:
logger.error(e.message)
#if response_imsi_list is empty, no response
if response_imsi_list:
self._response(address, id=RspMsgIdValue.ntc_query_imsi_rep,
imsilist=response_imsi_list)
def Run():
global error_occurred
if return_output:
output_dest = subprocess.PIPE
else:
# None means direct to stdout
output_dest = None
if stdin_input:
stdin_dest = subprocess.PIPE
else:
stdin_dest = None
pipe = subprocess.Popen(cmd,
executable='/bin/bash',
stdin=stdin_dest,
stdout=output_dest,
stderr=subprocess.STDOUT,
shell=True)
pid.append(pipe.pid)
try:
output = pipe.communicate(input=stdin_input)[0]
if output is not None and len(output) > 0:
so.append(output)
except OSError, e:
logger.debug("failed to retrieve stdout from: %s" % cmd)
logger.error(e)
so.append("ERROR")
error_occurred = True
def is_alive(self):
logger.debug("Checking if a device [%s] is alive..." %
self.device_name)
if not self.device_name:
logger.error("The device object is not instantiated!")
return False
input_devices = None
try:
input_devices = subprocess.check_output(["adb", "devices"])
except subprocess.CalledProcessError:
logger.error("Could not find the attached device [%s]!" %
self.device_name)
return False
lines = input_devices.splitlines()
for i in range(
1, len(lines)): #first line just announces the list of devices
words = lines[i].split('\t')
if len(words) == 2 and words[1].strip() == 'device':
trimmed = words[0].strip()
if trimmed == self.device_name:
logger.debug("Device [%s] is alive!" % self.device_name)
return True
logger.debug("Device [%s] is not running!" % self.device_name)
return False
def getDeviceForDynAnalysis():
dev_list = Device.get_devices_list()
devNum = len(dev_list)
if devNum <= 0:
logger.error("No device has been detected! Connect your device and restart the application!")
return None
if devNum == 1:
return Device.get_device(dev_list[0])
choice = None
if devNum > 1:
print "Select the device to use for analysis:\n"
for i in xrange(0, devNum):
print "%d. %s\n" % ((i + 1), dev_list[i])
while not choice:
try:
choice = int(raw_input())
if choice not in range(1, devNum+1):
choice = None
print 'Invalid choice! Choose right number!'
except ValueError:
print 'Invalid Number! Choose right number!'
return Device.get_device(dev_list[choice - 1])
def main(options, arguments):
inputApkPath = None
resultsDirPath = None
sourceFilesDirPath = None
if (options.inputApk == None):
logger.error("The path to an input file is not specified! Exiting!")
exit(1)
else:
inputApkPath = options.inputApk
if (options.outputDir == None):
logger.error("The path an output directory is not specified! Exiting!")
exit(1)
else:
resultsDirPath = options.outputDir
if not checkInputFile(inputApkPath):
exit(1)
if not checkOutputPath(resultsDirPath):
exit(1)
sourceFilesDirPath = os.path.join(resultsDirPath, "source_files/")
if not checkOutputPath(sourceFilesDirPath):
exit(1)
# if not copyFileToDir(inputApkPath, sourceFilesDirPath):
# exit(1)
# apkFilename = os.path.basename(inputApkPath)
# copiedApkPath = os.path.join(sourceFilesDirPath, apkFilename)
#starting the analysis
perform_analysis(inputApkPath, resultsDirPath, sourceFilesDirPath)
def start_activity(self, package_name, activity_name):
#adb shell am start -n com.package.name/com.package.name.ActivityName
logger.debug("Starting activity [%s] of the package [%s]..." %
(package_name, activity_name))
if not self.is_alive():
logger.error("The device [%s] is not running!" % self.device_name)
return
if not package_name:
logger.warning("The name of the package is not specified!")
return
if not activity_name:
logger.warning("The name of the activity is not specified!")
return
run_string = package_name + '/' + activity_name
try:
with open(os.devnull, 'w') as f_null:
subprocess.check_call([
'adb', '-s', self.device_name, 'shell', 'am start', '-n',
run_string
],
stderr=f_null)
except subprocess.CalledProcessError:
logger.error("Could not run activity!")
return
def mount_volume(path, password):
logger.info("mounting %s with pw %s" % (path, "****"))
if password == None:
logger.error("cannot mount volume, missing password")
return False
command = ["truecrypt", "-t", "--non-interactive", "--fs-options=user,umask=000", "--mount", path, "-p", password]
logger.debug(" ".join(command))
return subprocess.call(command) == 0
def checkOutputPath(dst):
if os.path.exists(dst):
if not os.path.isdir(dst):
logger.error("[%s] is not a directory!" % dst)
return False
else:
logger.info("The path [%s] does not exist! Creating it!" % dst)
os.makedirs(dst)
return True
def checkOutputPath(dst):
if os.path.exists(dst):
if not os.path.isdir(dst):
logger.error("[%s] is not a directory!" % dst)
return False
else:
logger.info("The path [%s] does not exist! Creating it!" % dst)
os.makedirs(dst)
return True
def makeFileAnalysis(self, file_path):
logger.debug("Performing analysis of file [%s]..." % file_path)
a = None
d = None
dx = None
ret_type = androconf.is_android(file_path)
if ret_type == "APK":
a = apk.APK(file_path)
d = dvm.DalvikVMFormat(a.get_dex())
elif ret_type == "DEX":
try:
d = dvm.DalvikVMFormat(open(file_path, "rb").read())
except Exception as e:
logger.error("[%s] is not valid dex file!" % file_path, e)
return
dx = analysis.VMAnalysis(d)
invokeMethodPaths = analysis.seccon_get_invoke_method_paths(dx)
newInstanceMethodPaths = analysis.seccon_get_newInstance_method_paths(
dx)
dynamicMethodPaths = analysis.seccon_get_dyncode_loading_paths(dx)
if invokeMethodPaths:
t = None
for path in invokeMethodPaths:
src = path.get_src(d.get_class_manager())
dst = path.get_dst(d.get_class_manager())
t = (src, dst)
self._sources_invoke.append(t)
self._uncovered_invoke.append(t)
if newInstanceMethodPaths:
t = None
for path in newInstanceMethodPaths:
src = path.get_src(d.get_class_manager())
dst = path.get_dst(d.get_class_manager())
t = (src, dst)
self._sources_newInstance.append(t)
self._uncovered_newInstance.append(t)
if dynamicMethodPaths:
t = None
for path in dynamicMethodPaths:
src = path.get_src(d.get_class_manager())
dst = path.get_dst(d.get_class_manager())
t = (src, dst)
self._sources_dexload.append(t)
self._uncovered_dexload.append(t)
#building MFG for the file
self._stadynaMcg.analyseFile(dx, a)
def makeFileAnalysis(self, file_path):
logger.debug("Performing analysis of file [%s]..." % file_path)
a = None
d = None
dx = None
ret_type = androconf.is_android(file_path)
if ret_type == "APK":
a = apk.APK(file_path)
d = dvm.DalvikVMFormat(a.get_dex())
elif ret_type == "DEX" :
try :
d = dvm.DalvikVMFormat(open(file_path, "rb").read())
except Exception as e :
logger.error("[%s] is not valid dex file!" % file_path, e)
return
dx = analysis.VMAnalysis(d)
invokeMethodPaths = analysis.seccon_get_invoke_method_paths(dx)
newInstanceMethodPaths = analysis.seccon_get_newInstance_method_paths(dx)
dynamicMethodPaths = analysis.seccon_get_dyncode_loading_paths(dx)
if invokeMethodPaths:
t = None
for path in invokeMethodPaths:
src = path.get_src(d.get_class_manager())
dst = path.get_dst(d.get_class_manager())
t = (src, dst)
self._sources_invoke.append(t)
self._uncovered_invoke.append(t)
if newInstanceMethodPaths:
t = None
for path in newInstanceMethodPaths:
src = path.get_src(d.get_class_manager())
dst = path.get_dst(d.get_class_manager())
t = (src, dst)
self._sources_newInstance.append(t)
self._uncovered_newInstance.append(t)
if dynamicMethodPaths:
t = None
for path in dynamicMethodPaths:
src = path.get_src(d.get_class_manager())
dst = path.get_dst(d.get_class_manager())
t = (src, dst)
self._sources_dexload.append(t)
self._uncovered_dexload.append(t)
#building MFG for the file
self._stadynaMcg.analyseFile(dx, a)
def _decompileApk(self, decompiler, apk, outputDir):
try:
decompiler.decompileApk(apk, outputDir)
except ApkCannotBeDecompiledException as e:
logger.error(e.msg)
return False
except:
logger.error("Unknown error during decompile process! Exit")
return False
return True
def _compileApk(self, compiler, fromDir, apkPath):
success = True
try:
compiler.buildApk(fromDir, apkPath)
except ApktoolBuildException as e:
logger.error("Cannot build apk! %s" % e.msg)
success = False
except:
logger.error("Cannot build apk!")
success = False
return success
def failLoadBalancerProbes():
logger.info("Failing Health Probes")
try:
kill_health_probe = config.get('shell-commands', 'kill_health_probe_process')
# Delete all cron jobs
kill_process = os.system(kill_health_probe)
if kill_process is not 0:
logger.error("Error killing health probe")
except:
logger.error("Error in failing health probe")
def _query_database(self, table_name, store_code):
"""query data from database of table named table_name.
table_name:type:string
store_code:type:string
"""
row = None
try:
ret = self.database.query(table_name, store_code) # 根据表名和存储的代码查询数据库
return ret
except Exception as e:
logger.error(str(e.args) + str(e.message))
def _decompileApk(self, decompiler, apk, outputDir):
try:
decompiler.decompileApk(apk, outputDir)
except ApkCannotBeDecompiledException as e:
logger.error(e.msg)
return False
except:
logger.error("Unknown error during decompile process! Exit")
return False
return True
def _signApk(self, signer, unsignedApkFile, signedApkFile):
success = True
try:
signer.signApk(unsignedApkFile, signedApkFile)
except SignApkException as e:
logger.error("Cannot sign apk! %s" % e.msg)
success = False
except:
logger.error("Cannot sign apk!")
success = False
return success
def _instrAndroidManifest(self, instrumenter, initAndroidManifest, instrAndroidManifest=None, addSdCardPermission=True):
success = True
try:
instrumenter.instrumentAndroidManifestFile(initAndroidManifest, instrAndroidManifest, addSdCardPermission)
except IllegalArgumentException as e:
logger.error("Cannot instrument AndroidManifest file. %s" % e.msg)
success = False
except:
logger.error("Cannot instrument AndroidManifest file!")
success = False
return success
def _alignApk(self, aligner, unalignedApkFile, alignedApkFile):
success = True
try:
aligner.alignApk(unalignedApkFile, alignedApkFile)
except AlignApkException as e:
logger.error("Cannot align apk! %s" % e.msg)
success = False
except:
logger.error("Cannot align apk!")
success = False
return success
def _alignApk(self, aligner, unalignedApkFile, alignedApkFile):
success = True
try:
aligner.alignApk(unalignedApkFile, alignedApkFile)
except AlignApkException as e:
logger.error("Cannot align apk! %s" % e.msg)
success = False
except:
logger.error("Cannot align apk!")
success = False
return success
def _signApk(self, signer, unsignedApkFile, signedApkFile):
success = True
try:
signer.signApk(unsignedApkFile, signedApkFile)
except SignApkException as e:
logger.error("Cannot sign apk! %s" % e.msg)
success = False
except:
logger.error("Cannot sign apk!")
success = False
return success
def _compileApk(self, compiler, fromDir, apkPath):
success = True
try:
compiler.buildApk(fromDir, apkPath)
except ApktoolBuildException as e:
logger.error("Cannot build apk! %s" % e.msg)
success = False
except:
logger.error("Cannot build apk!")
success = False
return success
def stopCustomMetricFlow():
logger.info("Stopping the Custom Metrics")
removeCrontab = config.get('shell-commands', 'remove_all_crontab')
#removeCrontab = "crontab -r"
logger.info("Deleting all cron jobs")
# Delete all cron jobs
areCronsRemoved = os.system(removeCrontab)
if areCronsRemoved is not 0:
logger.error("Error deleting Cron jobs, health probe will not fail")
def _checkProvidedApk(self, pathToApk):
'''
This methods validates the provided apk file.
Raises:
ApkIsNotValidException: if the provided apk file is not correct
'''
(valid, error) = apk_utils.checkInputApkFile(pathToApk)
if not valid:
logger.error("Path %s points to the invalid apk file! ERROR:%s" % (pathToApk, error))
return valid
return valid
def addDexloadPath(self, src, through, filename):
src_class_name, src_method_name, src_descriptor = src
through_class_name, through_method_name, through_descriptor = through
key = "%s %s %s %s %s %s %s" % (src_class_name, src_method_name, src_descriptor, through_class_name, through_method_name, through_descriptor, POSTFIX_DEXLOAD)
n1 = self._get_existed_node(key)
if n1 == None:
logger.error("Something wrong has happened! Could not find Node in Graph with key [%s]" % str(key))
return
n2 = self._get_node(NODE_FAKE_DEXLOAD_FILE, filename, filename, False)
n2.set_attribute(ATTR_DEXLOAD_FILENAME, filename)
self.G.add_edge(n1.id, n2.id)
def installApkOnDevice(self):
if not self._bboxStateMachine.isTransitionPossible(STATE_APK_INSTALLED):
logger.error("Cannot install apk on device because the environment is not initialized!")
return
#selecting device for execution
self.bboxExecutor.selectExecutionDevice()
try:
self.bboxExecutor.installApkOnDevice(self.instrumentedApk)
except ApkCannotBeInstalledException as e:
logger.error("Cannot install instrumented apk. %s" % e.msg)
return
self._bboxStateMachine.transitToState(STATE_APK_INSTALLED)
def _checkProvidedApk(self, pathToApk):
'''
This methods validates the provided apk file.
Raises:
ApkIsNotValidException: if the provided apk file is not correct
'''
(valid, error) = apk_utils.checkInputApkFile(pathToApk)
if not valid:
logger.error("Path %s points to the invalid apk file! ERROR:%s" %
(pathToApk, error))
return valid
return valid
def _get_existed_node(self, key):
node_key = None
if isinstance(key, basestring):
node_key = key
elif isinstance(key, tuple):
node_key = "%s %s %s" % key
else:
logger.error("Unknown instance type of key!!!")
try:
return self.nodes[node_key]
except KeyError:
logger.error("Could not find existed node [%s]!" % node_key)
return None
def checkInputFile(inputPath):
logger.debug("Checking input path [%s]..." % inputPath)
if not os.path.isfile(inputPath):
logger.error("Input path [%s] does not point to a file!" % inputPath)
return False
logger.debug("The path [%s] point to the file!" % inputPath)
ret_type = androconf.is_android(inputPath)
if ret_type != "APK":
logger.error("Input file [%s] is not APK file!" % inputPath)
return False
logger.debug("File [%s] is an APK file!" % inputPath)
return True
def startTesting(self):
if not self._bboxStateMachine.isTransitionPossible(STATE_APK_TEST_STARTED):
logger.error("Cannot start testing apk on a device!")
return
self.deviceReportFolder = os.path.join(DEVICE_REPORT_FOLDER_PATH, self.packageName)
self.bboxExecutor.selectExecutionDevice()
self.bboxExecutor.startOndeviceTesting(packageName=self.packageName,
runnerName=self.runnerName,
coverage=True,
reportFolder=self.deviceReportFolder,
proceedOnError=True,
generateCoverageReportOnError=True)
self._bboxStateMachine.transitToState(STATE_APK_TEST_STARTED)
def _response(cls, address, **kwargs):
"""send data to client.
address:type:tuple
"""
_send = cls.sock.sendto
packet = {}
for key,value in kwargs.items():
packet[key] = value
try:
_send(json.dumps(packet), address)
logger.debug('send' + str(json.dumps(packet)) + str(address))
except socket.timeout as e:
logger.error('send ' + str(json.dumps(packet)) + 'falied ' + e)
def _get_existed_node(self, key):
node_key = None
if isinstance(key, basestring):
node_key = key
elif isinstance(key, tuple):
node_key = "%s %s %s" % key
else:
logger.error("Unknown instance type of key!!!")
try:
return self.nodes[node_key]
except KeyError:
logger.error("Could not find existed node [%s]!" % node_key)
return None
def checkInputFile(inputPath):
logger.debug("Checking input path [%s]..." % inputPath)
if not os.path.isfile(inputPath):
logger.error("Input path [%s] does not point to a file!" % inputPath)
return False
logger.debug("The path [%s] point to the file!" % inputPath)
ret_type = androconf.is_android(inputPath)
if ret_type != "APK":
logger.error("Input file [%s] is not APK file!" % inputPath)
return False
logger.debug("File [%s] is an APK file!" % inputPath)
return True
def query(self, table_name, value):
"""query database table.
table_name:type:string
value:type:string
"""
sql = "SELECT IMSI FROM " + str(table_name) + " WHERE IMSI=%s" % value
try:
cu = self.conn.cursor()
cu.execute(sql)
row = cu.fetchone()
return row
except Exception as e:
logger.error(e)
cu.close()
def clean_logcat(self):
logger.debug("Cleaning logcat...")
if not self.is_alive():
logger.error("The device [%s] is not running!" % self.device_name)
return
try:
with open(os.devnull, 'w') as f_null:
subprocess.check_call(['adb', '-s', self.device_name, 'logcat', '-c'], stderr=f_null)
except subprocess.CalledProcessError:
logger.error("Could not clean logcat!")
return
logger.debug("Logcat is cleaned!")
def _get_node(self, nType, key, label=None, real=True):
node_key = None
if isinstance(key, basestring):
node_key = key
elif isinstance(key, tuple):
node_key = "%s %s %s" % key
else:
logger.error("Unknown instance type of key!!!")
if node_key not in self.nodes.keys():
new_node = NodeS(len(self.nodes), nType, node_key, label, real)
self.nodes[node_key] = new_node
self.nodes_id[new_node.id] = new_node
return self.nodes[node_key]
def generateReport(self, reportFiles=[], reportName=None, reportType=EMMA_REPORT.XML):
if not reportFiles:
logger.error("No report files are provided!")
return
self.bboxReporter.cleanMetaFiles()
self.bboxReporter.cleanReportFiles()
self.bboxReporter.addMetaFile(self.coverageMetadataFile)
for rFile in reportFiles:
self.bboxReporter.addReportFile(rFile)
reportsRoot = os.path.join(self.apkResultsDir, self.config.getReportsRelativeDir())
where = self._createReportResultsDir(reportsRoot, "report_%s" % reportType)
self.bboxReporter.generateEmmaReport(where, reportName, reportType)
def startServiceExplicitly(self, package_name, service_name):
#adb shell am start -n com.package.name/com.package.name.ActivityName
logger.debug("Starting service [%s] from the package [%s]..." % (package_name, service_name))
if not package_name:
logger.error("The name of the package is not specified!")
return
if not service_name:
logger.error("The name of the activity is not specified!")
return
run_string = package_name + '/' + service_name
cmd = "am startservice -n %s" % run_string
self.sendShellCommand(cmd)
def copyFileToDir(src, dst):
logger.debug("Coping file [%s] to output directory [%s]..." % (os.path.basename(src), dst))
if not os.path.isfile(src):
logger.debug("[%s] is not a file! Cannot be copied!" % src)
return False
try:
shutil.copy2(src, dst)
except Exception as e:
logger.error(e)
logger.error("Could not copy file [%s] to directory [%s]!" % (src, dst))
return False
logger.debug("File [%s] has been copied to directory [%s] successfully!" % (src, dst))
return True
def _get_node(self, nType, key, label=None, real=True):
node_key = None
if isinstance(key, basestring):
node_key = key
elif isinstance(key, tuple):
node_key = "%s %s %s" % key
else:
logger.error("Unknown instance type of key!!!")
if node_key not in self.nodes.keys():
new_node = NodeS(len(self.nodes), nType, node_key, label, real)
self.nodes[node_key] = new_node
self.nodes_id[new_node.id] = new_node
return self.nodes[node_key]
def startServiceExplicitly(self, package_name, service_name):
#adb shell am start -n com.package.name/com.package.name.ActivityName
logger.debug("Starting service [%s] from the package [%s]..." %
(package_name, service_name))
if not package_name:
logger.error("The name of the package is not specified!")
return
if not service_name:
logger.error("The name of the activity is not specified!")
return
run_string = package_name + '/' + service_name
cmd = "am startservice -n %s" % run_string
self.sendShellCommand(cmd)
def installApkOnDevice(self):
if not self._bboxStateMachine.isTransitionPossible(
STATE_APK_INSTALLED):
logger.error(
"Cannot install apk on device because the environment is not initialized!"
)
return
#selecting device for execution
self.bboxExecutor.selectExecutionDevice()
try:
self.bboxExecutor.installApkOnDevice(self.instrumentedApk)
except ApkCannotBeInstalledException as e:
logger.error("Cannot install instrumented apk. %s" % e.msg)
return
self._bboxStateMachine.transitToState(STATE_APK_INSTALLED)
def clean_logcat(self):
logger.debug("Cleaning logcat...")
if not self.is_alive():
logger.error("The device [%s] is not running!" % self.device_name)
return
try:
with open(os.devnull, 'w') as f_null:
subprocess.check_call(
['adb', '-s', self.device_name, 'logcat', '-c'],
stderr=f_null)
except subprocess.CalledProcessError:
logger.error("Could not clean logcat!")
return
logger.debug("Logcat is cleaned!")
def get_logcat(self, tag = None, level = None):
logger.debug("Attaching to a logcat pipe...")
if not self.is_alive():
logger.error("The device [%s] is not running!" % self.device_name)
return None
if tag == None: tag = '*'
if level == None: level = 'V'
if level.upper() not in Device.LOG_LEVELS:
logger.error("The log level %s is not specified correctly!" % str(level))
command = ['adb', '-s', self.device_name, 'logcat', '%s:%s' % (tag, level)]
if tag != '*':
command.append('*:S')
return subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=None)
def addNewInstancePath(self, src, through, dst):
src_class_name, src_method_name, src_descriptor = src
dst_class_name, dst_method_name, dst_descriptor = dst
through_class_name, through_method_name, through_descriptor = through
key = "%s %s %s %s %s %s %s" % (
src_class_name, src_method_name, src_descriptor,
through_class_name, through_method_name, through_descriptor,
POSTFIX_REFL_NEWINSTANCE)
n1 = self._get_existed_node(key)
if n1 == None:
logger.error(
"Something wrong has happened! Could not find Node in Graph with key [%s]"
% str(key))
return
n2 = self._get_node(NODE_CONSTRUCTOR,
(dst_class_name, dst_method_name, dst_descriptor))
n2.set_attribute(ATTR_CLASS_NAME, dst_class_name)
n2.set_attribute(ATTR_METHOD_NAME, dst_method_name)
n2.set_attribute(ATTR_DESCRIPTOR, dst_descriptor)
self.G.add_edge(n1.id, n2.id)
#we also need to add link to the class node
#TODO: Think in the future what to do with this
n_class = self._get_node(NODE_FAKE_CLASS, dst_class_name, None, False)
n_class.set_attribute(ATTR_CLASS_NAME, dst_class_name)
self.G.add_edge(n_class.id, n2.id)
#checking if we need to add additional permission nodes
data = "%s-%s-%s" % (dst_class_name, dst_method_name, dst_descriptor)
if data in DVM_PERMISSIONS_BY_API_CALLS:
logger.info(
"BINGOOOOOOO! The protected method is called through reflection!"
)
perm = DVM_PERMISSIONS_BY_API_CALLS[data]
key1 = "%s %s %s %s %s %s %s %s" % (
through_class_name, through_method_name, through_descriptor,
dst_class_name, dst_method_name, dst_descriptor, POSTFIX_PERM,
perm)
n3 = self._get_node(NODE_FAKE_PERMISSION, key1, perm, False)
n3.set_attribute(ATTR_CLASS_NAME, dst_class_name)
n3.set_attribute(ATTR_METHOD_NAME, dst_method_name)
n3.set_attribute(ATTR_DESCRIPTOR, dst_descriptor)
n3.set_attribute(ATTR_PERM_NAME, perm)
n3.set_attribute(ATTR_PERM_LEVEL, MANIFEST_PERMISSIONS[perm][0])
self.G.add_edge(n2.id, n3.id)
def startTesting(self):
if not self._bboxStateMachine.isTransitionPossible(
STATE_APK_TEST_STARTED):
logger.error("Cannot start testing apk on a device!")
return
self.deviceReportFolder = os.path.join(DEVICE_REPORT_FOLDER_PATH,
self.packageName)
self.bboxExecutor.selectExecutionDevice()
self.bboxExecutor.startOndeviceTesting(
packageName=self.packageName,
runnerName=self.runnerName,
coverage=True,
reportFolder=self.deviceReportFolder,
proceedOnError=True,
generateCoverageReportOnError=True)
self._bboxStateMachine.transitToState(STATE_APK_TEST_STARTED)
def _instrAndroidManifest(self,
instrumenter,
initAndroidManifest,
instrAndroidManifest=None,
addSdCardPermission=True):
success = True
try:
instrumenter.instrumentAndroidManifestFile(initAndroidManifest,
instrAndroidManifest,
addSdCardPermission)
except IllegalArgumentException as e:
logger.error("Cannot instrument AndroidManifest file. %s" % e.msg)
success = False
except:
logger.error("Cannot instrument AndroidManifest file!")
success = False
return success
def get_devices_list():
logger.debug("Getting the list of running devices...")
devices = []
input_devices = None
try:
input_devices = subprocess.check_output(["adb", "devices"])
except subprocess.CalledProcessError:
logger.error("Could not find attached devices!")
return devices
lines = input_devices.splitlines()
for i in range(0,len(lines)): #first line just announces the list of devices
words = lines[i].split('\t')
if len(words) == 2 and words[1].strip() == 'device':
devices.append(words[0].strip())
logger.debug("Device list:\n[%s]", '\n'.join(devices))
return devices
def install_package(self, apk_path):
logger.debug("Installing application [%s]..." % apk_path)
if not self.is_alive():
logger.error("The device [%s] is not running!" % str(self.device_name))
return False
if apk_path == "":
logger.warning("The path to the application to install is not specified!")
return False
try:
with open(os.devnull, 'w') as f_null:
subprocess.check_call(["adb", "-s", self.device_name, "install", "-r", apk_path], stderr=f_null)
except subprocess.CalledProcessError:
logger.error("Could not install application [%s] on the device!" % apk_path)
return False
logger.debug("Application [%s] is installed!" % apk_path)
return True
def get_file(self, what, to_dir):
logger.debug("Coping file [%s] from device to directory [%s]..." % (what, to_dir))
if not self.is_alive():
logger.error("The device [%s] is not running!" % self.device_name)
return False
if what == "":
logger.warning("The name of the file to download is not specified!")
return False
try:
with open(os.devnull, 'w') as f_null:
subprocess.check_call(["adb", "-s", self.device_name, "pull", what, to_dir], stderr=f_null)
except subprocess.CalledProcessError:
logger.error("Could not download file [%s] from the device!" % what)
return False
logger.debug("File [%s] is downloaded!" % what)
return True
def get_package_uid(self, package_name):
logger.debug("Getting UID of the package [%s]..." % package_name)
uid = -1
if not self.is_alive():
logger.error("The device [%s] is not running!" % self.device_name)
return uid
if package_name == "":
logger.warning("The name of the package is not specified!")
return uid
uid_lines = subprocess.check_output(['adb', '-s', self.device_name, 'shell', 'cat', '/data/system/packages.list'])
lines = uid_lines.splitlines()
for i in range(0,len(lines)): #first line just announces the list of devices
words = lines[i].split(' ')
if words[0].strip() == package_name:
uid = int(words[1].strip())
break
logger.debug("The UID of the package [%s] is [%d]" % (package_name, uid))
return uid
def processDexLoadMsg(device, resultsDirPath, stadynaAnalyser, stadynaMsg):
logger.debug("Processing OP_DEX_LOAD message...")
#call to str is required to omit 'u' symbol before the strings
source = str(stadynaMsg.get(consts.JSON_DEX_SOURCE))
output = str(stadynaMsg.get(consts.JSON_DEX_OUTPUT))
# source = stadynaMsg.get(consts.JSON_DEX_SOURCE)
# output = stadynaMsg.get(consts.JSON_DEX_OUTPUT)
stack = utils.transformStack(stadynaMsg.get(consts.JSON_STACK))
if not device.get_file(source, resultsDirPath):
logger.error("Could not get file [%s] from the device for analysis!" % source)
return
_, fileName = os.path.split(source)
anFilePath = os.path.join(resultsDirPath, fileName)
if not (os.path.exists(anFilePath)):
logger.error("There is no local file [%s] to analyse!" % anFilePath)
return
stadynaAnalyser.processDexLoad(anFilePath, source, output, stack)
logger.debug("OP_DEX_LOAD message processed!")
def getDeviceSerialsList():
logger.debug("Getting the list of running deviceSerials...")
deviceSerials = []
input_devices = None
try:
input_devices = runCommand("adb devices")
except WaitForResponseTimedOutError:
logger.error("Command timeout exception!")
return deviceSerials
except:
logger.error("Could not find attached devices!")
return deviceSerials
lines = input_devices.splitlines()
for i in range(0,len(lines)): #first line just announces the list of deviceSerials
words = lines[i].split('\t')
if (len(words) == 2 and (words[1].strip() == 'device' or words[1].strip() == 'offline')):
deviceSerials.append(words[0].strip())
logger.debug("Device list: %s", deviceSerials)
return deviceSerials
def stopTesting(self, localReportFolderName=None, paramsToWrite=None):
if not self._bboxStateMachine.isTransitionPossible(STATE_APK_FINISHED_TESTING):
logger.error("Cannot stop testing because it is not started!")
return
# currentDateTime = datetime.datetime.now()
# reportTimePrefix = currentDateTime.strftime("%Y_%m_%d__%H_%M_%S")
# coverageReportName = "%s___%s" % (reportTimePrefix, "coverage.ec")
# reportFileOnDevice = "%s/%s" % (DEVICE_REPORT_FOLDER_PATH, coverageReportName)
# reportLocally = os.path.join(self.runtimeReportsRootDir, coverageReportName)
if not localReportFolderName:
localReportFolderName="test"
localReportFolder = self._createDir(self.runtimeReportsRootDir, localReportFolderName, True, False)
self.bboxExecutor.stopOndeviceTesting(cancelAnalysis=False)
time.sleep(3) #waiting for several seconds for report to be generated
# success = self.bboxExecutor.getFileFromDevice(reportFileOnDevice, reportLocally)
success = self.bboxExecutor.getFileFromDevice(self.deviceReportFolder, localReportFolder)
if not success:
self.bboxExecutor.removeFile(self.deviceReportFolder)
return None
if paramsToWrite:
params_config = ConfigParser.ConfigParser()
params_config.add_section(PARAMS_SECTION)
for param in iteritems(paramsToWrite):
params_config.set(PARAMS_SECTION, param[0], param[1])
with open(os.path.join(localReportFolder, "parameters.txt"), "w") as param_file:
params_config.write(param_file)
self.bboxExecutor.removeFile(self.deviceReportFolder)
self._bboxStateMachine.transitToState(STATE_APK_FINISHED_TESTING)
return localReportFolder
