def findLayout(path):
foundButtons = []
foundButtons.append([])
for (dirpath, dirnames, filenames) in os.walk(path):
for dirname in dirnames:
if dirname == "layout":
xml_files = common.find_xml(path + "/" + dirname)
if common.source_or_apk == 1:
for x in xml_files:
try:
common.readLayoutFiles(x)
except Exception as e:
common.logger.warning(
"There was a problem trying to read the xml resource files, during the TapJacking checking. If you're using a decompiled APK, we're still working on this feature. You can still check manually by building our exploit APK."
)
else:
for x in xml_files:
button = minidom.parse(x)
for node in button.getElementsByTagName("Button"):
if "android:FilterTouchesWhenObscured" in node.attributes.keys():
if node.attributes["android:FilterTouchesWhenObscured"].value == "true":
continue
else:
foundButtons.append([str(x), node.toxml()])
else:
foundButtons.append([str(x), node.toxml()])
imageButton = minidom.parse(x)
for node in button.getElementsByTagName("ImageButton"):
if "android:FilterTouchesWhenObscured" in node.attributes.keys():
if node.attributes["android:FilterTouchesWhenObscured"].value == "true":
continue
else:
try:
if "android:id" in node.attributes.keys():
buttonId = node.attributes["android:id"].value
buttonId = re.sub(r".*id\/", "", buttonId)
foundButtons.append([str(x), buttonId])
except Exception as e:
common.logger.error("Unable to extract id for Button from layout's xml: " + str(e))
else:
try:
if "android:id" in node.attributes.keys():
buttonId = node.attributes["android:id"].value
buttonId = re.sub(r".*id\/", "", buttonId)
foundButtons.append([str(x), buttonId])
except Exception as e:
common.logger.error("Unable to extract id for Button from layout's xml: " + str(e))
if len(foundButtons) > 0:
print "Hey, I found these buttons in xml layouts:"
# BUG - This is an ugly hack basically "if fail - assume string"
print "LENGTH: " + str(len(foundButtons))
for b in foundButtons:
try:
print b.encode("utf-8")
except Exception as e:
print str(b)
else:
print "No buttons found in xml layouts"
return
def find_layout(path):
foundButtons=[]
foundButtons.append([])
for (dirpath, dirnames, filenames) in os.walk(path):
for dirname in dirnames:
if dirname == 'layout':
xml_files=common.find_xml(path+"/"+dirname)
if common.source_or_apk==1:
for x in xml_files:
try:
common.readLayoutFiles(x)
except Exception as e:
common.logger.warning("There was a problem trying to read the xml resource files, during the TapJacking checking. If you're using a decompiled APK, we're still working on this feature. You can still check manually by building our exploit APK.")
else:
for x in xml_files:
button=minidom.parse(x)
for node in button.getElementsByTagName('Button'):
if 'android:FilterTouchesWhenObscured' in node.attributes.keys():
if node.attributes['android:FilterTouchesWhenObscured'].value == 'true':
continue
else:
foundButtons.append([str(x),node.toxml()])
else:
foundButtons.append([str(x),node.toxml()])
imageButton=minidom.parse(x)
for node in button.getElementsByTagName('ImageButton'):
if 'android:FilterTouchesWhenObscured' in node.attributes.keys():
if node.attributes['android:FilterTouchesWhenObscured'].value == 'true':
continue
else:
try:
if 'android:id' in node.attributes.keys():
buttonId=node.attributes['android:id'].value
buttonId=re.sub(r'.*id\/','',buttonId)
foundButtons.append([str(x),buttonId])
except Exception as e:
common.logger.error("Unable to extract id for Button from layout's xml: " + str(e))
else:
try:
if 'android:id' in node.attributes.keys():
buttonId=node.attributes['android:id'].value
buttonId=re.sub(r'.*id\/','',buttonId)
foundButtons.append([str(x),buttonId])
except Exception as e:
common.logger.error("Unable to extract id for Button from layout's xml: " + str(e))
if len(foundButtons) > 0:
print "Hey, I found these buttons in xml layouts:"
#BUG - This is an ugly hack basically "if fail - assume string"
print "LENGTH: " + str(len(foundButtons))
for b in foundButtons:
try:
print b.encode('utf-8')
except Exception as e:
print str(b)
else:
print "No buttons found in xml layouts"
return
else:
common.sourceDirectory = os.path.abspath(raw_input(common.config.get('qarkhelper', 'SOURCE_PROMPT'))).rstrip()
common.sourceDirectory = re.sub("\\\\\s",' ',common.sourceDirectory)
except IOError:
common.logger.error("Oops! all hope is lost \n %s", IOError.message)
else:
unpackAPK.decompile(common.pathToDEX)
if common.pathToUnpackedAPK != "":
common.logger.info('Decompiled code found at:%s', common.pathToUnpackedAPK)
common.sourceDirectory = common.pathToUnpackedAPK
#find all java files
common.java_files=common.find_java(common.sourceDirectory)
#find all R.java files
common.xml_files=common.find_xml(common.sourceDirectory)
if common.interactive_mode:
stop_point = raw_input("Press ENTER key to begin Static Code Analysis")
#Regex to look for collection of deviceID
#Regex to determine if WebViews are imported
wv_imp_rex=r'android.webkit.WebView'
cp_imp_rex=r'android.content.ContentProvider'
#Run through all files, look for regex, print warning/info text and lines of code, with file names/paths
cert_queue = Queue()
pending_intents_queue = Queue()
file_permission_queue = Queue()
web_view_queue = Queue()
find_broadcast_queue = Queue()
crypto_flaw_queue = Queue()
else:
common.sourceDirectory = os.path.abspath(raw_input(common.config.get('qarkhelper', 'SOURCE_PROMPT'))).rstrip()
common.sourceDirectory = re.sub("\\\\\s",' ',common.sourceDirectory)
except IOError:
common.logger.error("Oops! all hope is lost \n %s", IOError.message)
else:
unpackAPK.decompile(common.pathToDEX)
if common.pathToUnpackedAPK != "":
common.logger.info('Decompiled code found at:%s', common.pathToUnpackedAPK)
common.sourceDirectory = common.pathToUnpackedAPK
#find all java files
common.java_files=common.find_java(common.sourceDirectory)
#find all R.java files
common.xml_files=common.find_xml(common.sourceDirectory)
if common.interactive_mode:
stop_point = raw_input("Press ENTER key to begin Static Code Analysis")
#Regex to look for collection of deviceID
#Regex to determine if WebViews are imported
wv_imp_rex=r'android.webkit.WebView'
cp_imp_rex=r'android.content.ContentProvider'
#Run through all files, look for regex, print warning/info text and lines of code, with file names/paths
cert_queue = Queue()
pending_intents_queue = Queue()
file_permission_queue = Queue()
web_view_queue = Queue()
find_broadcast_queue = Queue()
def findAllXmlFiles():
return common.find_xml(rootGoatdroidDir)
def findAllXmlFiles():
return common.find_xml(rootGoatdroidDir)
