def download_data(request, api=False): """Download Application Data from Device.""" logger.info('Downloading app data') data = {} try: env = Environment() md5_hash = request.POST['hash'] if not is_md5(md5_hash): return invalid_params(api) package = get_package_name(md5_hash) if not package: data = { 'status': 'failed', 'message': 'App details not found in database' } return send_response(data, api) apk_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/') httptools_url = get_http_tools_url(request) stop_httptools(httptools_url) files_loc = '/data/local/' logger.info('Archiving files created by app') env.adb_command([ 'tar', '-cvf', files_loc + package + '.tar', '/data/data/' + package + '/' ], True) logger.info('Downloading Archive') env.adb_command( ['pull', files_loc + package + '.tar', apk_dir + package + '.tar']) logger.info('Stopping ADB server') env.adb_command(['kill-server']) data = {'status': 'ok'} except Exception as exp: logger.exception('Downloading application data') data = {'status': 'failed', 'message': str(exp)} return send_response(data, api)
def instrument(request, api=False): """Instrument app with frida.""" data = {} try: logger.info('Starting Instrumentation') md5_hash = request.POST['hash'] default_hooks = request.POST['default_hooks'] auxiliary_hooks = request.POST['auxiliary_hooks'] code = request.POST['frida_code'] # Fill extras extras = {} class_name = request.POST.get('class_name') if class_name: extras['class_name'] = class_name.strip() class_search = request.POST.get('class_search') if class_search: extras['class_search'] = class_search.strip() cls_trace = request.POST.get('class_trace') if cls_trace: extras['class_trace'] = cls_trace.strip() if (is_attack_pattern(default_hooks) or not is_md5(md5_hash)): return invalid_params(api) package = get_package_name(md5_hash) if not package: return invalid_params(api) frida_obj = Frida(md5_hash, package, default_hooks.split(','), auxiliary_hooks.split(','), extras, code) trd = threading.Thread(target=frida_obj.connect) trd.daemon = True trd.start() data = {'status': 'ok'} except Exception as exp: logger.exception('Instrumentation failed') data = {'status': 'failed', 'message': str(exp)} return send_response(data, api)
def tls_tests(request, api=False): """Perform TLS tests.""" logger.info('Running TLS/SSL Security tests') data = {} package = None try: test_duration = 25 test_package = 'tls_tests' env = Environment() md5_hash = request.POST['hash'] if not is_md5(md5_hash): return invalid_params(api) package = get_package_name(md5_hash) if not package: data = { 'status': 'failed', 'message': 'App details not found in database' } return send_response(data, api) res = run_tls_tests( request, md5_hash, env, package, test_package, test_duration, ) data = {'status': 'ok', 'tls_tests': res} except Exception as exp: logger.exception('Checking Application Security in Transit') data = {'status': 'failed', 'message': str(exp)} finally: logger.info('Test Completed. Resuming HTTPS Proxy') env.configure_proxy(package, request) return send_response(data, api)
def view_report(request, checksum, api=False): """Dynamic Analysis Report Generation.""" logger.info('Dynamic Analysis Report Generation') try: droidmon = {} apimon = {} if not is_md5(checksum): # We need this check since checksum is not validated # in REST API return print_n_send_error_response( request, 'Invalid Parameters', api) package = get_package_name(checksum) if not package: return print_n_send_error_response( request, 'Invalid Parameters', api) app_dir = os.path.join(settings.UPLD_DIR, checksum + '/') download_dir = settings.DWD_DIR if not is_file_exists(os.path.join(app_dir, 'logcat.txt')): msg = ('Dynamic Analysis report is not available ' 'for this app. Perform Dynamic Analysis ' 'and generate the report.') return print_n_send_error_response(request, msg, api) fd_log = os.path.join(app_dir, 'mobsf_frida_out.txt') droidmon = droidmon_api_analysis(app_dir, package) apimon = apimon_analysis(app_dir) analysis_result = run_analysis(app_dir, checksum, package) generate_download(app_dir, checksum, download_dir, package) images = get_screenshots(checksum, download_dir) context = {'hash': checksum, 'emails': analysis_result['emails'], 'urls': analysis_result['urls'], 'domains': analysis_result['domains'], 'clipboard': analysis_result['clipboard'], 'xml': analysis_result['xml'], 'sqlite': analysis_result['sqlite'], 'others': analysis_result['other_files'], 'tls_tests': analysis_result['tls_tests'], 'screenshots': images['screenshots'], 'activity_tester': images['activities'], 'exported_activity_tester': images['exported_activities'], 'droidmon': droidmon, 'apimon': apimon, 'frida_logs': is_file_exists(fd_log), 'package': package, 'version': settings.MOBSF_VER, 'title': 'Dynamic Analysis'} template = 'dynamic_analysis/android/dynamic_report.html' if api: return context return render(request, template, context) except Exception as exp: logger.exception('Dynamic Analysis Report Generation') err = 'Error Geneating Dynamic Analysis Report. ' + str(exp) return print_n_send_error_response(request, err, api)
def get_runtime_dependencies(request, api=False): """Get App runtime dependencies.""" data = { 'status': 'failed', 'message': 'Failed to get runtime dependencies'} try: checksum = request.POST['hash'] if not is_md5(checksum): return invalid_params(api) package = get_package_name(checksum) if not package: return invalid_params(api) get_dependencies(package, checksum) return send_response( {'status': 'ok'}, api) except Exception: pass return send_response(data, api)
def trigger_static_analysis(request, checksum): """On device APK Static Analysis.""" try: identifier = None if not is_md5(checksum): return print_n_send_error_response( request, 'Invalid MD5') package = get_package_name(checksum) if not package: return print_n_send_error_response( request, 'Cannot get package name from checksum') try: identifier = get_device() except Exception: pass if not identifier: err = 'Cannot connect to Android Runtime' return print_n_send_error_response(request, err) env = Environment(identifier) apk_file = env.get_apk(checksum, package) if not apk_file: err = 'Failed to download APK file' return print_n_send_error_response(request, err) data = { 'analyzer': 'static_analyzer', 'status': 'success', 'hash': checksum, 'scan_type': 'apk', 'file_name': f'{package}.apk', } add_to_recent_scan(data) return HttpResponseRedirect( f'/static_analyzer/?name=' # lgtm [py/url-redirection] f'{package}.apk&checksum={checksum}' f'&type=apk') except Exception: msg = 'On device APK Static Analysis' logger.exception(msg) return print_n_send_error_response(request, msg)
def collect_logs(request, api=False): """Collecting Data and Cleanup.""" logger.info('Collecting Data and Cleaning Up') data = {} try: env = Environment() md5_hash = request.POST['hash'] if not is_md5(md5_hash): return invalid_params(api) package = get_package_name(md5_hash) if not package: data = { 'status': 'failed', 'message': 'App details not found in database' } return send_response(data, api) apk_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/') lout = os.path.join(apk_dir, 'logcat.txt') dout = os.path.join(apk_dir, 'dump.txt') logger.info('Downloading logcat logs') logcat = env.adb_command(['logcat', '-d', package + ':V', '*:*']) with open(lout, 'wb') as flip: flip.write(logcat) logger.info('Downloading dumpsys logs') dumpsys = env.adb_command(['dumpsys'], True) with open(dout, 'wb') as flip: flip.write(dumpsys) if env.get_android_version() < 5: download_xposed_log(apk_dir) env.adb_command(['am', 'force-stop', package], True) logger.info('Stopping app') # Unset Global Proxy env.unset_global_proxy() data = {'status': 'ok'} except Exception as exp: logger.exception('Data Collection & Clean Up failed') data = {'status': 'failed', 'message': str(exp)} return send_response(data, api)
def dynamic_analyzer(request, checksum, api=False): """Android Dynamic Analyzer Environment.""" logger.info('Creating Dynamic Analysis Environment') try: no_device = False if not is_md5(checksum): # We need this check since checksum is not validated # in REST API return print_n_send_error_response(request, 'Invalid Parameters', api) package = get_package_name(checksum) if not package: return print_n_send_error_response(request, 'Invalid Parameters', api) try: identifier = get_device() except Exception: no_device = True if no_device or not identifier: msg = ('Is the android instance running? MobSF cannot' ' find android instance identifier. ' 'Please run an android instance and refresh' ' this page. If this error persists,' ' set ANALYZER_IDENTIFIER in ' f'{get_config_loc()}') return print_n_send_error_response(request, msg, api) env = Environment(identifier) if not env.connect_n_mount(): msg = 'Cannot Connect to ' + identifier return print_n_send_error_response(request, msg, api) version = env.get_android_version() logger.info('Android Version identified as %s', version) xposed_first_run = False if not env.is_mobsfyied(version): msg = ('This Android instance is not MobSfyed/Outdated.\n' 'MobSFying the android runtime environment') logger.warning(msg) if not env.mobsfy_init(): return print_n_send_error_response( request, 'Failed to MobSFy the instance', api) if version < 5: xposed_first_run = True if xposed_first_run: msg = ('Have you MobSFyed the instance before' ' attempting Dynamic Analysis?' ' Install Framework for Xposed.' ' Restart the device and enable' ' all Xposed modules. And finally' ' restart the device once again.') return print_n_send_error_response(request, msg, api) # Clean up previous analysis env.dz_cleanup(checksum) # Configure Web Proxy env.configure_proxy(package) # Supported in Android 5+ env.enable_adb_reverse_tcp(version) # Apply Global Proxy to device env.set_global_proxy(version) # Start Clipboard monitor env.start_clipmon() # Get Screen Resolution screen_width, screen_height = env.get_screen_res() apk_path = Path(settings.UPLD_DIR) / checksum / f'{checksum}.apk' # Install APK status, output = env.install_apk(apk_path.as_posix(), package) if not status: # Unset Proxy env.unset_global_proxy() msg = (f'This APK cannot be installed. Is this APK ' f'compatible the Android VM/Emulator?\n{output}') return print_n_send_error_response(request, msg, api) logger.info('Testing Environment is Ready!') context = { 'screen_witdth': screen_width, 'screen_height': screen_height, 'package': package, 'hash': checksum, 'android_version': version, 'version': settings.MOBSF_VER, 'title': 'Dynamic Analyzer' } template = 'dynamic_analysis/android/dynamic_analyzer.html' if api: return context return render(request, template, context) except Exception: logger.exception('Dynamic Analyzer') return print_n_send_error_response(request, 'Dynamic Analysis Failed.', api)