def download_data(request, api=False):
"""Download Application Data from Device."""
logger.info('Downloading app data')
data = {}
try:
env = Environment()
md5_hash = request.POST['hash']
if not is_md5(md5_hash):
return invalid_params(api)
package = get_package_name(md5_hash)
if not package:
data = {
'status': 'failed',
'message': 'App details not found in database'
}
return send_response(data, api)
apk_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/')
httptools_url = get_http_tools_url(request)
stop_httptools(httptools_url)
files_loc = '/data/local/'
logger.info('Archiving files created by app')
env.adb_command([
'tar', '-cvf', files_loc + package + '.tar',
'/data/data/' + package + '/'
], True)
logger.info('Downloading Archive')
env.adb_command(
['pull', files_loc + package + '.tar', apk_dir + package + '.tar'])
logger.info('Stopping ADB server')
env.adb_command(['kill-server'])
data = {'status': 'ok'}
except Exception as exp:
logger.exception('Downloading application data')
data = {'status': 'failed', 'message': str(exp)}
return send_response(data, api)
def configure_proxy(self, project, request):
"""HTTPS Proxy."""
self.install_mobsf_ca('install')
proxy_port = settings.PROXY_PORT
logger.info('Starting HTTPs Proxy on %s', proxy_port)
httptools_url = get_http_tools_url(request)
stop_httptools(httptools_url)
start_proxy(proxy_port, project)
def httptools_start(request):
"""Start httprools UI."""
logger.info('Starting httptools Web UI')
try:
httptools_url = get_http_tools_url(request)
stop_httptools(httptools_url)
start_httptools_ui(settings.PROXY_PORT)
time.sleep(3)
logger.info('httptools UI started')
if request.GET['project']:
project = request.GET['project']
else:
project = ''
url = f'{httptools_url}/dashboard/{project}'
return HttpResponseRedirect(
url) # lgtm [py/reflective-xss] lgtm [py/url-redirection]
except Exception:
logger.exception('Starting httptools Web UI')
err = 'Error Starting httptools UI'
return print_n_send_error_response(request, err)
def run_tls_tests(request, md5_hash, env, package, test_pkg, duration):
"""Run all TLS test cases."""
test_status = {
'tls_misconfigured': False,
'no_tls_pin_or_transparency': False,
'pin_or_transparency_bypassed': False,
'has_cleartext': False,
}
version = env.get_android_version()
env.enable_adb_reverse_tcp(version)
env.set_global_proxy(version)
"""Run TLS Tests."""
# Test 1: Remove Root CA, Run App, No TLS Pinning Bypass
env.adb_command(['am', 'force-stop', package], True)
logger.info('Running TLS Misconfiguration Test')
env.configure_proxy(test_pkg, request)
env.install_mobsf_ca('remove')
env.run_app(package)
env.wait(duration)
stop_httptools(get_http_tools_url(request))
traffic = get_traffic(test_pkg)
res = detect_traffic(traffic)
if res['http']:
test_status['has_cleartext'] = True
if res['https']:
test_status['tls_misconfigured'] = True
# Test 2: Install Root CA, Run App, No TLS Pinning Bypass
env.adb_command(['am', 'force-stop', package], True)
logger.info('Running TLS Pinning/Certificate Transparency Test')
env.configure_proxy(test_pkg, request)
env.run_app(package)
env.wait(duration)
stop_httptools(get_http_tools_url(request))
traffic = get_traffic(test_pkg)
res = detect_traffic(traffic)
if res['http']:
test_status['has_cleartext'] = True
if res['https']:
test_status['no_tls_pin_or_transparency'] = True
# Test 3: MobSF TLS Pinning Bypass Check
env.adb_command(['am', 'force-stop', package], True)
logger.info('Running TLS Pinning/Certificate Transparency Bypass Test')
env.configure_proxy(test_pkg, request)
frd = Frida(
md5_hash,
package,
['ssl_pinning_bypass', 'debugger_check_bypass', 'root_bypass'],
None,
None,
None,
)
trd = threading.Thread(target=frd.connect)
trd.daemon = True
trd.start()
env.wait(duration)
stop_httptools(get_http_tools_url(request))
traffic = get_traffic(test_pkg)
res = detect_traffic(traffic)
if res['http']:
test_status['has_cleartext'] = True
if res['https']:
test_status['pin_or_transparency_bypassed'] = True
env.adb_command(['am', 'force-stop', package], True)
out = Path(settings.UPLD_DIR) / md5_hash / 'mobsf_tls_tests.json'
with out.open('w', encoding='utf-8') as target:
dump(test_status, target)
return test_status
