mirror of
https://github.com/mvt-project/mvt.git
synced 2024-06-18 18:38:58 +00:00
Added module checking SELinux enforcement status
This commit is contained in:
parent
998d87900d
commit
69daf3c3cd
|
@ -17,11 +17,13 @@ from .logcat import Logcat
|
||||||
from .packages import Packages
|
from .packages import Packages
|
||||||
from .processes import Processes
|
from .processes import Processes
|
||||||
from .root_binaries import RootBinaries
|
from .root_binaries import RootBinaries
|
||||||
|
from .selinux_status import SELinuxStatus
|
||||||
from .settings import Settings
|
from .settings import Settings
|
||||||
from .sms import SMS
|
from .sms import SMS
|
||||||
from .whatsapp import Whatsapp
|
from .whatsapp import Whatsapp
|
||||||
|
|
||||||
ADB_MODULES = [ChromeHistory, SMS, Whatsapp, Processes, Getprop, Settings,
|
ADB_MODULES = [ChromeHistory, SMS, Whatsapp, Processes, Getprop, Settings,
|
||||||
DumpsysBatteryHistory, DumpsysBatteryDaily, DumpsysReceivers,
|
SELinuxStatus, DumpsysBatteryHistory, DumpsysBatteryDaily,
|
||||||
DumpsysActivities, DumpsysAccessibility, DumpsysDBInfo,
|
DumpsysReceivers, DumpsysActivities, DumpsysAccessibility,
|
||||||
DumpsysFull, Packages, RootBinaries, Logcat, Files]
|
DumpsysDBInfo, DumpsysFull, Packages, Logcat, RootBinaries,
|
||||||
|
Files]
|
||||||
|
|
40
mvt/android/modules/adb/selinux_status.py
Normal file
40
mvt/android/modules/adb/selinux_status.py
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
# Mobile Verification Toolkit (MVT)
|
||||||
|
# Copyright (c) 2021-2022 The MVT Project Authors.
|
||||||
|
# Use of this software is governed by the MVT License 1.1 that can be found at
|
||||||
|
# https://license.mvt.re/1.1/
|
||||||
|
|
||||||
|
import logging
|
||||||
|
import os
|
||||||
|
|
||||||
|
import pkg_resources
|
||||||
|
|
||||||
|
from .base import AndroidExtraction
|
||||||
|
|
||||||
|
log = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
class SELinuxStatus(AndroidExtraction):
|
||||||
|
"""This module checks if SELinux is being enforced."""
|
||||||
|
|
||||||
|
slug = "selinux_status"
|
||||||
|
|
||||||
|
def __init__(self, file_path=None, base_folder=None, output_folder=None,
|
||||||
|
serial=None, fast_mode=False, log=None, results=[]):
|
||||||
|
super().__init__(file_path=file_path, base_folder=base_folder,
|
||||||
|
output_folder=output_folder, fast_mode=fast_mode,
|
||||||
|
log=log, results=results)
|
||||||
|
|
||||||
|
self.results = {} if not results else results
|
||||||
|
|
||||||
|
def run(self):
|
||||||
|
self._adb_connect()
|
||||||
|
output = self._adb_command("getenforce")
|
||||||
|
self._adb_disconnect()
|
||||||
|
|
||||||
|
status = output.lower().strip()
|
||||||
|
self.results["status"] = status
|
||||||
|
|
||||||
|
if status == "enforcing":
|
||||||
|
self.log.info("SELinux is being regularly enforced")
|
||||||
|
else:
|
||||||
|
self.log.warning("SELinux status is \"%s\"!", status)
|
Loading…
Reference in New Issue
Block a user