mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-11-18 20:50:10 +01:00
df27bae6a0
* New command `dscanner`, enables one to scan signed APKs with Drozer * Drozer is a dynamic vulnerability scanner for Android * Drozer runs in a emulator or on-device, this new `dscanner` command... * starts a docker image with Drozer and the Android Emulator pre-installed, * loads the signed APK into the emulator * activates Drozer automated tests for the APK * gathers the report output and places it next to the original APK * The Drozer docker image can be: * cached locally for re-use (just don't run --clean*) * retrieved from dockerhub.com for more efficient runtime * or be built from scratch (in the new "./docker" directory) * New "Vulnerability Scanning" documentation section (run gendocs.sh)
36 lines
1.2 KiB
Python
36 lines
1.2 KiB
Python
#!/usr/bin/env python2
|
|
|
|
import pexpect
|
|
import sys
|
|
|
|
prompt = "dz>"
|
|
target = sys.argv[1]
|
|
|
|
drozer = pexpect.spawn("drozer console connect")
|
|
drozer.logfile = open("/tmp/drozer_report.log", "w")
|
|
|
|
|
|
# start
|
|
drozer.expect(prompt)
|
|
|
|
|
|
def send_command(command, target):
|
|
cmd = "run {0} -a {1}".format(command, target)
|
|
drozer.sendline(cmd)
|
|
drozer.expect(prompt)
|
|
|
|
scanners = [
|
|
"scanner.misc.native", # Find native components included in packages
|
|
#"scanner.misc.readablefiles", # Find world-readable files in the given folder
|
|
#"scanner.misc.secretcodes", # Search for secret codes that can be used from the dialer
|
|
#"scanner.misc.sflagbinaries", # Find suid/sgid binaries in the given folder (default is /system).
|
|
#"scanner.misc.writablefiles", # Find world-writable files in the given folder
|
|
"scanner.provider.finduris", # Search for content providers that can be queried.
|
|
"scanner.provider.injection", # Test content providers for SQL injection vulnerabilities.
|
|
"scanner.provider.sqltables", # Find tables accessible through SQL injection vulnerabilities.
|
|
"scanner.provider.traversal" # Test content providers for basic directory traversal
|
|
]
|
|
|
|
for scanner in scanners:
|
|
send_command(scanner, target)
|