def get_env(md5_hash, package, launcher): base_dir = settings.BASE_DIR app_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY app_file = md5_hash + '.apk' # NEW FILENAME app_path = app_dir + app_file # APP PATH toolsdir = os.path.join(base_dir, 'DynamicAnalyzer/tools/') # TOOLS DIR adb = getADB(toolsdir) #if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD": # proxy_ip = '127.0.0.1' #else: # proxy_ip = settings.PROXY_IP # Proxy IP #start_proxy(settings.PORT, package) # AVD only needs to wait, vm needs the connect function try: if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD": avd_load_wait(adb) else: connect(toolsdir) except Exception as exp: print("\n[WARNING] ADB Load Wait Failed") return HttpResponseRedirect('/error/') # Change True to support non-activity components install_and_run(toolsdir, app_path, package, launcher, True) screen_width, screen_width = get_res() data = { 'ready': 'yes', 'screen_witdth': screen_width, 'screen_height': screen_width, } return data
def yield_dynamic_run(apk_path): try: #step1: app_info app_info = get_base_info(apk_path) #step2 init virtual android devices by virtualbox refresh_vm(SETTINGS.UUID, SETTINGS.SUUID, SETTINGS.VBOX) connect(DYNAMIC_TOOL_DIR) #step3 install, run install_and_run(DYNAMIC_TOOL_DIR, app_info['apk_path'], app_info['packagename'], app_info['main_activity'], True) #step4 auto_app_test and start download x_logcat.txt #auto_app_test in another thread, download in main thread set_run_state(True) adb = getADB(DYNAMIC_TOOL_DIR) monkey = threading.Thread(target=monkey_test, args=(adb, app_info)) monkey.start() for cnt in yield_droidmon_download(adb, app_info['detail_dir'], app_info['packagename']): yield cnt if not check_run_state(): break monkey.join() except Exception as e: result = {} traceback.print_exc()
def dynamic_main(file_path): # download_dir = ORIGIN_DOWNLOAD_DIR + app_info['file_md5'] + '/' try: file_md5 = genMD5(file_path) print('file_md5:', file_md5) app_info = get_static_info(file_path, file_md5) # 开始动态分析 adb = getADB(DYNAMIC_TOOL_DIR) init_environment(adb) #set_web_proxy(app_info['file_md5']) connect_device(adb) # Change True to support non-activity components install_and_run(DYNAMIC_TOOL_DIR, app_info['apk_path'], app_info['packagename'], app_info['mainactivity'], True) # 开启下载 log 线程, 60s download_dir = os.path.dirname(os.path.dirname(app_info["apk_path"])) #t = start_strace(adb, download_dir, app_info['packagename']) t = start_download(adb, download_dir, app_info['packagename']) #time.sleep(40) #至少运行60s auto_app_test(adb, app_info) # 停止代理服务器,另一个线程会把网络传输数据保存到 UPLOAD_DIR 对应的文件夹中的 urls, WebTraffic.txt, requestdb 文件。 #Proxy('', '', '', '') # 关闭下载 log 线程 t.join() droidmon_log = os.path.join(download_dir, 'x_logcat.txt') droidmon_analysis(droidmon_log, app_info['packagename']) time.sleep(1) # 复制 apk 运行时访问的 url 到结果目录 #shutil.copy(os.path.join(os.path.join(UPLOAD_DIR, app_info['file_md5']), 'urls'), os.path.join(download_dir, 'urls')) #result = analysis_x_logcat(download_dir + 'x_logcat.txt', app_info) #print(u'分析结果目录:', download_dir) # 由于临时文件比较大,当硬盘空间不足时,则删除临时文件,比如:UPLOAD_DIR, shutil.rmtree(os.path.dirname(app_info['apk_path']), ignore_errors=True) return 1 except Exception as e: result = {} # Install Error 表示安装 apk 文件时报错。 # Parsing Manifest Error 表示解析 AndroidManifest.xml 文件时报错。 print(traceback.format_exc()) #shutil.rmtree(os.path.dirname(app_info['apk_path'])) return 0
def get_env(request): """Get Dynamic Analysis Environment for Android""" print("\n[INFO] Setting up Dynamic Analysis Environment") try: if request.method == 'POST': data = {} md5_hash = request.POST['md5'] package = request.POST['pkg'] launcher = request.POST['lng'] if re.findall(r";|\$\(|\|\||&&", package) or re.findall( r";|\$\(|\|\||&&", launcher): print("[ATTACK] Possible RCE") return HttpResponseRedirect('/error/') if re.match('^[0-9a-f]{32}$', md5_hash): base_dir = settings.BASE_DIR app_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY app_file = md5_hash + '.apk' # NEW FILENAME app_path = app_dir + app_file # APP PATH toolsdir = os.path.join(base_dir, 'DynamicAnalyzer/tools/') # TOOLS DIR adb = getADB(toolsdir) if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD": proxy_ip = '127.0.0.1' else: proxy_ip = settings.PROXY_IP # Proxy IP start_proxy(settings.PORT, package) # AVD only needs to wait, vm needs the connect function try: if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD": avd_load_wait(adb) else: connect(toolsdir) except Exception as exp: data = { 'ready': 'no', 'msg': 'Cannot Connect to the VM/Device.', 'error': str(exp) } return HttpResponse(json.dumps(data), content_type='application/json') # Change True to support non-activity components install_and_run(toolsdir, app_path, package, launcher, True) screen_width, screen_width = get_res() data = { 'ready': 'yes', 'screen_witdth': screen_width, 'screen_height': screen_width, } return HttpResponse(json.dumps(data), content_type='application/json') else: return HttpResponseRedirect('/error/') else: return HttpResponseRedirect('/error/') except: PrintException("[ERROR] Setting up Dynamic Analysis Environment") return HttpResponseRedirect('/error/')
def get_env(request): """Get Dynamic Analysis Environment for Android""" logger.info("Setting up Dynamic Analysis Environment") try: if request.method == 'POST': data = {} md5_hash = request.POST['md5'] package = request.POST['pkg'] launcher = request.POST['lng'] if re.findall(r";|\$\(|\|\||&&", package) or re.findall( r";|\$\(|\|\||&&", launcher): return print_n_send_error_response(request, "Possible RCE Attack", True) if re.match('^[0-9a-f]{32}$', md5_hash): base_dir = settings.BASE_DIR app_dir = os.path.join(settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY app_file = md5_hash + '.apk' # NEW FILENAME app_path = app_dir + app_file # APP PATH adb = getADB() if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD": proxy_ip = '127.0.0.1' else: proxy_ip = settings.PROXY_IP # Proxy IP start_proxy(settings.PORT, package) # vm needs the connect function try: if not settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD": connect() except Exception as exp: data = { 'ready': 'no', 'msg': 'Cannot Connect to the VM/Device.', 'error': str(exp) } return HttpResponse(json.dumps(data), content_type='application/json') # Change True to support non-activity components install_and_run(app_path, package, launcher, True) screen_width, screen_width = get_res() data = { 'ready': 'yes', 'screen_witdth': screen_width, 'screen_height': screen_width, } return HttpResponse(json.dumps(data), content_type='application/json') else: return print_n_send_error_response(request, "Invalid Scan Hash", True) else: return print_n_send_error_response(request, "Only POST allowed", True) except: PrintException("Setting up Dynamic Analysis Environment") return print_n_send_error_response(request, "Environment Setup Failed", True)
def get_env(request): """Get Dynamic Analysis Environment for Android.""" logger.info('Setting up Dynamic Analysis Environment') try: if request.method == 'POST': data = {} md5_hash = request.POST['md5'] package = request.POST['pkg'] launcher = request.POST['lng'] if (re.findall(r';|\$\(|\|\||&&', package) or re.findall(r';|\$\(|\|\||&&', launcher)): return print_n_send_error_response(request, 'Possible RCE Attack', True) if re.match('^[0-9a-f]{32}$', md5_hash): app_dir = os.path.join( settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY app_file = md5_hash + '.apk' # NEW FILENAME app_path = app_dir + app_file # APP PATH start_proxy(settings.PORT, package) # vm needs the connect function try: connect() except Exception as exp: data = {'ready': 'no', 'msg': 'Cannot Connect to the VM/Device.', 'error': str(exp)} return HttpResponse(json.dumps(data), content_type='application/json') # Change True to support non-activity components install_and_run(app_path, package, launcher, True) screen_width, screen_width = get_res() data = {'ready': 'yes', 'screen_witdth': screen_width, 'screen_height': screen_width} return HttpResponse(json.dumps(data), content_type='application/json') else: return print_n_send_error_response(request, 'Invalid Scan Hash', True) else: return print_n_send_error_response(request, 'Only POST allowed', True) except Exception: logger.exception('Setting up Dynamic Analysis Environment') return print_n_send_error_response(request, 'Environment Setup Failed', True)
def get_env(request): """Get Dynamic Analysis Environment for Android""" print("\n[INFO] Setting up Dynamic Analysis Environment") try: if request.method == 'POST': data = {} md5_hash = request.POST['md5'] package = request.POST['pkg'] launcher = request.POST['lng'] if re.findall(r";|\$\(|\|\||&&", package) or re.findall(r";|\$\(|\|\||&&", launcher): print("[ATTACK] Possible RCE") return HttpResponseRedirect('/error/') if re.match('^[0-9a-f]{32}$', md5_hash): base_dir = settings.BASE_DIR app_dir = os.path.join( settings.UPLD_DIR, md5_hash + '/') # APP DIRECTORY app_file = md5_hash + '.apk' # NEW FILENAME app_path = app_dir + app_file # APP PATH adb = getADB() if settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD": proxy_ip = '127.0.0.1' else: proxy_ip = settings.PROXY_IP # Proxy IP start_proxy(settings.PORT, package) # vm needs the connect function try: if not settings.ANDROID_DYNAMIC_ANALYZER == "MobSF_AVD": connect() except Exception as exp: data = {'ready': 'no', 'msg': 'Cannot Connect to the VM/Device.', 'error': str(exp)} return HttpResponse(json.dumps(data), content_type='application/json') # Change True to support non-activity components install_and_run(app_path, package, launcher, True) screen_width, screen_width = get_res() data = {'ready': 'yes', 'screen_witdth': screen_width, 'screen_height': screen_width, } return HttpResponse(json.dumps(data), content_type='application/json') else: return HttpResponseRedirect('/error/') else: return HttpResponseRedirect('/error/') except: PrintException("[ERROR] Setting up Dynamic Analysis Environment") return HttpResponseRedirect('/error/')
def dynamic_run(apk_path): start_time = time.time() try: #step1: app_info app_info = get_base_info(apk_path) #step2 init virtual android devices by virtualbox refresh_vm(SETTINGS.UUID, SETTINGS.SUUID, SETTINGS.VBOX) connect(DYNAMIC_TOOL_DIR) #step3 install, run, map run error try: install_and_run(DYNAMIC_TOOL_DIR, app_info['apk_path'], app_info['packagename'], app_info['main_activity'], True) except Exception as e: print("[dynamic run], exception at install_and_run:", e, 'app_info: ', app_info) #step4 auto_app_test and start download x_logcat.txt #auto_app_test in another thread, download in main thread set_run_state(True) adb = getADB(DYNAMIC_TOOL_DIR) monkey = threading.Thread(target=monkey_test, args=(adb, app_info)) monkey.start() droidmon_download(adb, app_info['detail_dir'], app_info['packagename']) monkey.join() #step5 power off poweroff_vm(SETTINGS.UUID, SETTINGS.VBOX) return time.time() - start_time except Exception as e: result = {} traceback.print_exc() return 0