def detect_Telephony_Phone_Call_abuse(x):
"""
@param x : a VMAnalysis instance
@rtype : a list of formatted strings
"""
formatted_str = []
detector_1 = search_string(x, "android.intent.action.CALL")
detector_2 = search_string(x, "android.intent.action.DIAL")
detectors = [detector_1, detector_2]
if detector_tab_is_not_empty(detectors):
local_formatted_str = 'This application makes phone calls'
formatted_str.append(local_formatted_str)
for res in detectors:
if res:
try:
log_result_path_information(res, "Call Intent", "string")
except:
logger.warn(
"Detector result '%s' is not a PathVariable instance" %
res)
return formatted_str
def get(self):
apps = self.db.session.query(models.StaticAnalyzer).all() or []
if self.request.arguments:
app_name = self.get_argument('apk')
if app_name.strip('.apk') in [str(i) for i in apps]:
logger.warn('Already scanned!')
self.render('report.html', app=app_name.strip('.apk'), status="Finished")
else:
logger.warn("Scan in progress...")
info = yield self.extract_and_decompile(app_name)
db_obj = models.StaticAnalyzer(app_name.strip('.apk'),
info,
"Running")
self.db.session.add(db_obj)
self.db.session.commit()
self.redirect('/report?app='+app_name.strip('.apk')+'&status=Running')
else:
self.render('dashboard.html', apps=apps)
def grab_application_name_description_icon(self, package_name) :
"""
@param package_name : package name
@rtype : (name, description, icon) string tuple
"""
# Constants
REQUEST_TIMEOUT = 4
ERROR_APP_DESC_NOT_FOUND = 'N/A'
try :
# Content in English
url = "http://play.google.com/store/apps/details?id=%s&hl=en" % str(package_name)
req = urllib2.Request(url)
response = urllib2.urlopen(req, timeout=REQUEST_TIMEOUT)
the_page = response.read()
p_name = re.compile(ur'''<h1 class="doc-banner-title">(.*)</h1>''')
p_desc = re.compile(ur'''(?:\<div id=\"doc-original-text\" \>)(.*)(?:\<\/div\>\<\/div\>\<div class\=\"doc-description-overflow\"\>)''')
p_icon = re.compile(ur'''(?:\<div class\=\"doc-banner-icon\"\>)(.*)(?:\<\/div\>\<\/td\><td class="doc-details-ratings-price")''')
if p_name.findall(the_page) and p_desc.findall(the_page) and p_icon.findall(the_page) :
name = strip_HTML_tags(p_name.findall(the_page)[0].decode("utf-8"))
desc = strip_HTML_tags(p_desc.findall(the_page)[0].decode("utf-8"))
icon_link = p_icon.findall(the_page)[0]
return (name, desc, icon_link)
else :
logger.warn("'%s' application's description and icon could not be found in the page" % str(package_name))
return ERROR_APP_DESC_NOT_FOUND, ERROR_APP_DESC_NOT_FOUND, ERROR_APP_DESC_NOT_FOUND
except HTTPError :
logger.warn("'%s' application name does not exist on Google Play" % str(package_name))
return ERROR_APP_DESC_NOT_FOUND, ERROR_APP_DESC_NOT_FOUND, ERROR_APP_DESC_NOT_FOUND
def detect_Telephony_SMS_read(x) :
"""
@param x : a VMAnalysis instance
@rtype : a list of formatted strings
"""
formatted_str = []
detector_1 = search_string(x, "content://sms/inbox")
detectors = [detector_1]
if detector_tab_is_not_empty(detectors) :
local_formatted_str = 'This application reads the SMS inbox'
formatted_str.append(local_formatted_str)
for res in detectors :
if res :
try :
log_result_path_information(res, "SMS Inbox", "string")
except :
logger.warn("Detector result '%s' is not a PathVariable instance" % res)
return formatted_str
def detect_ContactAccess_lookup(x) :
"""
@param x : a VMAnalysis instance
@rtype : a list of formatted strings
"""
formatted_str = []
detector_1 = search_field(x, "Landroid/provider/ContactsContract$CommonDataKinds$Phone;")
detectors = [detector_1]
if detector_tab_is_not_empty(detectors) :
local_formatted_str = 'This application reads or edits contact data'
formatted_str.append(local_formatted_str)
for res in detectors :
if res :
try :
log_result_path_information(res, "Contact access", "field")
except :
logger.warn("Detector result '%s' is not a PathVariable instance" % res)
return formatted_str
