def view_report(request, checksum, api=False):
"""Dynamic Analysis Report Generation."""
logger.info('Dynamic Analysis Report Generation')
try:
droidmon = {}
apimon = {}
if not is_md5(checksum):
# We need this check since checksum is not validated
# in REST API
return print_n_send_error_response(request, 'Invalid Parameters',
api)
package = get_package_name(checksum)
if not package:
return print_n_send_error_response(request, 'Invalid Parameters',
api)
app_dir = os.path.join(settings.UPLD_DIR, checksum + '/')
download_dir = settings.DWD_DIR
if not is_file_exists(os.path.join(app_dir, 'logcat.txt')):
msg = ('Dynamic Analysis report is not available '
'for this app. Perform Dynamic Analysis '
'and generate the report.')
return print_n_send_error_response(request, msg, api)
fd_log = os.path.join(app_dir, 'mobsf_frida_out.txt')
droidmon = droidmon_api_analysis(app_dir, package)
apimon = apimon_analysis(app_dir)
analysis_result = run_analysis(app_dir, checksum, package)
generate_download(app_dir, checksum, download_dir, package)
images = get_screenshots(checksum, download_dir)
context = {
'hash': checksum,
'emails': analysis_result['emails'],
'urls': analysis_result['urls'],
'domains': analysis_result['domains'],
'clipboard': analysis_result['clipboard'],
'xml': analysis_result['xml'],
'sqlite': analysis_result['sqlite'],
'others': analysis_result['other_files'],
'screenshots': images['screenshots'],
'activity_tester': images['activities'],
'exported_activity_tester': images['exported_activities'],
'droidmon': droidmon,
'apimon': apimon,
'frida_logs': is_file_exists(fd_log),
'package': package,
'version': settings.MOBSF_VER,
'title': 'Dynamic Analysis'
}
template = 'dynamic_analysis/android/dynamic_report.html'
if api:
return context
return render(request, template, context)
except Exception as exp:
logger.exception('Dynamic Analysis Report Generation')
err = 'Error Geneating Dynamic Analysis Report. ' + str(exp)
return print_n_send_error_response(request, err, api)
def view_report(request):
"""Dynamic Analysis Report Generation."""
logger.info('Dynamic Analysis Report Generation')
try:
md5_hash = request.GET['hash']
package = request.GET['package']
droidmon = {}
apimon = {}
if (is_attack_pattern(package)
or not is_md5(md5_hash)):
return print_n_send_error_response(request,
'Invalid Parameters')
app_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/')
download_dir = settings.DWD_DIR
if not is_file_exists(os.path.join(app_dir, 'logcat.txt')):
msg = ('Dynamic Analysis report is not available '
'for this app. Perform Dynamic Analysis '
'and generate the report.')
return print_n_send_error_response(request, msg)
fd_log = os.path.join(app_dir, 'mobsf_frida_out.txt')
droidmon = droidmon_api_analysis(app_dir, package)
apimon = apimon_analysis(app_dir)
analysis_result = run_analysis(app_dir, md5_hash, package)
generate_download(app_dir, md5_hash, download_dir, package)
images = get_screenshots(md5_hash, download_dir)
context = {'md5': md5_hash,
'emails': analysis_result['emails'],
'urls': analysis_result['urls'],
'domains': analysis_result['domains'],
'clipboard': analysis_result['clipboard'],
'xml': analysis_result['xml'],
'sqlite': analysis_result['sqlite'],
'others': analysis_result['other_files'],
'screenshots': images['screenshots'],
'acttest': images['activities'],
'expacttest': images['exported_activities'],
'droidmon': droidmon,
'apimon': apimon,
'fdlog': is_file_exists(fd_log),
'package': package,
'version': settings.MOBSF_VER,
'title': 'Dynamic Analysis'}
template = 'dynamic_analysis/android/dynamic_report.html'
return render(request, template, context)
except Exception as exp:
logger.exception('Dynamic Analysis Report Generation')
err = 'Error Geneating Dynamic Analysis Report. ' + str(exp)
return print_n_send_error_response(request, err)
def report(request):
"""Dynamic Analysis Report Generation"""
print("\n[INFO] Dynamic Analysis Report Generation")
try:
if request.method == 'GET':
md5_hash = request.GET['md5']
package = request.GET['pkg']
if re.findall(r";|\$\(|\|\||&&", package):
print("[ATTACK] Possible RCE")
return HttpResponseRedirect('/error/')
if re.match('^[0-9a-f]{32}$', md5_hash):
app_dir = os.path.join(settings.UPLD_DIR,
md5_hash + '/') # APP DIRECTORY
download_dir = settings.DWD_DIR
droidmon_api_loc = os.path.join(app_dir, 'x_logcat.txt')
api_analysis_result = api_analysis(package, droidmon_api_loc)
analysis_result = run_analysis(app_dir, md5_hash, package)
download(md5_hash, download_dir, app_dir, package)
# Only After Download Process is Done
imgs = []
act_imgs = []
act = {}
expact_imgs = []
exp_act = {}
if os.path.exists(
os.path.join(download_dir,
md5_hash + "-screenshots-apk/")):
try:
imp_path = os.path.join(download_dir,
md5_hash + "-screenshots-apk/")
for img in os.listdir(imp_path):
if img.endswith(".png"):
if img.startswith("act"):
act_imgs.append(img)
elif img.startswith("expact"):
expact_imgs.append(img)
else:
imgs.append(img)
static_android_db = StaticAnalyzerAndroid.objects.filter(
MD5=md5_hash)
if static_android_db.exists():
print(
"\n[INFO] Fetching Exported Activity & Activity List from DB"
)
exported_act = python_list(
static_android_db[0].EXPORTED_ACT)
act_desc = python_list(
static_android_db[0].ACTIVITIES)
if act_imgs:
if len(act_imgs) == len(act_desc):
act = dict(list(zip(act_imgs, act_desc)))
if expact_imgs:
if len(expact_imgs) == len(exported_act):
exp_act = dict(
list(zip(expact_imgs, exported_act)))
else:
print(
"\n[WARNING] Entry does not exists in the DB.")
except:
PrintException("[ERROR] Screenshot Sorting")
context = {
'md5': md5_hash,
'emails': analysis_result["emails"],
'urls': analysis_result["urls"],
'domains': analysis_result["domains"],
'clipboard': analysis_result["clipboard"],
'http': analysis_result["web_data"],
'xml': analysis_result["xmlfiles"],
'sqlite': analysis_result["sqlite_db"],
'others': analysis_result["other_files"],
'imgs': imgs,
'acttest': act,
'expacttest': exp_act,
'net': api_analysis_result["api_net"],
'base64': api_analysis_result["api_base64"],
'crypto': api_analysis_result["api_crypto"],
'fileio': api_analysis_result["api_fileio"],
'binder': api_analysis_result["api_binder"],
'divinfo': api_analysis_result["api_deviceinfo"],
'cntval': api_analysis_result["api_cntvl"],
'sms': api_analysis_result["api_sms"],
'sysprop': api_analysis_result["api_sysprop"],
'dexload': api_analysis_result["api_dexloader"],
'reflect': api_analysis_result["api_reflect"],
'sysman': api_analysis_result["api_acntmnger"],
'process': api_analysis_result["api_cmd"],
'pkg': package,
'title': 'Dynamic Analysis'
}
template = "dynamic_analysis/dynamic_analysis.html"
return render(request, template, context)
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] Dynamic Analysis Report Generation")
return HttpResponseRedirect('/error/')
def report(request):
"""Dynamic Analysis Report Generation"""
print("\n[INFO] Dynamic Analysis Report Generation")
try:
if request.method == 'GET':
md5_hash = request.GET['md5']
package = request.GET['pkg']
if re.findall(r";|\$\(|\|\||&&", package):
print("[ATTACK] Possible RCE")
return HttpResponseRedirect('/error/')
if re.match('^[0-9a-f]{32}$', md5_hash):
app_dir = os.path.join(
settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY
download_dir = settings.DWD_DIR
droidmon_api_loc = os.path.join(app_dir, 'x_logcat.txt')
api_analysis_result = api_analysis(package, droidmon_api_loc)
analysis_result = run_analysis(app_dir, md5_hash, package)
download(md5_hash, download_dir, app_dir, package)
# Only After Download Process is Done
imgs = []
act_imgs = []
act = {}
expact_imgs = []
exp_act = {}
if os.path.exists(os.path.join(download_dir, md5_hash + "-screenshots-apk/")):
try:
imp_path = os.path.join(
download_dir, md5_hash + "-screenshots-apk/")
for img in os.listdir(imp_path):
if img.endswith(".png"):
if img.startswith("act"):
act_imgs.append(img)
elif img.startswith("expact"):
expact_imgs.append(img)
else:
imgs.append(img)
static_android_db = StaticAnalyzerAndroid.objects.filter(
MD5=md5_hash)
if static_android_db.exists():
print(
"\n[INFO] Fetching Exported Activity & Activity List from DB")
exported_act = python_list(
static_android_db[0].EXPORTED_ACT)
act_desc = python_list(
static_android_db[0].ACTIVITIES)
if act_imgs:
if len(act_imgs) == len(act_desc):
act = dict(list(zip(act_imgs, act_desc)))
if expact_imgs:
if len(expact_imgs) == len(exported_act):
exp_act = dict(
list(zip(expact_imgs, exported_act)))
else:
print(
"\n[WARNING] Entry does not exists in the DB.")
except:
PrintException("[ERROR] Screenshot Sorting")
context = {'md5': md5_hash,
'emails': analysis_result["emails"],
'urls': analysis_result["urls"],
'domains': analysis_result["domains"],
'clipboard': analysis_result["clipboard"],
'http': analysis_result["web_data"],
'xml': analysis_result["xmlfiles"],
'sqlite': analysis_result["sqlite_db"],
'others': analysis_result["other_files"],
'imgs': imgs,
'acttest': act,
'expacttest': exp_act,
'net': api_analysis_result["api_net"],
'base64': api_analysis_result["api_base64"],
'crypto': api_analysis_result["api_crypto"],
'fileio': api_analysis_result["api_fileio"],
'binder': api_analysis_result["api_binder"],
'divinfo': api_analysis_result["api_deviceinfo"],
'cntval': api_analysis_result["api_cntvl"],
'sms': api_analysis_result["api_sms"],
'sysprop': api_analysis_result["api_sysprop"],
'dexload': api_analysis_result["api_dexloader"],
'reflect': api_analysis_result["api_reflect"],
'sysman': api_analysis_result["api_acntmnger"],
'process': api_analysis_result["api_cmd"],
'pkg': package,
'title': 'Dynamic Analysis'}
template = "dynamic_analysis/dynamic_analysis.html"
return render(request, template, context)
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] Dynamic Analysis Report Generation")
return HttpResponseRedirect('/error/')
def report(request):
"""Dynamic Analysis Report Generation."""
logger.info('Dynamic Analysis Report Generation')
try:
if request.method == 'GET':
md5_hash = request.GET['md5']
package = request.GET['pkg']
if re.findall(r';|\$\(|\|\||&&', package):
return print_n_send_error_response(request,
'Possible RCE Attack')
if re.match('^[0-9a-f]{32}$', md5_hash):
app_dir = os.path.join(
settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY
download_dir = settings.DWD_DIR
droidmon_api_loc = os.path.join(app_dir, 'x_logcat.txt')
api_analysis_result = api_analysis(package, droidmon_api_loc)
analysis_result = run_analysis(app_dir, md5_hash, package)
download(md5_hash, download_dir, app_dir, package)
# Only After Download Process is Done
imgs = []
act_imgs = []
act = {}
expact_imgs = []
exp_act = {}
if os.path.exists(os.path.join(
download_dir,
md5_hash + '-screenshots-apk/')):
try:
imp_path = os.path.join(
download_dir, md5_hash + '-screenshots-apk/')
for img in os.listdir(imp_path):
if img.endswith('.png'):
if img.startswith('act'):
act_imgs.append(img)
elif img.startswith('expact'):
expact_imgs.append(img)
else:
imgs.append(img)
sadb = StaticAnalyzerAndroid.objects.filter(
MD5=md5_hash)
if sadb.exists():
logger.info(
'\nFetching Exported Activity'
' & Activity List from DB')
exported_act = python_list(
sadb[0].EXPORTED_ACT)
act_desc = python_list(
sadb[0].ACTIVITIES)
if act_imgs:
if len(act_imgs) == len(act_desc):
act = dict(list(zip(act_imgs, act_desc)))
if expact_imgs:
if len(expact_imgs) == len(exported_act):
exp_act = dict(
list(zip(expact_imgs, exported_act)))
else:
logger.warning('Entry does not exists in the DB.')
except Exception:
logger.exception('Screenshot Sorting')
context = {'md5': md5_hash,
'emails': analysis_result['emails'],
'urls': analysis_result['urls'],
'domains': analysis_result['domains'],
'clipboard': analysis_result['clipboard'],
'http': analysis_result['web_data'],
'xml': analysis_result['xmlfiles'],
'sqlite': analysis_result['sqlite_db'],
'others': analysis_result['other_files'],
'imgs': imgs,
'acttest': act,
'expacttest': exp_act,
'net': api_analysis_result['api_net'],
'base64': api_analysis_result['api_base64'],
'crypto': api_analysis_result['api_crypto'],
'fileio': api_analysis_result['api_fileio'],
'binder': api_analysis_result['api_binder'],
'divinfo': api_analysis_result['api_deviceinfo'],
'cntval': api_analysis_result['api_cntvl'],
'sms': api_analysis_result['api_sms'],
'sysprop': api_analysis_result['api_sysprop'],
'dexload': api_analysis_result['api_dexloader'],
'reflect': api_analysis_result['api_reflect'],
'sysman': api_analysis_result['api_acntmnger'],
'process': api_analysis_result['api_cmd'],
'pkg': package,
'title': 'Dynamic Analysis'}
template = 'dynamic_analysis/dynamic_analysis.html'
return render(request, template, context)
else:
return print_n_send_error_response(request,
'Invalid Scan Hash')
else:
return print_n_send_error_response(request,
'Only GET allowed')
except Exception:
logger.exception('Dynamic Analysis Report Generation')
err = 'Error Geneating Dynamic Analysis Report'
return print_n_send_error_response(request, err)