diff --git a/parse_dump.py b/parse_dump.py index 85c41ce..3ff0544 100644 --- a/parse_dump.py +++ b/parse_dump.py @@ -462,7 +462,7 @@ def load_file(self): apps_plist = load(app_data) d = pd.DataFrame(apps_plist) d['appId'] = d['CFBundleIdentifier'] - d.set_index('appId', inplace=True) + # d.set_index('appId', inplace=True) return d except Exception as ex: print(ex) @@ -480,7 +480,7 @@ def check_unseen_permissions(self, permissions): print('Noted.') #print('\t'+msg+": "+str(PERMISSIONS_MAP[permission])+"\tReason: "+app.get(permission,'system app')) - def get_permissions(self, app): + def get_permissions(self, app: str) -> list: ''' Returns a list of tuples (permission, developer-provided reason for permission). Could modify this function to include whether or not the permission can be adjusted @@ -536,8 +536,8 @@ def info(self, appid): if party in ['system', 'user']: print(app['CFBundleName'],"("+app['CFBundleIdentifier']+") is a {} app and has permissions:"\ .format(party)) - # permissions are an array that returns the permission id and an explanation. - permissions = self.get_permissions(app) + # permissions are an array that returns the permission id and an explanation. + permissions = self.get_permissions(app) res['permissions'] = [(p.capitalize(), r) for p, r in permissions] res['title'] = app['CFBundleExecutable'] res['App Version'] = app['CFBundleVersion'] diff --git a/phone_scanner.py b/phone_scanner.py index c4f23e1..4b8873c 100644 --- a/phone_scanner.py +++ b/phone_scanner.py @@ -42,10 +42,10 @@ def setup(self): def devices(self): raise Exception("Not implemented") - def get_apps(self, serialno: str, from_device: bool) -> list: + def get_apps(self, serialno: str, from_dump: bool) -> list: pass - def get_offstore_apps(self, serialno): + def get_offstore_apps(self, serialno:str, from_dump: bool) -> list: return [] def dump_path(self, serial, fkind='json'): @@ -110,13 +110,12 @@ def app_details(self, serialno, appid): print(">>> Exception:::", ex, file=sys.stderr) return pd.DataFrame([]), dict() - def find_spyapps(self, serialno, from_dump=True): + def find_spyapps(self, serialno, from_dump=False): """Finds the apps in the phone and add flags to them based on @blocklist.py Return the sorted dataframe This is the **main** function that is called from the views in web/view/scan.py """ - from_device = (not from_dump) - installed_apps = self.get_apps(serialno, from_device=from_device) + installed_apps = self.get_apps(serialno, from_dump=from_dump) if len(installed_apps) <= 0: return pd.DataFrame( @@ -125,8 +124,8 @@ def find_spyapps(self, serialno, from_dump=True): ) r = blocklist.app_title_and_flag( pd.DataFrame({'appId': installed_apps}), - offstore_apps=self.get_offstore_apps(serialno, from_device=from_device), - system_apps=self.get_system_apps(serialno, from_device=from_device) + offstore_apps=self.get_offstore_apps(serialno, from_dump=from_dump), + system_apps=self.get_system_apps(serialno, from_dump=from_dump) ) r['title'] = r.title.fillna('') if self.device_type == 'android': @@ -136,7 +135,7 @@ def find_spyapps(self, serialno, from_dump=True): ), self.app_info_conn, params=(installed_apps)).set_index('appId') td.index.rename('appId', inplace=True) elif self.device_type == 'ios': - td = self.get_app_titles(serialno) + td = self.get_app_titles(serialno).set_index('appId') r.set_index('appId', inplace=True) r.loc[td.index, 'title'] = td.get('title','') @@ -155,7 +154,7 @@ def find_spyapps(self, serialno, from_dump=True): return r[['title', 'flags', 'score', 'class_', 'html_flags']] def flag_apps(self, serialno): - installed_apps = self.get_apps(serialno, from_device=False) + installed_apps = self.get_apps(serialno, from_dump=False) app_flags = blocklist.flag_apps(installed_apps) return app_flags @@ -221,10 +220,10 @@ def _get_apps_from_dump(self, serialno): app_and_codes = self.dump_d.apps() return [a for a,c in app_and_codes] - def get_apps(self, serialno, from_device=True) -> list: - print(f"Getting Android apps: {serialno} from_device={from_device}") + def get_apps(self, serialno: str, from_dump: bool=True) -> list: + print(f"Getting Android apps: {serialno} from_dump={from_dump}") hmac_serial = config.hmac_serial(serialno) - if from_device: + if (not from_dump): installed_apps = self._get_apps_from_device(serialno, '-u') if installed_apps: q = run_command( @@ -236,15 +235,15 @@ def get_apps(self, serialno, from_device=True) -> list: self.installed_apps = installed_apps return installed_apps - def get_system_apps(self, serialno, from_device=False): - if from_device: + def get_system_apps(self, serialno, from_dump=False): + if (not from_dump): apps = self._get_apps_from_device(serialno, '-s') else: apps = [] ## TODO: fix this later, not sure how to get from dump return apps - def get_offstore_apps(self, serialno, from_device=False): - if not from_device: + def get_offstore_apps(self, serialno, from_dump=False): + if from_dump: return [] # TODO: fix this later, not sure how to get from dump offstore = [] rooted, reason = self.isrooted(serialno) @@ -453,10 +452,10 @@ def get_app_titles(self, serialno): self._dump_phone(serialno) return self.parse_dump.installed_apps_titles() - def get_apps(self, serialno: str, from_device: bool) -> list: + def get_apps(self, serialno: str, from_dump: bool) -> list: """iOS always read everything from dump, so nothing to change.""" self.serialno = serialno - if from_device: + if not from_dump: if not self._dump_phone(serialno): print("Failed to dump the phone. Check error on the terminal") return [] @@ -465,7 +464,7 @@ def get_apps(self, serialno: str, from_device: bool) -> list: print('iOS INFO DUMPED.') return self.installed_apps - def get_system_apps(self, serialno) -> list: + def get_system_apps(self, serialno:str, from_dump: bool) -> list: if self.parse_dump: return self.parse_dump.system_apps() else: @@ -614,10 +613,10 @@ def get_apps(self, serialno): def devices(self): return ["testdevice1", "testdevice2"] - def get_system_apps(self, serialno): - return self.get_apps(serialno)[:10] + def get_system_apps(self, serialno, from_dump=False): + return self.get_apps(serialno, from_dump)[:10] - def get_offstore_apps(self, serialno): + def get_offstore_apps(self, serialno, from_dump=False): return self.get_apps(serialno)[-4:] def uninstall(self, serial, appid): diff --git a/scripts/ios_dump.sh b/scripts/ios_dump.sh index c914bd8..07079ed 100755 --- a/scripts/ios_dump.sh +++ b/scripts/ios_dump.sh @@ -16,11 +16,11 @@ serial=$(idevice_id -l 2>&1 | tail -n 1) mkdir -p phone_dumps/"$1"_ios cd phone_dumps/"$1"_ios # gets all of the details about each app (basically what ios_deploy does but with extra fields) -ideviceinstaller -u "$serial" -l -o xml -o list_all > $2 +ideviceinstaller -u "$serial" -l -o xml -o list_all > "$2" # get around bug in Python 3 that doesn't recognize utf-8 encodings. -sed -i -e 's///g' $2 -sed -i -e 's/<\/data>/<\/string>/g' $2 +# sed -i -e 's///g' $2 +# sed -i -e 's/<\/data>/<\/string>/g' $2 # maybe for macOS... # plutil -convert json $2 @@ -28,8 +28,8 @@ sed -i -e 's/<\/data>/<\/string>/g' $2 # gets OS version, serial, etc. -x for xml. Raw is easy to parse, too. ideviceinfo -u "$serial" -x > $3 -sed -i -e 's///g' $3 -sed -i -e 's/<\/data>/<\/string>/g' $3 +# sed -i -e 's///g' $3 +# sed -i -e 's/<\/data>/<\/string>/g' $3 # remove identifying info (delete file after saving # relevant bits of scan in server.py, actually) diff --git a/web/view/scan.py b/web/view/scan.py index 894e00f..1705107 100644 --- a/web/view/scan.py +++ b/web/view/scan.py @@ -170,7 +170,8 @@ def scan(): if device == 'ios': pii_fpath = sc.dump_path(ser, 'Device_Info') print('Revelant info saved to db. Deleting {} now.'.format(pii_fpath)) - cmd = os.unlink(pii_fpath) + if os.path.exists(pii_fpath): + cmd = os.unlink(pii_fpath) # s = catch_err(run_command(cmd), msg="Delete pii failed", cmd=cmd) print('iOS PII deleted.')