mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-09-15 15:32:30 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

dscanner - Drozer based post-build dynamic vulnerability scanner command

Browse source 
* New command `dscanner`, enables one to scan signed APKs with Drozer
 * Drozer is a dynamic vulnerability scanner for Android
 * Drozer runs in a emulator or on-device, this new `dscanner` command...
  * starts a docker image with Drozer and the Android Emulator pre-installed,
  * loads the signed APK into the emulator
  * activates Drozer automated tests for the APK
  * gathers the report output and places it next to the original APK
 * The Drozer docker image can be:
  * cached locally for re-use (just don't run --clean*)
  * retrieved from dockerhub.com for more efficient runtime
  * or be built from scratch (in the new "./docker" directory)
 * New "Vulnerability Scanning" documentation section (run gendocs.sh)
This commit is contained in:
Kevin C. Krinke 2016-12-06 13:57:04 +01:00 committed by Hans-Christoph Steiner
parent f439266303
commit df27bae6a0
13 changed files with 1063 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

35
docker/drozer.py Normal file
View file

@ -0,0 +1,35 @@
#!/usr/bin/env python2
import pexpect
import sys
prompt = "dz>"
target = sys.argv[1]
drozer = pexpect.spawn("drozer console connect")
drozer.logfile = open("/tmp/drozer_report.log", "w")
# start
drozer.expect(prompt)
def send_command(command, target):
cmd = "run {0} -a {1}".format(command, target)
drozer.sendline(cmd)
drozer.expect(prompt)
scanners = [
"scanner.misc.native", # Find native components included in packages
#"scanner.misc.readablefiles", # Find world-readable files in the given folder
#"scanner.misc.secretcodes", # Search for secret codes that can be used from the dialer
#"scanner.misc.sflagbinaries", # Find suid/sgid binaries in the given folder (default is /system).
#"scanner.misc.writablefiles", # Find world-writable files in the given folder
"scanner.provider.finduris", # Search for content providers that can be queried.
"scanner.provider.injection", # Test content providers for SQL injection vulnerabilities.
"scanner.provider.sqltables", # Find tables accessible through SQL injection vulnerabilities.
"scanner.provider.traversal" # Test content providers for basic directory traversal
]
for scanner in scanners:
send_command(scanner, target)