Skip to content
This repository has been archived by the owner on Apr 9, 2021. It is now read-only.

Commit

Permalink
Added ability to load data from packages.json
Browse files Browse the repository at this point in the history
  • Loading branch information
botherder committed May 2, 2019
1 parent 603343b commit 60c3c53
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 15 deletions.
31 changes: 19 additions & 12 deletions snoopdroid/__init__.py
Expand Up @@ -35,31 +35,38 @@ def main():
parser.add_argument("--koodous", action="store_true", help="Check packages on Koodous")
parser.add_argument("--all", action="store_true", help="Run all available checks")
parser.add_argument("--limit", default=None, help="Set a limit to the number of packages to extract (mainly for debug purposes)")
parser.add_argument("--packages", default=None, help="Instead of acquiring from phone, load an existing packages.json file for lookups (mainly for debug purposes)")
args = parser.parse_args()

# TODO: Need to come up with a better folder name.
acq_folder = datetime.datetime.now().isoformat().split(".")[0].replace(":", "")
storage_folder = os.path.join(args.storage, acq_folder)
if not args.packages:
# TODO: Need to come up with a better folder name.
acq_folder = datetime.datetime.now().isoformat().split(".")[0].replace(":", "")
storage_folder = os.path.join(args.storage, acq_folder)

if not os.path.exists(storage_folder):
os.mkdir(storage_folder)
if not os.path.exists(storage_folder):
os.mkdir(storage_folder)

logo()
print(info("Starting acquisition at folder {}\n".format(storage_folder)))

print(info("Starting acquisition at folder {}\n".format(storage_folder)))
logo()

try:
acq = Acquisition(storage_folder, args.limit)
acq.run()
if args.packages:
acq = Acquisition.fromJSON(args.packages)
else:
acq = Acquisition(storage_folder, args.limit)
acq.run()

packages = acq.packages

if len(acq.packages) == 0:
if len(packages) == 0:
return

if args.virustotal or args.all:
virustotal_lookup(acq.packages)
virustotal_lookup(packages)

if args.koodous or args.all:
koodous_lookup(acq.packages)
koodous_lookup(packages)
except KeyboardInterrupt:
print("")
sys.exit(-1)
Expand Down
16 changes: 14 additions & 2 deletions snoopdroid/acquisition.py
Expand Up @@ -37,12 +37,24 @@ def __init__(self, name, files=None):
self.files = files or []

class Acquisition(object):
def __init__(self, storage_folder=None, limit=None):
def __init__(self, storage_folder=None, limit=None, packages=None):
self.device = None
self.packages = []
self.packages = packages or []
self.storage_folder = storage_folder
self.limit = limit

@classmethod
def fromJSON(cls, json_path):
with open(json_path, "r") as handle:
data = json.load(handle)

packages = []
for entry in data:
package = Package(entry["name"], entry["files"])
packages.append(package)

return cls(packages=packages)

def __clean_output(self, output):
return output.strip().replace("package:", "")

Expand Down
2 changes: 1 addition & 1 deletion snoopdroid/virustotal.py
Expand Up @@ -36,7 +36,7 @@ def get_virustotal_report(hashes):
"image_path": "unknown",
"creation_datetime": "unknown",
})
headers = {'User-Agent': 'VirusTotal', 'Content-Type': 'application/json'}
headers = {"User-Agent": "VirusTotal", "Content-Type": "application/json"}
res = requests.post(url, headers=headers, json=items)

if res.status_code == 200:
Expand Down

0 comments on commit 60c3c53

Please sign in to comment.