mirror of
https://github.com/mvt-project/mvt.git
synced 2024-06-29 07:39:00 +00:00
Pull file hashes fom Packages module directly
This commit is contained in:
parent
a22241ec32
commit
f68b7e7089
|
@ -11,7 +11,6 @@ import pkg_resources
|
||||||
from tqdm import tqdm
|
from tqdm import tqdm
|
||||||
|
|
||||||
from mvt.common.module import InsufficientPrivileges
|
from mvt.common.module import InsufficientPrivileges
|
||||||
from mvt.common.utils import get_sha256_from_file_path
|
|
||||||
|
|
||||||
from .modules.adb.base import AndroidExtraction
|
from .modules.adb.base import AndroidExtraction
|
||||||
from .modules.adb.packages import Packages
|
from .modules.adb.packages import Packages
|
||||||
|
@ -158,37 +157,16 @@ class DownloadAPKs(AndroidExtraction):
|
||||||
log.info("[%d/%d] Package: %s", counter, len(packages_selection),
|
log.info("[%d/%d] Package: %s", counter, len(packages_selection),
|
||||||
package["package_name"])
|
package["package_name"])
|
||||||
|
|
||||||
# Get the file path for the specific package.
|
|
||||||
try:
|
|
||||||
output = self._adb_command(f"pm path {package['package_name']}")
|
|
||||||
output = output.strip().replace("package:", "")
|
|
||||||
if not output:
|
|
||||||
continue
|
|
||||||
except Exception as e:
|
|
||||||
log.exception("Failed to get path of package %s: %s",
|
|
||||||
package["package_name"], e)
|
|
||||||
self._adb_reconnect()
|
|
||||||
continue
|
|
||||||
|
|
||||||
# Sometimes the package path contains multiple lines for multiple apks.
|
# Sometimes the package path contains multiple lines for multiple apks.
|
||||||
# We loop through each line and download each file.
|
# We loop through each line and download each file.
|
||||||
for path in output.split("\n"):
|
for package_file in package["files"]:
|
||||||
device_path = path.strip()
|
device_path = package_file["path"]
|
||||||
file_path = self.pull_package_file(package["package_name"],
|
local_path = self.pull_package_file(package["package_name"],
|
||||||
device_path)
|
device_path)
|
||||||
if not file_path:
|
if not local_path:
|
||||||
continue
|
continue
|
||||||
|
|
||||||
file_info = {
|
package_file["local_path"] = local_path
|
||||||
"path": device_path,
|
|
||||||
"local_name": file_path,
|
|
||||||
"sha256": get_sha256_from_file_path(file_path),
|
|
||||||
}
|
|
||||||
|
|
||||||
if "files" not in package:
|
|
||||||
package["files"] = [file_info,]
|
|
||||||
else:
|
|
||||||
package["files"].append(file_info)
|
|
||||||
|
|
||||||
log.info("Download of selected packages completed")
|
log.info("Download of selected packages completed")
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,7 @@ def koodous_lookup(packages):
|
||||||
res = requests.get(url)
|
res = requests.get(url)
|
||||||
report = res.json()
|
report = res.json()
|
||||||
|
|
||||||
row = [package["package_name"], file["local_name"]]
|
row = [package["package_name"], file["path"]]
|
||||||
|
|
||||||
if "package_name" in report:
|
if "package_name" in report:
|
||||||
trusted = "no"
|
trusted = "no"
|
||||||
|
|
|
@ -75,7 +75,7 @@ def virustotal_lookup(packages):
|
||||||
|
|
||||||
for package in packages:
|
for package in packages:
|
||||||
for file in package.get("files", []):
|
for file in package.get("files", []):
|
||||||
row = [package["package_name"], file["local_name"]]
|
row = [package["package_name"], file["path"]]
|
||||||
|
|
||||||
if file["sha256"] in detections:
|
if file["sha256"] in detections:
|
||||||
detection = detections[file["sha256"]]
|
detection = detections[file["sha256"]]
|
||||||
|
|
|
@ -55,6 +55,31 @@ class Packages(AndroidExtraction):
|
||||||
root_package)
|
root_package)
|
||||||
self.detected.append(root_package)
|
self.detected.append(root_package)
|
||||||
|
|
||||||
|
def _get_files_for_package(self, package_name):
|
||||||
|
output = self._adb_command(f"pm path {package_name}")
|
||||||
|
output = output.strip().replace("package:", "")
|
||||||
|
if not output:
|
||||||
|
return []
|
||||||
|
|
||||||
|
package_files = []
|
||||||
|
for file_path in output.split("\n"):
|
||||||
|
file_path = file_path.strip()
|
||||||
|
|
||||||
|
md5 = self._adb_command(f"md5sum {file_path}").split(" ")[0]
|
||||||
|
sha1 = self._adb_command(f"sha1sum {file_path}").split(" ")[0]
|
||||||
|
sha256 = self._adb_command(f"sha256sum {file_path}").split(" ")[0]
|
||||||
|
sha512 = self._adb_command(f"sha512sum {file_path}").split(" ")[0]
|
||||||
|
|
||||||
|
package_files.append({
|
||||||
|
"path": file_path,
|
||||||
|
"md5": md5,
|
||||||
|
"sha1": sha1,
|
||||||
|
"sha256": sha256,
|
||||||
|
"sha512": sha512,
|
||||||
|
})
|
||||||
|
|
||||||
|
return package_files
|
||||||
|
|
||||||
def run(self):
|
def run(self):
|
||||||
self._adb_connect()
|
self._adb_connect()
|
||||||
|
|
||||||
|
@ -85,6 +110,8 @@ class Packages(AndroidExtraction):
|
||||||
first_install = dumpsys[1].split("=")[1].strip()
|
first_install = dumpsys[1].split("=")[1].strip()
|
||||||
last_update = dumpsys[2].split("=")[1].strip()
|
last_update = dumpsys[2].split("=")[1].strip()
|
||||||
|
|
||||||
|
package_files = self._get_files_for_package(package_name)
|
||||||
|
|
||||||
self.results.append({
|
self.results.append({
|
||||||
"package_name": package_name,
|
"package_name": package_name,
|
||||||
"file_name": file_name,
|
"file_name": file_name,
|
||||||
|
@ -96,6 +123,7 @@ class Packages(AndroidExtraction):
|
||||||
"disabled": False,
|
"disabled": False,
|
||||||
"system": False,
|
"system": False,
|
||||||
"third_party": False,
|
"third_party": False,
|
||||||
|
"files": package_files,
|
||||||
})
|
})
|
||||||
|
|
||||||
cmds = [
|
cmds = [
|
||||||
|
|
Loading…
Reference in New Issue
Block a user