Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dockerized QARK #82

Closed
wants to merge 5 commits into from
Closed

Dockerized QARK #82

wants to merge 5 commits into from

Conversation

ilyaglow
Copy link

@ilyaglow ilyaglow commented Apr 17, 2017
edited

Hello,

Why

I believe docker pull could be more convenient than installing everything by yourself.

Details

My Dockerfile uses OpenJDK 7, python 2.7 and Android SDK r24.3.4 - the very same version as declared in sdkManager.py.

The CMD command is a subject to discuss, so I commented it out by now.

I set debian as the default base image because it just makes tinkering with the underlying container os easier, but I also made lightweight alpine version if somebody interested.

How to test dockerized version

You can pull my automated build this way (~~~1GB~~ Update: 675MB):

docker pull ilyaglow/qark

or the alpine version (~~~780MB~~ Update: 436 MB):

docker pull ilyaglow/qark:alpine

Then run it. Change /assessment/apks to your local path with an apk file or app sources:

docker run -it --rm -v /assessment/apks:/apk ilyaglow/qark --source 1 --pathtoapk /apk/yourvulnapp.apk --exploit 0 --reportdir /apk --basesdk /qark/android-sdk-linux

The report will be on the same folder

How to build it by yourself (assuming you're on the QARK repo):

git fetch origin pull/82/head:dockerized
git checkout dockerized
docker build -t my-qark -f Dockerfile .

Hope somebody will find it useful.

Cheers.

@neilatli
Copy link
Contributor

👍

This is a good area to explore @ilyaglow thanks for the PR

@aquaritus
Copy link

I think a docker version is very useful!
THX

@Mason-Fan
Copy link

Mason-Fan commented Dec 14, 2017
edited

@ilyaglow just found that the when i scan a apk with the docker, it will pop the error below. seems python failed to unzip the jar file.

but if I install qark manually in my machine (python version: 2.7.13) and scan the same apk file, there is no error. so it is possible the python version issue in the docker file?

com.company.mobile.network.util.NetworkStateReceiver
Traceback (most recent call last):
File "qarkMain.py", line 1103, in
nonAutomatedParseArgs()
File "qarkMain.py", line 414, in nonAutomatedParseArgs
main()
File "qarkMain.py", line 722, in main
unpackAPK.decompile(common.pathToDEX)
File "/qark/modules/unpackAPK.py", line 128, in decompile
zf = zipfile.ZipFile(common.pathToJar)
File "/usr/local/lib/python2.7/zipfile.py", line 770, in init
self._RealGetContents()
File "/usr/local/lib/python2.7/zipfile.py", line 811, in _RealGetContents
raise BadZipfile, "File is not a zip file"
zipfile.BadZipfile: File is not a zip file

@ilyaglow
Copy link
Author

@Mason-Fan is it about some specific APK file or every APK file you try to scan? If latter I would check the folder that you're mounting to docker and if it has correct (readable) permissions set.

@ilyaglow
Copy link
Author

ilyaglow commented Dec 14, 2017
edited

Added entrypoint and rebased on top of master, hope nobody is annoyed about this :)

Updated usage examples:

docker run -it --rm -v /assessment/apks:/apk ilyaglow/qark --source 1 --pathtoapk /apk/yourvulnapp.apk --exploit 0 --reportdir /apk --basesdk /qark/android-sdk-linux

Alpine based container:

docker run -it --rm -v /assessment/apks:/apk ilyaglow/qark:alpine --source 1 --pathtoapk /apk/yourvulnapp.apk --exploit 0 --reportdir /apk

@Mason-Fan
Copy link

@ilyaglow it is a specific apk. but the issue is that i can sscan it in my local machine but failed in docker

@nwalsh-lnk
Copy link
Contributor

We have just pushed a new version of QARK that solves a lot of problems and enhances the code.

As a result we will be closing out all pull requests for the older version since we no longer support it. If you would like to add this change into the new version (if necessary) then please make another PR.

@nwalsh-lnk nwalsh-lnk closed this Nov 9, 2018
@flamecopper
Copy link

Do you want QARK to download and set up Android SDK?[y/n] :y
[##########] 100%\nFile downloaded to/qark/android-sdk_r24.3.4-linux.tgz
\nUnpacking Android SDK Manager.../qark/android-sdk_r24.3.4-linux.tgz
/qark/android-sdk_r24.3.4-linux.tgz
Updated config value:: AndroidSDKPath /qark/android-sdk_r24.3.4-linux/android-sdk-linux/
2,30,55,212
Traceback (most recent call last):
File "qarkMain.py", line 1281, in
nonAutomatedParseArgs()
File "qarkMain.py", line 462, in nonAutomatedParseArgs
main()
File "qarkMain.py", line 574, in main
sdkManager.get_android_sdk_manager()
File "/qark/modules/sdkManager.py", line 50, in get_android_sdk_manager
download_sdk()
File "/qark/modules/sdkManager.py", line 139, in download_sdk
run_sdk_manager()
File "/qark/modules/sdkManager.py", line 173, in run_sdk_manager
p1.stdin.write(common.args.acceptterms)
TypeError: argument 1 must be string or buffer, not None

@ilyaglow
Copy link
Author

I’m sorry @flamecopper, I didn’t touch qark and the Dockerfile I made for a year or so, but I’ll hope to take a look in a couple of days.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@ilyaglow @neilatli @aquaritus @Mason-Fan @nwalsh-lnk @flamecopper