From a833dda5812096cebeb55fdfb7f6f9d52f18d153 Mon Sep 17 00:00:00 2001 From: Nex Date: Wed, 2 Feb 2022 19:00:20 +0100 Subject: [PATCH] Added getprop bugreport module --- .../modules/adb/dumpsys_accessibility.py | 2 +- mvt/android/modules/adb/dumpsys_activities.py | 2 +- .../modules/adb/dumpsys_battery_daily.py | 2 +- .../modules/adb/dumpsys_battery_history.py | 2 +- mvt/android/modules/adb/dumpsys_dbinfo.py | 2 +- mvt/android/modules/adb/dumpsys_receivers.py | 2 +- mvt/android/modules/adb/getprop.py | 19 ++++--- mvt/android/modules/adb/packages.py | 10 ++-- mvt/android/modules/adb/processes.py | 2 +- mvt/android/modules/adb/root_binaries.py | 2 +- mvt/android/modules/bugreport/__init__.py | 3 +- .../modules/bugreport/accessibility.py | 2 +- mvt/android/modules/bugreport/activities.py | 2 +- .../modules/bugreport/battery_daily.py | 2 +- .../modules/bugreport/battery_history.py | 2 +- mvt/android/modules/bugreport/dbinfo.py | 2 +- mvt/android/modules/bugreport/getprop.py | 53 +++++++++++++++++++ mvt/android/modules/bugreport/packages.py | 4 +- mvt/android/modules/bugreport/receivers.py | 2 +- 19 files changed, 89 insertions(+), 28 deletions(-) create mode 100644 mvt/android/modules/bugreport/getprop.py diff --git a/mvt/android/modules/adb/dumpsys_accessibility.py b/mvt/android/modules/adb/dumpsys_accessibility.py index 511f310..f5053c2 100644 --- a/mvt/android/modules/adb/dumpsys_accessibility.py +++ b/mvt/android/modules/adb/dumpsys_accessibility.py @@ -35,7 +35,7 @@ class DumpsysAccessibility(AndroidExtraction): results = [] in_services = False - for line in output.split("\n"): + for line in output.splitlines(): if line.strip().startswith("installed services:"): in_services = True continue diff --git a/mvt/android/modules/adb/dumpsys_activities.py b/mvt/android/modules/adb/dumpsys_activities.py index 8bdef81..f392036 100644 --- a/mvt/android/modules/adb/dumpsys_activities.py +++ b/mvt/android/modules/adb/dumpsys_activities.py @@ -40,7 +40,7 @@ class DumpsysActivities(AndroidExtraction): in_activity_resolver_table = False in_non_data_actions = False intent = None - for line in output.split("\n"): + for line in output.splitlines(): if line.startswith("Activity Resolver Table:"): in_activity_resolver_table = True continue diff --git a/mvt/android/modules/adb/dumpsys_battery_daily.py b/mvt/android/modules/adb/dumpsys_battery_daily.py index c1abc7d..86adc2d 100644 --- a/mvt/android/modules/adb/dumpsys_battery_daily.py +++ b/mvt/android/modules/adb/dumpsys_battery_daily.py @@ -43,7 +43,7 @@ class DumpsysBatteryDaily(AndroidExtraction): results = [] daily = None daily_updates = [] - for line in output.split("\n")[1:]: + for line in output.splitlines()[1:]: if line.startswith(" Daily from "): if len(daily_updates) > 0: results.extend(daily_updates) diff --git a/mvt/android/modules/adb/dumpsys_battery_history.py b/mvt/android/modules/adb/dumpsys_battery_history.py index 4d054bb..dbad9b0 100644 --- a/mvt/android/modules/adb/dumpsys_battery_history.py +++ b/mvt/android/modules/adb/dumpsys_battery_history.py @@ -34,7 +34,7 @@ class DumpsysBatteryHistory(AndroidExtraction): def parse_battery_history(output): results = [] - for line in output.split("\n")[1:]: + for line in output.splitlines()[1:]: if line.strip() == "": break diff --git a/mvt/android/modules/adb/dumpsys_dbinfo.py b/mvt/android/modules/adb/dumpsys_dbinfo.py index a1755c0..55b79ac 100644 --- a/mvt/android/modules/adb/dumpsys_dbinfo.py +++ b/mvt/android/modules/adb/dumpsys_dbinfo.py @@ -42,7 +42,7 @@ class DumpsysDBInfo(AndroidExtraction): rxp = re.compile(r'.*\[([0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}\.[0-9]{3})\].*\[Pid:\((\d+)\)\](\w+).*sql\=\"(.+?)\".*path\=(.*?$)') in_operations = False - for line in output.split("\n"): + for line in output.splitlines(): if line.strip() == "Most recently executed operations:": in_operations = True continue diff --git a/mvt/android/modules/adb/dumpsys_receivers.py b/mvt/android/modules/adb/dumpsys_receivers.py index 1428329..1e5ce8a 100644 --- a/mvt/android/modules/adb/dumpsys_receivers.py +++ b/mvt/android/modules/adb/dumpsys_receivers.py @@ -62,7 +62,7 @@ class DumpsysReceivers(AndroidExtraction): in_receiver_resolver_table = False in_non_data_actions = False intent = None - for line in output.split("\n"): + for line in output.splitlines(): if line.startswith("Receiver Resolver Table:"): in_receiver_resolver_table = True continue diff --git a/mvt/android/modules/adb/getprop.py b/mvt/android/modules/adb/getprop.py index f59df9c..44cff82 100644 --- a/mvt/android/modules/adb/getprop.py +++ b/mvt/android/modules/adb/getprop.py @@ -22,12 +22,12 @@ class Getprop(AndroidExtraction): self.results = {} if not results else results - def run(self): - self._adb_connect() - + @staticmethod + def parse_getprop(output): + results = {} rxp = re.compile(r"\[(.+?)\]: \[(.+?)\]") - out = self._adb_command("getprop") - for line in out.splitlines(): + + for line in output.splitlines(): line = line.strip() if line == "": continue @@ -38,8 +38,15 @@ class Getprop(AndroidExtraction): key = matches[0][0] value = matches[0][1] - self.results[key] = value + results[key] = value + return results + + def run(self): + self._adb_connect() + output = self._adb_command("getprop") self._adb_disconnect() + self.results = self.parse_getprop(output) + self.log.info("Extracted %d Android system properties", len(self.results)) diff --git a/mvt/android/modules/adb/packages.py b/mvt/android/modules/adb/packages.py index cb356de..6434d9a 100644 --- a/mvt/android/modules/adb/packages.py +++ b/mvt/android/modules/adb/packages.py @@ -71,7 +71,7 @@ class Packages(AndroidExtraction): def check_indicators(self): root_packages_path = os.path.join("..", "..", "data", "root_packages.txt") root_packages_string = pkg_resources.resource_string(__name__, root_packages_path) - root_packages = root_packages_string.decode("utf-8").split("\n") + root_packages = root_packages_string.decode("utf-8").splitlines() root_packages = [rp.strip() for rp in root_packages] for result in self.results: @@ -109,7 +109,7 @@ class Packages(AndroidExtraction): } in_permissions = False - for line in output.split("\n"): + for line in output.splitlines(): if in_permissions: if line.startswith(" " * 4) and not line.startswith(" " * 6): in_permissions = False @@ -143,7 +143,7 @@ class Packages(AndroidExtraction): return [] package_files = [] - for file_path in output.split("\n"): + for file_path in output.splitlines(): file_path = file_path.strip() md5 = self._adb_command(f"md5sum {file_path}").split(" ")[0] @@ -166,7 +166,7 @@ class Packages(AndroidExtraction): packages = self._adb_command("pm list packages -u -i -f") - for line in packages.split("\n"): + for line in packages.splitlines(): line = line.strip() if not line.startswith("package:"): continue @@ -206,7 +206,7 @@ class Packages(AndroidExtraction): ] for cmd in cmds: output = self._adb_command(f"pm list packages {cmd['arg']}") - for line in output.split("\n"): + for line in output.splitlines(): line = line.strip() if not line.startswith("package:"): continue diff --git a/mvt/android/modules/adb/processes.py b/mvt/android/modules/adb/processes.py index b312013..023d426 100644 --- a/mvt/android/modules/adb/processes.py +++ b/mvt/android/modules/adb/processes.py @@ -24,7 +24,7 @@ class Processes(AndroidExtraction): output = self._adb_command("ps -e") - for line in output.split("\n")[1:]: + for line in output.splitlines()[1:]: line = line.strip() if line == "": continue diff --git a/mvt/android/modules/adb/root_binaries.py b/mvt/android/modules/adb/root_binaries.py index a2d7013..445ba15 100644 --- a/mvt/android/modules/adb/root_binaries.py +++ b/mvt/android/modules/adb/root_binaries.py @@ -25,7 +25,7 @@ class RootBinaries(AndroidExtraction): def run(self): root_binaries_path = os.path.join("..", "..", "data", "root_binaries.txt") root_binaries_string = pkg_resources.resource_string(__name__, root_binaries_path) - root_binaries = root_binaries_string.decode("utf-8").split("\n") + root_binaries = root_binaries_string.decode("utf-8").splitlines() self._adb_connect() diff --git a/mvt/android/modules/bugreport/__init__.py b/mvt/android/modules/bugreport/__init__.py index d7f3943..129ccaa 100644 --- a/mvt/android/modules/bugreport/__init__.py +++ b/mvt/android/modules/bugreport/__init__.py @@ -8,8 +8,9 @@ from .activities import Activities from .battery_daily import BatteryDaily from .battery_history import BatteryHistory from .dbinfo import DBInfo +from .getprop import Getprop from .packages import Packages from .receivers import Receivers BUGREPORT_MODULES = [Accessibility, Activities, BatteryDaily, BatteryHistory, - DBInfo, Packages, Receivers] + DBInfo, Getprop, Packages, Receivers] diff --git a/mvt/android/modules/bugreport/accessibility.py b/mvt/android/modules/bugreport/accessibility.py index e0a96d0..1b52a2d 100644 --- a/mvt/android/modules/bugreport/accessibility.py +++ b/mvt/android/modules/bugreport/accessibility.py @@ -43,7 +43,7 @@ class Accessibility(BugReportModule): lines = [] in_accessibility = False - for line in content.decode().split("\n"): + for line in content.decode().splitlines(): if line.strip() == "DUMP OF SERVICE accessibility:": in_accessibility = True continue diff --git a/mvt/android/modules/bugreport/activities.py b/mvt/android/modules/bugreport/activities.py index e092c65..9fdac53 100644 --- a/mvt/android/modules/bugreport/activities.py +++ b/mvt/android/modules/bugreport/activities.py @@ -46,7 +46,7 @@ class Activities(BugReportModule): lines = [] in_package = False - for line in content.decode().split("\n"): + for line in content.decode().splitlines(): if line.strip() == "DUMP OF SERVICE package:": in_package = True continue diff --git a/mvt/android/modules/bugreport/battery_daily.py b/mvt/android/modules/bugreport/battery_daily.py index c330cb2..d243dbf 100644 --- a/mvt/android/modules/bugreport/battery_daily.py +++ b/mvt/android/modules/bugreport/battery_daily.py @@ -52,7 +52,7 @@ class BatteryDaily(BugReportModule): lines = [] in_batterystats = False in_daily = False - for line in content.decode().split("\n"): + for line in content.decode().splitlines(): if line.strip() == "DUMP OF SERVICE batterystats:": in_batterystats = True continue diff --git a/mvt/android/modules/bugreport/battery_history.py b/mvt/android/modules/bugreport/battery_history.py index c0e9697..5ed68c9 100644 --- a/mvt/android/modules/bugreport/battery_history.py +++ b/mvt/android/modules/bugreport/battery_history.py @@ -45,7 +45,7 @@ class BatteryHistory(BugReportModule): lines = [] in_batterystats = False in_history = False - for line in content.decode().split("\n"): + for line in content.decode().splitlines(): if line.strip() == "********** Print latest newbatterystats **********": in_batterystats = True continue diff --git a/mvt/android/modules/bugreport/dbinfo.py b/mvt/android/modules/bugreport/dbinfo.py index c125b52..a6edb89 100644 --- a/mvt/android/modules/bugreport/dbinfo.py +++ b/mvt/android/modules/bugreport/dbinfo.py @@ -47,7 +47,7 @@ class DBInfo(BugReportModule): in_dbinfo = False lines = [] - for line in content.decode().split("\n"): + for line in content.decode().splitlines(): if line.strip() == "DUMP OF SERVICE dbinfo:": in_dbinfo = True continue diff --git a/mvt/android/modules/bugreport/getprop.py b/mvt/android/modules/bugreport/getprop.py new file mode 100644 index 0000000..c8d30d2 --- /dev/null +++ b/mvt/android/modules/bugreport/getprop.py @@ -0,0 +1,53 @@ +# Mobile Verification Toolkit (MVT) +# Copyright (c) 2021-2022 The MVT Project Authors. +# Use of this software is governed by the MVT License 1.1 that can be found at +# https://license.mvt.re/1.1/ + +import logging +import re + +from .base import BugReportModule +from mvt.android.modules.adb.getprop import Getprop as GP + +log = logging.getLogger(__name__) + + +class Getprop(BugReportModule): + """This module extracts device properties from getprop command.""" + + def __init__(self, file_path=None, base_folder=None, output_folder=None, + serial=None, fast_mode=False, log=None, results=[]): + super().__init__(file_path=file_path, base_folder=base_folder, + output_folder=output_folder, fast_mode=fast_mode, + log=log, results=results) + + self.results = {} if not results else results + + def run(self): + dumpstate_files = self._get_files_by_pattern("dumpstate-*") + if not dumpstate_files: + return + + content = self._get_file_content(dumpstate_files[0]) + if not content: + return + + lines = [] + in_getprop = False + for line in content.decode().splitlines(): + if line.strip() == "------ SYSTEM PROPERTIES (getprop) ------": + in_getprop = True + continue + + if not in_getprop: + continue + + if line.strip() == "------": + break + + lines.append(line) + + self.results = GP.parse_getprop("\n".join(lines)) + + self.log.info("Extracted %d Android system properties", len(self.results)) + diff --git a/mvt/android/modules/bugreport/packages.py b/mvt/android/modules/bugreport/packages.py index d1c1f22..1900c9d 100644 --- a/mvt/android/modules/bugreport/packages.py +++ b/mvt/android/modules/bugreport/packages.py @@ -60,7 +60,7 @@ class Packages(BugReportModule): package_name = None package = {} lines = [] - for line in output.split("\n"): + for line in output.splitlines(): if line.startswith(" Package ["): if len(lines) > 0: details = PCK.parse_package_for_details("\n".join(lines)) @@ -95,7 +95,7 @@ class Packages(BugReportModule): in_package = False in_packages_list = False lines = [] - for line in content.decode().split("\n"): + for line in content.decode().splitlines(): if line.strip() == "DUMP OF SERVICE package:": in_package = True continue diff --git a/mvt/android/modules/bugreport/receivers.py b/mvt/android/modules/bugreport/receivers.py index 4954c9a..62dc9bc 100644 --- a/mvt/android/modules/bugreport/receivers.py +++ b/mvt/android/modules/bugreport/receivers.py @@ -68,7 +68,7 @@ class Receivers(BugReportModule): in_receivers = False lines = [] - for line in content.decode().split("\n"): + for line in content.decode().splitlines(): if line.strip() == "DUMP OF SERVICE package:": in_receivers = True continue