def frida_logs(request, api=False):
try:
if api:
apphash = request.POST['hash']
stream = True
else:
apphash = request.GET.get('hash', '')
stream = request.GET.get('stream', '')
if not is_md5(apphash):
return invalid_params(api)
if stream:
apk_dir = os.path.join(settings.UPLD_DIR, apphash + '/')
frida_logs = os.path.join(apk_dir, 'mobsf_frida_out.txt')
data = {}
if not is_file_exists(frida_logs):
data = {'status': 'failed', 'message': 'Data does not exist.'}
return send_response(data, api)
with open(frida_logs, 'r') as flip:
data = {'data': flip.read()}
return send_response(data, api)
logger.info('Frida Logs live streaming')
template = 'dynamic_analysis/android/frida_logs.html'
return render(
request, template, {
'hash': apphash,
'package': request.GET.get('package', ''),
'version': settings.MOBSF_VER,
'title': 'Live Frida logs'
})
except Exception:
logger.exception('Frida log streaming')
err = 'Error in Frida log streaming'
return print_n_send_error_response(request, err, api)
def live_api(request, api=False):
try:
if api:
apphash = request.POST['hash']
stream = True
else:
apphash = request.GET.get('hash', '')
stream = request.GET.get('stream', '')
if not is_md5(apphash):
return invalid_params(api)
if stream:
apk_dir = os.path.join(settings.UPLD_DIR, apphash + '/')
apimon_file = os.path.join(apk_dir, 'mobsf_api_monitor.txt')
data = {}
if not is_file_exists(apimon_file):
data = {'status': 'failed', 'message': 'Data does not exist.'}
return send_response(data, api)
with open(apimon_file, 'r') as flip:
api_list = json.loads('[{}]'.format(flip.read()[:-1]))
data = {'data': api_list}
return send_response(data, api)
logger.info('Starting API monitor streaming')
template = 'dynamic_analysis/android/live_api.html'
return render(
request, template, {
'hash': apphash,
'package': request.GET.get('package', ''),
'version': settings.MOBSF_VER,
'title': 'Live API Monitor'
})
except Exception:
logger.exception('API monitor streaming')
err = 'Error in API monitor streaming'
return print_n_send_error_response(request, err, api)
def download_data(request, api=False):
"""Download Application Data from Device."""
logger.info('Downloading app data')
data = {}
try:
env = Environment()
md5_hash = request.POST['hash']
if not is_md5(md5_hash):
return invalid_params(api)
package = get_package_name(md5_hash)
if not package:
data = {
'status': 'failed',
'message': 'App details not found in database'
}
return send_response(data, api)
apk_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/')
stop_httptools(settings.PROXY_PORT)
files_loc = '/data/local/'
logger.info('Archiving files created by app')
env.adb_command([
'tar', '-cvf', files_loc + package + '.tar',
'/data/data/' + package + '/'
], True)
logger.info('Downloading Archive')
env.adb_command(
['pull', files_loc + package + '.tar', apk_dir + package + '.tar'])
logger.info('Stopping ADB server')
env.adb_command(['kill-server'])
data = {'status': 'ok'}
except Exception as exp:
logger.exception('Downloading application data')
data = {'status': 'failed', 'message': str(exp)}
return send_response(data, api)
def instrument(request, api=False):
"""Instrument app with frida."""
data = {}
try:
logger.info('Starting Instrumentation')
md5_hash = request.POST['hash']
default_hooks = request.POST['default_hooks']
auxiliary_hooks = request.POST['auxiliary_hooks']
code = request.POST['frida_code']
# Fill extras
extras = {}
class_name = request.POST.get('class_name')
if class_name:
extras['class_name'] = class_name.strip()
class_search = request.POST.get('class_search')
if class_search:
extras['class_search'] = class_search.strip()
cls_trace = request.POST.get('class_trace')
if cls_trace:
extras['class_trace'] = cls_trace.strip()
if (is_attack_pattern(default_hooks) or not is_md5(md5_hash)):
return invalid_params(api)
package = get_package_name(md5_hash)
if not package:
return invalid_params(api)
frida_obj = Frida(md5_hash, package, default_hooks.split(','),
auxiliary_hooks.split(','), extras, code)
trd = threading.Thread(target=frida_obj.connect)
trd.daemon = True
trd.start()
data = {'status': 'ok'}
except Exception as exp:
logger.exception('Instrumentation failed')
data = {'status': 'failed', 'message': str(exp)}
return send_response(data, api)
def activity_tester(request, api=False):
"""Exported & non exported activity Tester."""
data = {}
try:
env = Environment()
test = request.POST['test']
md5_hash = request.POST['hash']
if not is_md5(md5_hash):
return invalid_params(api)
app_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/')
screen_dir = os.path.join(app_dir, 'screenshots-apk/')
if not os.path.exists(screen_dir):
os.makedirs(screen_dir)
static_android_db = StaticAnalyzerAndroid.objects.get(MD5=md5_hash)
package = static_android_db.PACKAGE_NAME
iden = ''
if test == 'exported':
iden = 'Exported '
logger.info('Exported activity tester')
activities = python_list(static_android_db.EXPORTED_ACTIVITIES)
else:
logger.info('Activity tester')
activities = python_list(static_android_db.ACTIVITIES)
logger.info('Fetching %sactivities for %s', iden, package)
if not activities:
msg = 'No {}Activites found'.format(iden)
logger.info(msg)
data = {'status': 'failed', 'message': msg}
return send_response(data, api)
act_no = 0
logger.info('Starting %sActivity Tester...', iden)
logger.info('%s %sActivities Identified', str(len(activities)), iden)
for activity in activities:
act_no += 1
logger.info('Launching %sActivity - %s. %s', iden, str(act_no),
activity)
if test == 'exported':
file_iden = 'expact'
else:
file_iden = 'act'
outfile = ('{}{}-{}.png'.format(screen_dir, file_iden, act_no))
env.launch_n_capture(package, activity, outfile)
data = {'status': 'ok'}
except Exception as exp:
logger.exception('%sActivity tester', iden)
data = {'status': 'failed', 'message': str(exp)}
return send_response(data, api)
def list_frida_scripts(request, api=False):
"""Get frida scripts from others."""
scripts = []
others = os.path.join(settings.TOOLS_DIR, 'frida_scripts', 'others')
files = glob.glob(others + '**/*.js', recursive=True)
for item in files:
scripts.append(Path(item).stem)
return send_response({'status': 'ok', 'files': scripts}, api)
def get_script(request, api=False):
"""Get frida scripts from others."""
data = {'status': 'ok', 'content': ''}
try:
scripts = request.POST.getlist('scripts[]')
others = os.path.join(settings.TOOLS_DIR, 'frida_scripts', 'others')
script_ct = []
for script in scripts:
script_file = os.path.join(others, script + '.js')
if not is_safe_path(others, script_file):
data = {
'status': 'failed',
'message': 'Path traversal detected.'
}
return send_response(data, api)
if is_file_exists(script_file):
script_ct.append(Path(script_file).read_text())
data['content'] = '\n'.join(script_ct)
except Exception:
pass
return send_response(data, api)
def collect_logs(request, api=False):
"""Collecting Data and Cleanup."""
logger.info('Collecting Data and Cleaning Up')
data = {}
try:
env = Environment()
md5_hash = request.POST['hash']
if not is_md5(md5_hash):
return invalid_params(api)
package = get_package_name(md5_hash)
if not package:
data = {
'status': 'failed',
'message': 'App details not found in database'
}
return send_response(data, api)
apk_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/')
lout = os.path.join(apk_dir, 'logcat.txt')
dout = os.path.join(apk_dir, 'dump.txt')
logger.info('Downloading logcat logs')
logcat = env.adb_command(['logcat', '-d', package + ':V', '*:*'])
with open(lout, 'wb') as flip:
flip.write(logcat)
logger.info('Downloading dumpsys logs')
dumpsys = env.adb_command(['dumpsys'], True)
with open(dout, 'wb') as flip:
flip.write(dumpsys)
if env.get_android_version() < 5:
download_xposed_log(apk_dir)
env.adb_command(['am', 'force-stop', package], True)
logger.info('Stopping app')
# Unset Global Proxy
env.unset_global_proxy()
data = {'status': 'ok'}
except Exception as exp:
logger.exception('Data Collection & Clean Up failed')
data = {'status': 'failed', 'message': str(exp)}
return send_response(data, api)