def get_env(md5_hash, package, launcher):
base_dir = settings.BASE_DIR
app_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY
app_file = md5_hash + '.apk' # NEW FILENAME
app_path = app_dir + app_file # APP PATH
toolsdir = os.path.join(base_dir, 'DynamicAnalyzer/tools/') # TOOLS DIR
adb = getADB(toolsdir)
#if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
# proxy_ip = '127.0.0.1'
#else:
# proxy_ip = settings.PROXY_IP # Proxy IP
#start_proxy(settings.PORT, package)
# AVD only needs to wait, vm needs the connect function
try:
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
avd_load_wait(adb)
else:
connect(toolsdir)
except Exception as exp:
print("\n[WARNING] ADB Load Wait Failed")
return HttpResponseRedirect('/error/')
# Change True to support non-activity components
install_and_run(toolsdir, app_path, package, launcher, True)
screen_width, screen_width = get_res()
data = {
'ready': 'yes',
'screen_witdth': screen_width,
'screen_height': screen_width,
}
return data
def yield_dynamic_run(apk_path):
try:
#step1: app_info
app_info = get_base_info(apk_path)
#step2 init virtual android devices by virtualbox
refresh_vm(SETTINGS.UUID, SETTINGS.SUUID, SETTINGS.VBOX)
connect(DYNAMIC_TOOL_DIR)
#step3 install, run
install_and_run(DYNAMIC_TOOL_DIR, app_info['apk_path'],
app_info['packagename'], app_info['main_activity'],
True)
#step4 auto_app_test and start download x_logcat.txt
#auto_app_test in another thread, download in main thread
set_run_state(True)
adb = getADB(DYNAMIC_TOOL_DIR)
monkey = threading.Thread(target=monkey_test, args=(adb, app_info))
monkey.start()
for cnt in yield_droidmon_download(adb, app_info['detail_dir'],
app_info['packagename']):
yield cnt
if not check_run_state():
break
monkey.join()
except Exception as e:
result = {}
traceback.print_exc()
def dynamic_main(file_path):
# download_dir = ORIGIN_DOWNLOAD_DIR + app_info['file_md5'] + '/'
try:
file_md5 = genMD5(file_path)
print('file_md5:', file_md5)
app_info = get_static_info(file_path, file_md5)
# 开始动态分析
adb = getADB(DYNAMIC_TOOL_DIR)
init_environment(adb)
#set_web_proxy(app_info['file_md5'])
connect_device(adb)
# Change True to support non-activity components
install_and_run(DYNAMIC_TOOL_DIR, app_info['apk_path'],
app_info['packagename'], app_info['mainactivity'],
True)
# 开启下载 log 线程, 60s
download_dir = os.path.dirname(os.path.dirname(app_info["apk_path"]))
#t = start_strace(adb, download_dir, app_info['packagename'])
t = start_download(adb, download_dir, app_info['packagename'])
#time.sleep(40)
#至少运行60s
auto_app_test(adb, app_info)
# 停止代理服务器,另一个线程会把网络传输数据保存到 UPLOAD_DIR 对应的文件夹中的 urls, WebTraffic.txt, requestdb 文件。
#Proxy('', '', '', '')
# 关闭下载 log 线程
t.join()
droidmon_log = os.path.join(download_dir, 'x_logcat.txt')
droidmon_analysis(droidmon_log, app_info['packagename'])
time.sleep(1)
# 复制 apk 运行时访问的 url 到结果目录
#shutil.copy(os.path.join(os.path.join(UPLOAD_DIR, app_info['file_md5']), 'urls'), os.path.join(download_dir, 'urls'))
#result = analysis_x_logcat(download_dir + 'x_logcat.txt', app_info)
#print(u'分析结果目录:', download_dir)
# 由于临时文件比较大,当硬盘空间不足时,则删除临时文件,比如:UPLOAD_DIR,
shutil.rmtree(os.path.dirname(app_info['apk_path']),
ignore_errors=True)
return 1
except Exception as e:
result = {}
# Install Error 表示安装 apk 文件时报错。
# Parsing Manifest Error 表示解析 AndroidManifest.xml 文件时报错。
print(traceback.format_exc())
#shutil.rmtree(os.path.dirname(app_info['apk_path']))
return 0
def get_env(request):
"""Get Dynamic Analysis Environment for Android"""
print("\n[INFO] Setting up Dynamic Analysis Environment")
try:
if request.method == 'POST':
data = {}
md5_hash = request.POST['md5']
package = request.POST['pkg']
launcher = request.POST['lng']
if re.findall(r";|\$\(|\|\||&&", package) or re.findall(
r";|\$\(|\|\||&&", launcher):
print("[ATTACK] Possible RCE")
return HttpResponseRedirect('/error/')
if re.match('^[0-9a-f]{32}$', md5_hash):
base_dir = settings.BASE_DIR
app_dir = os.path.join(settings.UPLD_DIR,
md5_hash + '/') # APP DIRECTORY
app_file = md5_hash + '.apk' # NEW FILENAME
app_path = app_dir + app_file # APP PATH
toolsdir = os.path.join(base_dir,
'DynamicAnalyzer/tools/') # TOOLS DIR
adb = getADB(toolsdir)
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
proxy_ip = '127.0.0.1'
else:
proxy_ip = settings.PROXY_IP # Proxy IP
start_proxy(settings.PORT, package)
# AVD only needs to wait, vm needs the connect function
try:
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
avd_load_wait(adb)
else:
connect(toolsdir)
except Exception as exp:
data = {
'ready': 'no',
'msg': 'Cannot Connect to the VM/Device.',
'error': str(exp)
}
return HttpResponse(json.dumps(data),
content_type='application/json')
# Change True to support non-activity components
install_and_run(toolsdir, app_path, package, launcher, True)
screen_width, screen_width = get_res()
data = {
'ready': 'yes',
'screen_witdth': screen_width,
'screen_height': screen_width,
}
return HttpResponse(json.dumps(data),
content_type='application/json')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] Setting up Dynamic Analysis Environment")
return HttpResponseRedirect('/error/')
def get_env(request):
"""Get Dynamic Analysis Environment for Android"""
logger.info("Setting up Dynamic Analysis Environment")
try:
if request.method == 'POST':
data = {}
md5_hash = request.POST['md5']
package = request.POST['pkg']
launcher = request.POST['lng']
if re.findall(r";|\$\(|\|\||&&", package) or re.findall(
r";|\$\(|\|\||&&", launcher):
return print_n_send_error_response(request,
"Possible RCE Attack", True)
if re.match('^[0-9a-f]{32}$', md5_hash):
base_dir = settings.BASE_DIR
app_dir = os.path.join(settings.UPLD_DIR,
md5_hash + '/') # APP DIRECTORY
app_file = md5_hash + '.apk' # NEW FILENAME
app_path = app_dir + app_file # APP PATH
adb = getADB()
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
proxy_ip = '127.0.0.1'
else:
proxy_ip = settings.PROXY_IP # Proxy IP
start_proxy(settings.PORT, package)
# vm needs the connect function
try:
if not settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
connect()
except Exception as exp:
data = {
'ready': 'no',
'msg': 'Cannot Connect to the VM/Device.',
'error': str(exp)
}
return HttpResponse(json.dumps(data),
content_type='application/json')
# Change True to support non-activity components
install_and_run(app_path, package, launcher, True)
screen_width, screen_width = get_res()
data = {
'ready': 'yes',
'screen_witdth': screen_width,
'screen_height': screen_width,
}
return HttpResponse(json.dumps(data),
content_type='application/json')
else:
return print_n_send_error_response(request,
"Invalid Scan Hash", True)
else:
return print_n_send_error_response(request, "Only POST allowed",
True)
except:
PrintException("Setting up Dynamic Analysis Environment")
return print_n_send_error_response(request, "Environment Setup Failed",
True)
def get_env(request):
"""Get Dynamic Analysis Environment for Android."""
logger.info('Setting up Dynamic Analysis Environment')
try:
if request.method == 'POST':
data = {}
md5_hash = request.POST['md5']
package = request.POST['pkg']
launcher = request.POST['lng']
if (re.findall(r';|\$\(|\|\||&&', package)
or re.findall(r';|\$\(|\|\||&&', launcher)):
return print_n_send_error_response(request,
'Possible RCE Attack',
True)
if re.match('^[0-9a-f]{32}$', md5_hash):
app_dir = os.path.join(
settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY
app_file = md5_hash + '.apk' # NEW FILENAME
app_path = app_dir + app_file # APP PATH
start_proxy(settings.PORT, package)
# vm needs the connect function
try:
connect()
except Exception as exp:
data = {'ready': 'no',
'msg': 'Cannot Connect to the VM/Device.',
'error': str(exp)}
return HttpResponse(json.dumps(data),
content_type='application/json')
# Change True to support non-activity components
install_and_run(app_path, package, launcher, True)
screen_width, screen_width = get_res()
data = {'ready': 'yes',
'screen_witdth': screen_width,
'screen_height': screen_width}
return HttpResponse(json.dumps(data),
content_type='application/json')
else:
return print_n_send_error_response(request,
'Invalid Scan Hash',
True)
else:
return print_n_send_error_response(request,
'Only POST allowed',
True)
except Exception:
logger.exception('Setting up Dynamic Analysis Environment')
return print_n_send_error_response(request,
'Environment Setup Failed',
True)
def get_env(request):
"""Get Dynamic Analysis Environment for Android"""
print("\n[INFO] Setting up Dynamic Analysis Environment")
try:
if request.method == 'POST':
data = {}
md5_hash = request.POST['md5']
package = request.POST['pkg']
launcher = request.POST['lng']
if re.findall(r";|\$\(|\|\||&&", package) or re.findall(r";|\$\(|\|\||&&", launcher):
print("[ATTACK] Possible RCE")
return HttpResponseRedirect('/error/')
if re.match('^[0-9a-f]{32}$', md5_hash):
base_dir = settings.BASE_DIR
app_dir = os.path.join(
settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY
app_file = md5_hash + '.apk' # NEW FILENAME
app_path = app_dir + app_file # APP PATH
adb = getADB()
if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
proxy_ip = '127.0.0.1'
else:
proxy_ip = settings.PROXY_IP # Proxy IP
start_proxy(settings.PORT, package)
# vm needs the connect function
try:
if not settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD":
connect()
except Exception as exp:
data = {'ready': 'no',
'msg': 'Cannot Connect to the VM/Device.',
'error': str(exp)}
return HttpResponse(json.dumps(data), content_type='application/json')
# Change True to support non-activity components
install_and_run(app_path, package, launcher, True)
screen_width, screen_width = get_res()
data = {'ready': 'yes',
'screen_witdth': screen_width,
'screen_height': screen_width, }
return HttpResponse(json.dumps(data), content_type='application/json')
else:
return HttpResponseRedirect('/error/')
else:
return HttpResponseRedirect('/error/')
except:
PrintException("[ERROR] Setting up Dynamic Analysis Environment")
return HttpResponseRedirect('/error/')
def dynamic_run(apk_path):
start_time = time.time()
try:
#step1: app_info
app_info = get_base_info(apk_path)
#step2 init virtual android devices by virtualbox
refresh_vm(SETTINGS.UUID, SETTINGS.SUUID, SETTINGS.VBOX)
connect(DYNAMIC_TOOL_DIR)
#step3 install, run, map run error
try:
install_and_run(DYNAMIC_TOOL_DIR, app_info['apk_path'],
app_info['packagename'], app_info['main_activity'],
True)
except Exception as e:
print("[dynamic run], exception at install_and_run:", e,
'app_info: ', app_info)
#step4 auto_app_test and start download x_logcat.txt
#auto_app_test in another thread, download in main thread
set_run_state(True)
adb = getADB(DYNAMIC_TOOL_DIR)
monkey = threading.Thread(target=monkey_test, args=(adb, app_info))
monkey.start()
droidmon_download(adb, app_info['detail_dir'], app_info['packagename'])
monkey.join()
#step5 power off
poweroff_vm(SETTINGS.UUID, SETTINGS.VBOX)
return time.time() - start_time
except Exception as e:
result = {}
traceback.print_exc()
return 0
