Skip to content

Commit

Permalink
Fixed FTP protocol wrong port in script.
Browse files Browse the repository at this point in the history
  • Loading branch information
@irinil
irinil committed Aug 15, 2020
1 parent 0962195 commit 6300999
Show file tree
Hide file tree
Showing 6 changed files with 38 additions and 84 deletions.
8 changes: 4 additions & 4 deletions src/main/assets/payload/commands.txt
View file
@@ -1,8 +1,8 @@
iptables -t nat -D PREROUTING -p tcp --dport 7 -j REDIRECT --to-ports 28144
iptables -t nat -D OUTPUT -p tcp --dport 28144 -j REDIRECT --to-ports 7

iptables -t nat -D PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 28169
iptables -t nat -D OUTPUT -p tcp --dport 28169 -j REDIRECT --to-ports 21
iptables -t nat -D PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 28158
iptables -t nat -D OUTPUT -p tcp --dport 28158 -j REDIRECT --to-ports 21

iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 28217
iptables -t nat -D OUTPUT -p tcp --dport 28217 -j REDIRECT --to-ports 80
Expand Down Expand Up @@ -42,8 +42,8 @@ iptables -t nat -D OUTPUT -p tcp --dport 28639 -j REDIRECT --to-ports 502
iptables -t nat -A PREROUTING -p tcp --dport 7 -j REDIRECT --to-ports 28144
iptables -t nat -A OUTPUT -p tcp --dport 28144 -j REDIRECT --to-ports 7

iptables -t nat -A PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 28169
iptables -t nat -A OUTPUT -p tcp --dport 28169 -j REDIRECT --to-ports 21
iptables -t nat -A PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 28158
iptables -t nat -A OUTPUT -p tcp --dport 28158 -j REDIRECT --to-ports 21

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 28217
iptables -t nat -A OUTPUT -p tcp --dport 28217 -j REDIRECT --to-ports 80
Expand Down
2 changes: 1 addition & 1 deletion src/main/assets/payload/old_script.sh
View file
Expand Up @@ -6,7 +6,7 @@
# ECHO FTP HTTP HTTPS S7COMM SNMP SMB (NETBIOS UDP & TCP) SSH TELNET MODBUS SMTP
protocol=( "tcp" "tcp" "tcp" "tcp" "tcp" "udp" "udp" "udp" "tcp" "tcp" "tcp" "tcp" "tcp" "tcp" )
origin=( 7 21 80 443 102 161 137 138 139 22 23 445 25 502 )
destination=( 28144 28169 28217 28580 28239 28298 28274 28275 28276 28159 28160 28582 28162 28639 ) # simply offset by 1024 + 27113
destination=( 28144 28158 28217 28580 28239 28298 28274 28275 28276 28159 28160 28582 28162 28639 ) # simply offset by 1024 + 27113
length=${#protocol[@]} # count protocol elements

# for (( i=0; i<$length; i++ ))
Expand Down
10 changes: 5 additions & 5 deletions src/main/assets/payload/redirect-ports.sh
View file
Expand Up @@ -8,16 +8,16 @@
# ECHO FTP HTTP HTTPS S7COMM SNMP (NETBIOS UDP & TCP) SSH TELNET MODBUS SMTP
#protocol=( "tcp" "tcp" "tcp" "tcp" "tcp" "udp" "udp" "tcp" "tcp" "tcp" "tcp" "tcp" "tcp")
#origin=( 7 21 80 443 102 161 138 139 22 23 445 25 502)
#destination=( 28144 28169 28217 28580 28239 28298 28275 28276 28159 28160 28582 28162 28639)
#destination=( 28144 28158 28217 28580 28239 28298 28275 28276 28159 28160 28582 28162 28639)

#Shell scripts don't support arrays for old shells :(

#Delete previous rules to avoid duplicates
iptables -t nat -D PREROUTING -p tcp --dport 7 -j REDIRECT --to-ports 28144
iptables -t nat -D OUTPUT -p tcp --dport 28144 -j REDIRECT --to-ports 7

iptables -t nat -D PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 28169
iptables -t nat -D OUTPUT -p tcp --dport 28169 -j REDIRECT --to-ports 21
iptables -t nat -D PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 28158
iptables -t nat -D OUTPUT -p tcp --dport 28158 -j REDIRECT --to-ports 21

iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 28217
iptables -t nat -D OUTPUT -p tcp --dport 28217 -j REDIRECT --to-ports 80
Expand Down Expand Up @@ -56,8 +56,8 @@ iptables -t nat -D OUTPUT -p tcp --dport 28639 -j REDIRECT --to-ports 502
iptables -t nat -A PREROUTING -p tcp --dport 7 -j REDIRECT --to-ports 28144
iptables -t nat -A OUTPUT -p tcp --dport 28144 -j REDIRECT --to-ports 7

iptables -t nat -A PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 28169
iptables -t nat -A OUTPUT -p tcp --dport 28169 -j REDIRECT --to-ports 21
iptables -t nat -A PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 28158
iptables -t nat -A OUTPUT -p tcp --dport 28158 -j REDIRECT --to-ports 21

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 28217
iptables -t nat -A OUTPUT -p tcp --dport 28217 -j REDIRECT --to-ports 80
Expand Down
2 changes: 0 additions & 2 deletions src/main/java/de/tudarmstadt/informatik/hostage/system/Device.java
View file
Expand Up @@ -98,11 +98,9 @@ public static void executePortRedirectionScript() {

p = new ProcessBuilder("su", "-c", "sh "+scriptFilePath).start();
if (p.waitFor() == 0) {
System.out.println("Test script "+ String.valueOf(p.waitFor()));
System.out.println("Filepath of payload: "+scriptFilePath);
} else {
Api.executeCommands();
//Api.addRediractionPorts();
}
// stall the main thread
} catch (IOException | InterruptedException e) {
Expand Down
93 changes: 28 additions & 65 deletions src/main/java/de/tudarmstadt/informatik/hostage/system/iptablesUtils/Api.java
View file
Expand Up @@ -34,8 +34,6 @@
import android.util.Log;
import android.widget.Toast;

import com.stericson.RootTools.RootTools;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
Expand All @@ -49,9 +47,7 @@
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
Expand Down Expand Up @@ -93,9 +89,6 @@ public final class Api {
/**
* Asserts that the binary files are installed in the cache directory.
*
* BusyBox, nflog and run_pie removed, they are still in the raw directory but we don't need them
* for our build.
*
* @param ctx context
* @param showErrors indicates if errors should be alerted
* @return false if the binary files could not be installed
Expand Down Expand Up @@ -139,6 +132,13 @@ public static boolean assertBinaries(Context ctx, boolean showErrors) {
return ret;
}

/**
* Installs the binary when it copies it to the default system/bin directory.
* @param ctx context of app
* @param resId where the raw binary is located
* @param filename the given filename
* @return asserts true when the installation is successful
*/
private static boolean installBinary(Context ctx, int resId, String filename) {
try {
File f = new File(ctx.getDir("bin", 0), filename);
Expand Down Expand Up @@ -201,11 +201,18 @@ private static void copySystemBin(File file){
runCommands(command);
}

/**
* Remounts system to be writable.
*/
public static void remountSystem(){
String command = "su -c mount -o rw,remount /";
runCommands(command);
}

/**
* Executes iptables commands when the script fails
* @throws IOException throws IO Exception
*/
public static void executeCommands() throws IOException {
InputStream is = MainActivity.getInstance().getAssets().open("payload/commands.txt");
BufferedReader br = new BufferedReader(new InputStreamReader(is));
Expand All @@ -218,6 +225,10 @@ public static void executeCommands() throws IOException {
}
}

/**
* Runs a cmd command as a process.
* @param command given command.
*/
private static void runCommands(String command) {
Process process;
try {
Expand All @@ -226,17 +237,20 @@ private static void runCommands(String command) {
Log.d(TAG,"Commands executed successfully");
}else {
toast(MainActivity.getContext(), MainActivity.getContext().getString(R.string.iptables_not_supported));
addRediractionPorts();
addRedirectionPorts();
}

} catch (IOException | InterruptedException e) {
Log.e(TAG, "Error running commands: " + e.getMessage());
}
}

public static void addRediractionPorts(){
/**
* If the redirection of ports doesn't work, this method updates the ui, with the original random ports.
*/
public static void addRedirectionPorts(){
Listener.addRealPorts("ECHO",28144);
Listener.addRealPorts("FTP",28169);
Listener.addRealPorts("FTP",28158);
Listener.addRealPorts("HTTP",28217);
Listener.addRealPorts("HTTPS",28580);
Listener.addRealPorts("S7COMM",28239);
Expand All @@ -247,25 +261,10 @@ public static void addRediractionPorts(){
Listener.addRealPorts("SMTP",28639);
}

public static void checkAndCopyMissingScript(final Context context, final String fileName) {
final String srcPath = new File(context.getDir("bin", 0), fileName)
.getAbsolutePath();
new Thread(() -> {
//String path = G.initPath();
String path = srcPath;
if (path != null) {
File f = new File(path);
Api.remountSystem();
//make sure it's executable
new RootCommand().setReopenShell(true).setLogging(true).run(context, "chmod 755 " + f.getAbsolutePath());
RootTools.copyFile(srcPath, (f.getAbsolutePath() + "/" + fileName),
true, false);

}
}).start();
}


/**
* Checks if the netfilter is supported for the device.
* @return true if the device supports the netfilter.
*/
public static boolean isNetfilterSupported() {
return new File("/proc/net/netfilter").exists()
&& new File("/proc/net/ip_tables_targets").exists();
Expand Down Expand Up @@ -361,18 +360,6 @@ private static void iptablesCommands(List<String> in, List<String> out, boolean
}
}

private static void fixupLegacyCmds(List<String> cmds) {
for (int i = 0; i < cmds.size(); i++) {
String s = cmds.get(i);
if (s.matches("#NOCHK# .*")) {
s = s.replaceFirst("^#NOCHK# ", "");
} else {
s += " || exit";
}
cmds.set(i, s);
}
}

/**
* Purge and re-add all saved rules (not in-memory ones).
* This is much faster than just calling "applyIptablesRules", since it don't need to read installed applications.
Expand Down Expand Up @@ -429,11 +416,7 @@ public static boolean purgeIptables(Context ctx, RootCommand callback) {

//make sure reset the OUTPUT chain to accept state.
cmds.add("-P OUTPUT ACCEPT");


cmds.add("-D INPUT -j " + CHAIN_NAME + "-input");


try {
// IPv4
iptablesCommands(cmds, out, false);
Expand Down Expand Up @@ -654,26 +637,6 @@ public static String unhideCrypt(String key, String data) {
return decryptStr;
}

public static int getConnectivityStatus(Context context) {
ConnectivityManager cm = (ConnectivityManager) context
.getSystemService(Context.CONNECTIVITY_SERVICE);

assert cm != null;
NetworkInfo activeNetwork = cm.getActiveNetworkInfo();

if (null != activeNetwork) {

if (activeNetwork.getType() == ConnectivityManager.TYPE_WIFI)
return 1;

if (activeNetwork.getType() == ConnectivityManager.TYPE_MOBILE)
return 2;

if (activeNetwork.getType() == ConnectivityManager.TYPE_BLUETOOTH)
return 3;
}
return 0;
}

/**
* Apply default chains based on preference
Expand Down
7 changes: 0 additions & 7 deletions src/main/java/de/tudarmstadt/informatik/hostage/ui/activity/MainActivity.java
View file
Expand Up @@ -4,7 +4,6 @@
import java.util.ArrayList;
import java.util.List;

import android.Manifest;
import android.annotation.SuppressLint;
import android.app.ActivityManager;
import android.app.AlertDialog;
Expand All @@ -13,7 +12,6 @@
import android.app.FragmentTransaction;
import android.content.ComponentName;
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.content.ServiceConnection;
import android.content.SharedPreferences;
Expand All @@ -35,16 +33,11 @@
import android.widget.Toast;
import androidx.appcompat.app.ActionBar;
import androidx.appcompat.app.AppCompatActivity;
import androidx.core.app.ActivityCompat;
import androidx.drawerlayout.widget.DrawerLayout;
import androidx.legacy.app.ActionBarDrawerToggle;
import de.tudarmstadt.informatik.hostage.Hostage;
import de.tudarmstadt.informatik.hostage.R;
import de.tudarmstadt.informatik.hostage.location.MyLocationManager;
import de.tudarmstadt.informatik.hostage.model.Profile;
import de.tudarmstadt.informatik.hostage.persistence.ProfileManager;
import de.tudarmstadt.informatik.hostage.sync.android.SyncUtils;
import de.tudarmstadt.informatik.hostage.system.iptablesUtils.Api;
import de.tudarmstadt.informatik.hostage.ui.adapter.DrawerListAdapter;
import de.tudarmstadt.informatik.hostage.ui.fragment.AboutFragment;
import de.tudarmstadt.informatik.hostage.ui.fragment.HomeFragment;
Expand Down

0 comments on commit 6300999

Please sign in to comment.