fluidasserts.format.apk module

This module allows to check APK vulnerabilities.

fluidasserts.format.apk.allows_backup(apk_file)

Check if the given APK allows ADB backups.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK have the allowBackup attribute not set to false.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.allows_user_ca(apk_file)

Check if the given APK allows to trust on user-given CAs.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK allows to trust on user-given CAs.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.analyze_apk(path)

Return the resultant objects after analyzing the apk.

Return type

tuple

fluidasserts.format.apk.get_activities_source(dvms)

Decompile given Dalvik VM images.

Return type

str

fluidasserts.format.apk.get_dex(path)

Return DEX analysis from APK file.

Return type

tuple

fluidasserts.format.apk.get_http_urls(dex)

Get HTTP URLs used in APK file.

fluidasserts.format.apk.has_debug_enabled(apk_file)

Check if the given APK has debug enabled.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK has debug enabled.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.has_fragment_injection(apk_file)

Check if the given APK is vulnerable to fragment injection.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if the target SDK version is less than 19, and PreferenceActivity is present.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.has_frida(apk_file)

Check if the given APK has Frida gadget embedded.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK have the Frida gadget in its files.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.is_exported(apk_file)

Check if the given APK exports data to other installed apps.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK have the exported attribute set to true.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.is_method_present(dex, class_name, method, descriptor)

Search if method is present in decompiled code.

fluidasserts.format.apk.is_unsigned(apk_file)

Check if the given APK file is signed.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK is unsigned.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.not_checks_for_root(apk_file)

Check if the given APK file have methods to check for root.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK has means for checking if the device is rooted. currently the methods to check for root are isRooted, checkForDangerousProps, checkForBusyBoxBinary, checkForSuBinary, and checkSuExists.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.not_forces_updates(apk_file)

Check if the given APK forces to use the latest version.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if AppUpdateManager is not in activities source.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.not_obfuscated(apk_file)

Check if the given APK is not obfuscated.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK is not obfuscated.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.not_pinned_certs(apk_file)

Check if the given APK does not pin x509 certificates.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if res/xml/network_security_config.xml is not present in APK or pin-set is not in the network_security_config/xml file.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.not_verifies_ssl_hostname(apk_file)

Check if the given APK doesn’t verify the SSLSocket hostname.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK does not have getDefaultHostnameVerifier in activities source.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.socket_uses_getinsecure(apk_file)

Check if the given APK uses sockets created with getInsecure.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK uses getInsecure method from the android.net.SSLCertificateSocketFactory class.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.uses_dangerous_perms(apk_file)

Check if the given APK uses dangerous permissions.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK uses dangerous permissions.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.uses_http_resources(apk_file)

Check if the given APK references HTTP (not HTTPS) resources.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK references HTTP (not HTTPS) resources.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.uses_insecure_delete(apk_file)

Check if the given APK uses insecure delete of data.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK uses insecure delete of data (Ljava/io/File;->delete()Z).

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.webview_allows_resource_access(apk_file)

Check if the given APK has WebView that allows resource access.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK has setAllowContentAccess, setAllowFileAccess, setAllowFileAccessFromFileURLs, setAllowUniversalAccessFromFileURLs activities.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.format.apk.webview_caches_javascript(apk_file)

Check if the given APK has WebView that caches JavaScript data and code.

Parameters

apk_file (str) – Path to the image to be tested.

Returns

  • OPEN if APK has WebView that caches JavaScript.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result