Small bug fixes for Android. Works on WSL2 after installing adb on Wi…

…ndows, and symlinking in WSL.
stopipv · Feb 24, 2021 · abd8b93 · abd8b93
1 parent 4fe5334
commit abd8b93
Show file tree

Hide file tree

Showing 7 changed files with 55 additions and 33 deletions.
diff --git a/android_permissions.py b/android_permissions.py
@@ -115,16 +115,16 @@ def package_info(dumpf, appid):
         # FIXME: don't rely on rsonlite to parse correctly? Seems to miss the
         # Packages:.  for now, using sed to filter out potential hazards in
         # parsing output.
-        if isinstance(sp, list):
+        if isinstance(sp, list) and len(sp) > 1:
             sp = sp[0]
         _, pkg = sp.popitem()
         if isinstance(pkg, list):
             pkg = pkg[0]
-    except IndexError as e:
+    except (IndexError, AttributeError) as e:
         print(e)
-        print('Didn\'t parse correctly. Not sure why.')
+        print(f"Didn't parse correctly. Not sure why.\nsp={sp}")
         return [], {}
-    print("pkg={}".format(json.dumps(pkg, indent=2)))
+    # print("pkg={}".format(json.dumps(pkg, indent=2)))
     install_perms = [k.split(':')[0] for k, v in
                      pkg.get('install permissions:', {}).items()]
     requested_perms = pkg.get('requested permissions:', [])
@@ -206,6 +206,7 @@ def all_permissions(dumpf, appid):
         non human-friendly permissions, and summary stats.
     '''
     app_perms, pkg_info = package_info(dumpf, appid)
+    # print("--->>> all_permissions\n", app_perms)
     recent_permissions = recent_permissions_used(appid)
 
     permissions = pd.read_csv(config.ANDROID_PERMISSIONS_CSV)

diff --git a/phone_scanner.py b/phone_scanner.py
@@ -5,7 +5,7 @@
 import hashlib
 import pandas as pd
 import config
-import os
+import os, sys
 import sqlite3
 from datetime import datetime
 from collections import defaultdict
@@ -89,9 +89,9 @@ def app_details(self, serialno, appid):
 
             info = ddump.info(appid)
 
-            print('BEGIN INFO')
+            print('BEGIN APP INFO')
             print("info={}".format(info))
-            print('END INFO')
+            print('END APP INFO')
             # FIXME: sloppy iOS hack but should fix later, just add these to DF
             # directly.
             if self.device_type == 'ios':
@@ -105,7 +105,7 @@ def app_details(self, serialno, appid):
             print("AppInfo: ", info, appid, dfname, ddump)
             return d.fillna(''), info
         except KeyError as ex:
-            print("Exception:::", ex)
+            print(">>> Exception:::", ex, file=sys.stderr)
             return pd.DataFrame([]), dict()
 
     def find_spyapps(self, serialno):
@@ -135,7 +135,6 @@ def find_spyapps(self, serialno):
             td = self.get_app_titles(serialno)
 
         r.set_index('appId', inplace=True)
-        print("td=", td)
         r.loc[td.index, 'title'] = td.get('title','')
         r.reset_index(inplace=True)
 
@@ -167,7 +166,7 @@ def save(self, table, **kwargs):
             db.commit()
             return True
         except Exception as ex:
-            print("Exception:", ex)
+            print(">> Exception:", ex, file=sys.stderr)
             return False
 
     def device_info(self, serial):
@@ -196,8 +195,8 @@ def setup(self):
             '{cli} kill-server; {cli} start-server'
         )
         if p != 0:
-            print("Setup failed with returncode={}. ~~ ex={!r}"
-                  .format(p.returncode, p.stderr.read() + p.stdout.read()))
+            print(">> Setup failed with returncode={}. ~~ ex={!r}"
+                  .format(p.returncode, p.stderr.read() + p.stdout.read()), file=sys.stderr)
 
     def _get_apps_(self, serialno, flag):
         cmd = "{cli} -s {serial} shell pm list packages {flag} | sed 's/^package://g' | sort"
@@ -237,7 +236,7 @@ def get_offstore_apps(self, serialno):
                     if installer not in approved and installer != 'null':
                         # if system is rooted, won't make any difference spoofing wise
                         approved.add(installer)
-        print(approved)
+        print(f"Approved Installers:{approved}")
         for l in self._get_apps_(serialno, '-i -u -3'):
             l = l.split()
             if len(l) == 2:
@@ -246,7 +245,7 @@ def get_offstore_apps(self, serialno):
                 if installer not in approved:
                     offstore.append(apps)
             else:
-                print(">>>>>> ERROR: {}".format(l))
+                print(">>>>>> ERROR: {}".format(l), file=sys.stderr)
         return offstore
 
     def devices(self):
@@ -311,11 +310,16 @@ def uninstall(self, serial, appid):
     def app_details(self, serialno, appid):
         d, info = super(AndroidScan, self).app_details(serialno, appid)
         # part that requires android to be connected / store this somehow.
-        hf_recent, not_hf_recent, not_hf, stats = all_permissions(
+        hf_recent, non_hf_recent, non_hf, stats = all_permissions(
             self.dump_path(serialno), appid
         )
+        # print(f"Permissions:\n"\
+        #       f"hf_recent=\n{hf_recent}\n"\
+        #       f"non_hf_recent=\n{non_hf_recent}\n"\
+        #       f"no_hf=\n{non_hf}\n"\
+        #       f"stats=\n{stats}\n")
 
-        # FIXME: some appopps in not_hf_recent are not included in the
+        # FIXME: some appopps in non_hf_recent are not included in the
         # output.  maybe concat hf_recent with them?
         info['Date of Scan'] = datetime.now().strftime(config.DATE_STR)
         info['Installation Date'] = stats.get('firstInstallTime', '')
@@ -342,15 +346,16 @@ def app_details(self, serialno, appid):
                 axis=1
             )
 
+        # print("hf_recent['label']=", hf_recent['label'].tolist())
+        #print(~hf_recent['timestamp'].str.contains('unknown'))
+        d.at[0, 'permissions'] = hf_recent['label'].tolist()
+        non_hf_recent.drop('appId', axis=1, inplace=True)
+        d.at[0, 'non_hf_permissions_html'] = non_hf_recent.to_html()
+
         print("App info dict:", d)
-        print("hf_recent['label']=", hf_recent['label'].tolist())
 
         #hf_recent['label'] = hf_recent['label'].map(str) + " (last used by app: "+\
         #        (hf_recent['timestamp'].map(str) if isinstance(hf_recent['timestamp'], datetime) else 'nooo') +")"
-
-        #print(~hf_recent['timestamp'].str.contains('unknown'))
-        d.set_value(0, 'permissions', hf_recent['label'].tolist())
-
         #d['recent_permissions'] = hf_recent['timestamp']
         #print(d['recent_permissions'])
         return d, info

diff --git a/scripts/android_scan.sh b/scripts/android_scan.sh
@@ -17,14 +17,22 @@ elif [[ "$unamestr" == 'FreeBSD' ]]; then
    platform='freebsd'
 fi
 
-if [[ $platform == 'darwin' ]]; then
-   adb='static_data/adb-darwin'
-elif [[ $platform == 'linux' ]]; then
-   adb="static_data/adb-linux.$(uname -r)"
-   if [[ ! -e $adb ]]; then
-       adb="static_data/adb-linux"
-   fi
+if command -v adb &>/dev/null;
+then
+    adb=$(command -v adb)
+else
+    echo "Trying static adb. Unlikely to work on newer MAC or Linux. Please install `adb`"
+    if [[ $platform == 'darwin' ]]; then
+        adb='static_data/adb-darwin'
+    elif [[ $platform == 'linux' ]]; then
+        adb="static_data/adb-linux.$(uname -r)"
+        if [[ ! -e $adb ]]; then
+            adb="static_data/adb-linux"
+        fi
+    fi
 fi
+# if adb exists please use that and don't try to override
+
 echo "$platform" "$adb"
 export adb=$adb
 

diff --git a/templates/app.html b/templates/app.html
@@ -18,11 +18,7 @@ <h2>Information about "{{ app.title | safe }}"</h2>
             </tbody>
         </table>
 	    <div class="text-sm-left">
-		{% if app.title %}
-		<h4> This app uses {{ app.permissions| length }} app permissions:</h4>
-		{% else %}
-		<h4> This app uses {{ app.permissions| length }} app permissions:</h4>
-		{% endif %}
+		<h4> The app used {{ app.permissions| length }} app permissions recently:</h4>
 		<br>
 	    </div>
         <ul class="list-group">
@@ -41,4 +37,14 @@ <h3>{% if device=="android" %} Google Play Store {% endif %} {% if device=="ios"
         <span style="margin-bottom: 2em; display:block"><mark><b>{{ app.summary|safe }}</b></mark></span>
         {{ app.descriptionHTML|safe }}
     </div>
+
+    {% if device=="android" %} 
+    <div class="jumbotron" style="padding: 1em">
+        <h3>Recently used permissions</h3>
+        <p>(Here, <code>mode=allow</code> only means the permission is requested, not necessarily granted.)</p>
+        {{ app.non_hf_permissions_html | safe }}
+    </div>
+    {% endif %}
+
+
 </div>
diff --git a/schema.sql → web/schema.sql b/schema.sql → web/schema.sql
diff --git a/web/view/details.py b/web/view/details.py
@@ -1,6 +1,7 @@
 from flask import request, render_template
 from web import app
 from web.view import get_device
+import config
 
 @app.route('/details/app/<device>', methods=['GET'])
 def app_details(device):

diff --git a/web/view/scan.py b/web/view/scan.py
@@ -1,3 +1,4 @@
+import json
 import config
 from web import app
 from web.view.index import get_device