├── .checkignore ├── .gitignore ├── APITester ├── __init__.py ├── admin.py ├── cloud │ └── cloud_server.py ├── models.py ├── payloads │ ├── path_traversal.txt │ └── xxe.txt ├── tests.py └── views.py ├── DynamicAnalyzer ├── __init__.py ├── admin.py ├── models.py ├── pyWebProxy │ ├── __init__.py │ ├── ca.crt │ ├── ca.key │ ├── gen_cert.py │ ├── pywebproxy.py │ └── socket_wrapper.py ├── tests.py ├── tools │ ├── adb │ │ ├── linux │ │ │ ├── adb │ │ │ ├── api │ │ │ │ └── api-versions.xml │ │ │ ├── dmtracedump │ │ │ ├── etc1tool │ │ │ ├── fastboot │ │ │ ├── hprof-conv │ │ │ ├── source.properties │ │ │ ├── sqlite3 │ │ │ └── systrace │ │ │ │ ├── AUTHORS │ │ │ │ ├── LICENSE │ │ │ │ ├── NOTICE │ │ │ │ ├── UPSTREAM_REVISION │ │ │ │ ├── prefix.html │ │ │ │ ├── script.js │ │ │ │ ├── style.css │ │ │ │ ├── suffix.html │ │ │ │ ├── systrace-legacy.py │ │ │ │ └── systrace.py │ │ ├── mac │ │ │ ├── adb │ │ │ ├── api │ │ │ │ └── api-versions.xml │ │ │ ├── dmtracedump │ │ │ ├── etc1tool │ │ │ ├── fastboot │ │ │ ├── hprof-conv │ │ │ ├── source.properties │ │ │ ├── sqlite3 │ │ │ └── systrace │ │ │ │ ├── AUTHORS │ │ │ │ ├── LICENSE │ │ │ │ ├── NOTICE │ │ │ │ ├── UPSTREAM_REVISION │ │ │ │ ├── prefix.html │ │ │ │ ├── script.js │ │ │ │ ├── style.css │ │ │ │ ├── suffix.html │ │ │ │ ├── systrace-legacy.py │ │ │ │ └── systrace.py │ │ └── windows │ │ │ ├── AdbWinApi.dll │ │ │ ├── AdbWinUsbApi.dll │ │ │ ├── adb.exe │ │ │ ├── api │ │ │ └── api-versions.xml │ │ │ ├── dmtracedump.exe │ │ │ ├── etc1tool.exe │ │ │ ├── fastboot.exe │ │ │ ├── hprof-conv.exe │ │ │ ├── source.properties │ │ │ ├── sqlite3.exe │ │ │ └── systrace │ │ │ ├── AUTHORS │ │ │ ├── LICENSE │ │ │ ├── NOTICE │ │ │ ├── UPSTREAM_REVISION │ │ │ ├── prefix.html │ │ │ ├── script.js │ │ │ ├── style.css │ │ │ ├── suffix.html │ │ │ ├── systrace-legacy.py │ │ │ └── systrace.py │ └── onDevice │ │ ├── AndroidBluePill.apk │ │ ├── DataPusher.apk │ │ ├── Droidmon.apk │ │ ├── JustTrustMe.apk │ │ ├── RootCloak.apk │ │ ├── ScreenCast.apk │ │ ├── Xposed.apk │ │ ├── antivm │ │ ├── fake-build.prop │ │ ├── fake-cpuinfo │ │ └── fake-drivers │ │ └── hooks.json └── views.py ├── LICENSE ├── LICENSES ├── ADB.txt ├── AXMLPrinter2.txt ├── AdminLTE_theme.txt ├── AntiEmulator.txt ├── CFR.txt ├── Rootcloak.txt ├── androguard_dvm_permssions.txt ├── backsmali.txt ├── class-dump-z.txt ├── dex2jar.txt ├── droidmon.txt ├── enjarify.txt ├── fuzzdb_path_traversal_payload.txt ├── ios_binary_analysis_rules.txt ├── jd-core.txt ├── procyon.txt ├── pywebproxy.txt └── strings_from_apk.txt ├── MalwareAnalyzer ├── __init__.py ├── admin.py ├── malwaredb │ └── malwaredomainlist ├── models.py ├── tests.py └── views.py ├── MobSF ├── __init__.py ├── forms.py ├── models.py ├── settings.py ├── urls.py ├── utils.py ├── views.py └── wsgi.py ├── README.md ├── StaticAnalyzer ├── __init__.py ├── admin.py ├── dvm_permissions.py ├── models.py ├── tests.py ├── tools │ ├── AXMLPrinter2.jar │ ├── CertPrint.jar │ ├── __init__.py │ ├── baksmali.jar │ ├── cfr_0_115.jar │ ├── d2j2 │ │ ├── d2j-baksmali.bat │ │ ├── d2j-baksmali.sh │ │ ├── d2j-dex-recompute-checksum.bat │ │ ├── d2j-dex-recompute-checksum.sh │ │ ├── d2j-dex2jar.bat │ │ ├── d2j-dex2jar.sh │ │ ├── d2j-dex2smali.bat │ │ ├── d2j-dex2smali.sh │ │ ├── d2j-jar2dex.bat │ │ ├── d2j-jar2dex.sh │ │ ├── d2j-jar2jasmin.bat │ │ ├── d2j-jar2jasmin.sh │ │ ├── d2j-jasmin2jar.bat │ │ ├── d2j-jasmin2jar.sh │ │ ├── d2j-smali.bat │ │ ├── d2j-smali.sh │ │ ├── d2j-std-apk.bat │ │ ├── d2j-std-apk.sh │ │ ├── d2j_invoke.bat │ │ ├── d2j_invoke.sh │ │ └── d2j_invoke.tmp │ ├── enjarify │ │ ├── CONTRIBUTING.txt │ │ ├── LICENSE.txt │ │ ├── README.md │ │ ├── enjarify.bat │ │ ├── enjarify.sh │ │ ├── enjarify.tmp │ │ ├── enjarify │ │ │ ├── __init__.py │ │ │ ├── byteio.py │ │ │ ├── dalvik.py │ │ │ ├── dalvikformats.py │ │ │ ├── flags.py │ │ │ ├── hashtests.py │ │ │ ├── jvm │ │ │ │ ├── __init__.py │ │ │ │ ├── arraytypes.py │ │ │ │ ├── constantpool.py │ │ │ │ ├── constants │ │ │ │ │ ├── __init__.py │ │ │ │ │ ├── calc.py │ │ │ │ │ ├── genlookup.py │ │ │ │ │ └── lookup.py │ │ │ │ ├── error.py │ │ │ │ ├── genmathops.py │ │ │ │ ├── ir.py │ │ │ │ ├── jvmops.py │ │ │ │ ├── mathops.py │ │ │ │ ├── optimization │ │ │ │ │ ├── __init__.py │ │ │ │ │ ├── consts.py │ │ │ │ │ ├── jumps.py │ │ │ │ │ ├── options.py │ │ │ │ │ ├── registers.py │ │ │ │ │ └── stack.py │ │ │ │ ├── scalartypes.py │ │ │ │ ├── writebytecode.py │ │ │ │ ├── writeclass.py │ │ │ │ └── writeir.py │ │ │ ├── main.py │ │ │ ├── mutf8.py │ │ │ ├── parsedex.py │ │ │ ├── runtests.py │ │ │ ├── treelist.py │ │ │ ├── typeinference │ │ │ │ ├── __init__.py │ │ │ │ └── typeinference.py │ │ │ └── util.py │ │ └── tests │ │ │ ├── stubs │ │ │ ├── src │ │ │ │ ├── Main.java │ │ │ │ └── android │ │ │ │ │ ├── app │ │ │ │ │ └── Activity.java │ │ │ │ │ ├── os │ │ │ │ │ └── Bundle.java │ │ │ │ │ └── util │ │ │ │ │ └── Log.java │ │ │ └── stubs.zip │ │ │ ├── test1 │ │ │ ├── classes.dex │ │ │ ├── expected.txt │ │ │ └── smali │ │ │ │ └── a │ │ │ │ └── a.smali │ │ │ ├── test2 │ │ │ ├── classes.dex │ │ │ ├── expected.txt │ │ │ └── smali │ │ │ │ └── a │ │ │ │ ├── a.smali │ │ │ │ └── util.smali │ │ │ ├── test3 │ │ │ ├── classes.dex │ │ │ ├── expected.txt │ │ │ └── smali │ │ │ │ └── a │ │ │ │ ├── a.smali │ │ │ │ └── util.smali │ │ │ ├── test4 │ │ │ ├── classes.dex │ │ │ ├── expected.txt │ │ │ └── smali │ │ │ │ └── a │ │ │ │ ├── a.smali │ │ │ │ └── util.smali │ │ │ ├── test5 │ │ │ ├── classes.dex │ │ │ ├── expected.txt │ │ │ └── smali │ │ │ │ └── a │ │ │ │ ├── _.smali │ │ │ │ ├── a.smali │ │ │ │ └── util.smali │ │ │ └── test6 │ │ │ ├── classes.dex │ │ │ ├── expected.txt │ │ │ ├── patch.py │ │ │ └── smali │ │ │ ├── a │ │ │ ├── _.smali │ │ │ ├── a.smali │ │ │ └── util.smali │ │ │ ├── ffi.smali │ │ │ ├── finaltarget.smali │ │ │ ├── minustwo.smali │ │ │ ├── notfinal.smali │ │ │ ├── uniA.smali │ │ │ └── uniB.smali │ ├── jd-core.jar │ ├── mac │ │ └── class-dump-z │ ├── procyon-decompiler-0.5.30.jar │ └── strings_from_apk.jar └── views.py ├── clean.sh ├── manage.py ├── mass_static_analysis.py ├── mobsfy.py ├── requirements.txt ├── static ├── bootstrap │ ├── css │ │ ├── bootstrap.css │ │ ├── bootstrap.css.map │ │ └── bootstrap.min.css │ ├── fonts │ │ ├── glyphicons-halflings-regular.eot │ │ ├── glyphicons-halflings-regular.svg │ │ ├── glyphicons-halflings-regular.ttf │ │ ├── glyphicons-halflings-regular.woff │ │ └── glyphicons-halflings-regular.woff2 │ └── js │ │ ├── bootstrap.js │ │ ├── bootstrap.min.js │ │ └── npm.js ├── css │ ├── bootstrap-theme.css │ ├── bootstrap-theme.css.map │ ├── bootstrap-theme.min.css │ ├── bootstrap.css │ ├── bootstrap.css.map │ ├── bootstrap.min.css │ ├── cover.css │ ├── dashboard.css │ ├── devices.min.css │ ├── dropzone.css │ ├── font-awesome.min.css │ ├── ionicons.min.css │ ├── progress-polyfill.css │ ├── sb-admin.css │ ├── shCoreDefault.css │ └── style.css ├── dash │ ├── css │ │ ├── AdminLTE.css │ │ ├── AdminLTE.min.css │ │ └── skins │ │ │ ├── _all-skins.css │ │ │ ├── _all-skins.min.css │ │ │ ├── skin-black-light.css │ │ │ ├── skin-black-light.min.css │ │ │ ├── skin-black.css │ │ │ ├── skin-black.min.css │ │ │ ├── skin-blue-light.css │ │ │ ├── skin-blue-light.min.css │ │ │ ├── skin-blue.css │ │ │ ├── skin-blue.min.css │ │ │ ├── skin-green-light.css │ │ │ ├── skin-green-light.min.css │ │ │ ├── skin-green.css │ │ │ ├── skin-green.min.css │ │ │ ├── skin-purple-light.css │ │ │ ├── skin-purple-light.min.css │ │ │ ├── skin-purple.css │ │ │ ├── skin-purple.min.css │ │ │ ├── skin-red-light.css │ │ │ ├── skin-red-light.min.css │ │ │ ├── skin-red.css │ │ │ ├── skin-red.min.css │ │ │ ├── skin-yellow-light.css │ │ │ ├── skin-yellow-light.min.css │ │ │ ├── skin-yellow.css │ │ │ └── skin-yellow.min.css │ └── js │ │ ├── app.js │ │ ├── app.min.js │ │ ├── demo.js │ │ └── pages │ │ ├── dashboard.js │ │ └── dashboard2.js ├── favicon.ico ├── fonts │ ├── fontawesome-webfont.ttf │ ├── fontawesome-webfont.woff │ ├── fontawesome-webfont.woff2 │ ├── glyphicons-halflings-regular.eot │ ├── glyphicons-halflings-regular.svg │ ├── glyphicons-halflings-regular.ttf │ └── glyphicons-halflings-regular.woff ├── img │ ├── MobSF_Logo_small.png │ └── loading.jpg ├── js │ ├── bootstrap.js │ ├── bootstrap.min.js │ ├── docs.js │ ├── docs.min.js │ ├── dropzone.js │ ├── ie-emulation-modes-warning.js │ ├── ie10-viewport-bug-workaround.js │ ├── jquery-1.8.3.js │ ├── jquery.min.js │ ├── progress-polyfill.js │ ├── run_prettify.js │ ├── shBrushCpp.js │ ├── shBrushJava.js │ ├── shBrushPlain.js │ ├── shBrushXml.js │ └── shCore.js └── plugins │ ├── fastclick │ ├── fastclick.js │ └── fastclick.min.js │ ├── jQuery │ └── jQuery-2.1.4.min.js │ └── slimScroll │ ├── jquery.slimscroll.js │ └── jquery.slimscroll.min.js └── templates ├── about.html ├── api_tester.html ├── base.html ├── base_top_only.html ├── dynamic_analysis.html ├── error.html ├── index.html ├── ios.html ├── ios_binary_analysis.html ├── ios_binary_analysis_pdf.html ├── ios_source_analysis.html ├── ios_source_analysis_pdf.html ├── java.html ├── not_api.html ├── not_found.html ├── recent.html ├── search.html ├── skelton_base.html ├── smali.html ├── start_test.html ├── static_analysis.html ├── static_analysis_android_zip.html ├── static_analysis_pdf.html ├── static_analysis_zip_pdf.html ├── view.html ├── view_mani.html ├── view_source.html ├── web_api_scan.html └── zip.html /.checkignore: -------------------------------------------------------------------------------- 1 | DynamicAnalyzer/tools/* 2 | StaticAnalyzer/tools/* 3 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | 5 | # C extensions 6 | *.so 7 | 8 | # Distribution / packaging 9 | .Python 10 | env/ 11 | build/ 12 | develop-eggs/ 13 | downloads/ 14 | eggs/ 15 | lib/ 16 | lib64/ 17 | parts/ 18 | sdist/ 19 | var/ 20 | *.egg-info/ 21 | .installed.cfg 22 | *.egg 23 | *.pyc 24 | 25 | # PyInstaller 26 | # Usually these files are written by a python script from a template 27 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 28 | *.manifest 29 | *.spec 30 | 31 | # Installer logs 32 | pip-log.txt 33 | pip-delete-this-directory.txt 34 | 35 | # Unit test / coverage reports 36 | htmlcov/ 37 | .tox/ 38 | .coverage 39 | .cache 40 | nosetests.xml 41 | coverage.xml 42 | 43 | # Translations 44 | *.mo 45 | *.pot 46 | 47 | # Django stuff: 48 | *.log 49 | 50 | # Sphinx documentation 51 | docs/_build/ 52 | 53 | # PyBuilder 54 | target/ 55 | 56 | #Mac 57 | .DS_Store 58 | 59 | #D2J Error file 60 | classes-error.zip 61 | 62 | #MobSF Files 63 | logs/ 64 | uploads/ 65 | db.sqlite3 66 | secret 67 | -------------------------------------------------------------------------------- /APITester/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/APITester/__init__.py -------------------------------------------------------------------------------- /APITester/admin.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | 3 | # Register your models here. 4 | -------------------------------------------------------------------------------- /APITester/models.py: -------------------------------------------------------------------------------- 1 | from django.db import models 2 | 3 | # Create your models here. 4 | import ast 5 | 6 | class ListField(models.TextField): 7 | __metaclass__ = models.SubfieldBase 8 | description = "Stores a python list" 9 | 10 | def __init__(self, *args, **kwargs): 11 | super(ListField, self).__init__(*args, **kwargs) 12 | 13 | def to_python(self, value): 14 | if not value: 15 | value = [] 16 | 17 | if isinstance(value, list): 18 | return value 19 | 20 | return ast.literal_eval(value) 21 | 22 | def get_prep_value(self, value): 23 | if value is None: 24 | return value 25 | 26 | return unicode(value) 27 | 28 | def value_to_string(self, obj): 29 | value = self._get_val_from_obj(obj) 30 | return self.get_db_prep_value(value) 31 | 32 | class ScopeURLSandTests(models.Model): 33 | MD5=models.CharField(max_length=30) 34 | SCOPEURLS=ListField() 35 | SCOPETESTS=ListField() 36 | -------------------------------------------------------------------------------- /APITester/payloads/xxe.txt: -------------------------------------------------------------------------------- 1 | %xxe; ]> 2 | %pe; ]> 3 | &data;' 4 | 5 | &data; 6 | ]>&sp; 7 | 8 | 9 | %dtd;]>]]> -------------------------------------------------------------------------------- /APITester/tests.py: -------------------------------------------------------------------------------- 1 | from django.test import TestCase 2 | 3 | # Create your tests here. 4 | -------------------------------------------------------------------------------- /DynamicAnalyzer/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/__init__.py -------------------------------------------------------------------------------- /DynamicAnalyzer/admin.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | 3 | # Register your models here. 4 | -------------------------------------------------------------------------------- /DynamicAnalyzer/models.py: -------------------------------------------------------------------------------- 1 | from django.db import models 2 | 3 | # Create your models here. 4 | -------------------------------------------------------------------------------- /DynamicAnalyzer/pyWebProxy/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/pyWebProxy/__init__.py -------------------------------------------------------------------------------- /DynamicAnalyzer/pyWebProxy/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDDTCCAnagAwIBAgIJAK0sM7Yqpr2RMA0GCSqGSIb3DQEBBQUAMGMxCzAJBgNV 3 | BAYTAklOMRIwEAYDVQQIEwlCYW5nYWxvcmUxFTATBgNVBAcTDE9wZW5TZWN1cml0 4 | eTEPMA0GA1UEChMGTW9iU2VjMRgwFgYDVQQDEw9Nb2JTZWNGcmFtZXdvcmswHhcN 5 | MTUwNjE2MTI0MzAwWhcNMjUwNjEzMTI0MzAwWjBjMQswCQYDVQQGEwJJTjESMBAG 6 | A1UECBMJQmFuZ2Fsb3JlMRUwEwYDVQQHEwxPcGVuU2VjdXJpdHkxDzANBgNVBAoT 7 | Bk1vYlNlYzEYMBYGA1UEAxMPTW9iU2VjRnJhbWV3b3JrMIGfMA0GCSqGSIb3DQEB 8 | AQUAA4GNADCBiQKBgQD0u3s2k7DVscVZ9OnjKzx9u/jOpEyWyY5SReKzRuiLraMG 9 | DCzRdCo/+k+ho4NTo9bd1/C+15DosydqngiTHzXTH4ULod1Ru67MDi8WQGpJNldu 10 | midjYYmX1e2tcqTjhGfFC/vNGlDOcbrONdkB2HVZkQGEZN9m/zPHwuDT7wKfYwID 11 | AQABo4HIMIHFMB0GA1UdDgQWBBTRDRPjp9BGzygpqf0BoCef65bQlTCBlQYDVR0j 12 | BIGNMIGKgBTRDRPjp9BGzygpqf0BoCef65bQlaFnpGUwYzELMAkGA1UEBhMCSU4x 13 | EjAQBgNVBAgTCUJhbmdhbG9yZTEVMBMGA1UEBxMMT3BlblNlY3VyaXR5MQ8wDQYD 14 | VQQKEwZNb2JTZWMxGDAWBgNVBAMTD01vYlNlY0ZyYW1ld29ya4IJAK0sM7Yqpr2R 15 | MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAYl7FDfoQtm1eyBwCoLCz 16 | BzWvON+TKaNsz1WB9VgDKwWyEsXZvI9SgzIJNVrufv4RhMXfWyaDT0gd9lOlcG3A 17 | /B0jrxoUpHJLkfb1To4Nzf31xMlVjdgt0ThPCi8+LkDfHZZ8QAKDeDWOurNv+k9B 18 | Esury3f3jr2ni/u5FKhSlIk= 19 | -----END CERTIFICATE----- 20 | -------------------------------------------------------------------------------- /DynamicAnalyzer/pyWebProxy/ca.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | Proc-Type: 4,ENCRYPTED 3 | DEK-Info: DES-EDE3-CBC,901C188A374539B7 4 | 5 | jJvgOGNfdIEjVdKxW8fy2ZiaJANhu5oEy1s7k029A4Nkg7rhaDuOEXSw054KmEhj 6 | aKEX9CGVdJeMwvrFfXG/QnLbJR1NwnqI+ce6N3yKtO/FTLG9tcCsL06AaUkHT/If 7 | chj793TDvzTkea7rnIjIa8xYDZci3ok8XtppTbHyrQAkOuH6X0GMyyHLhFjSVph3 8 | Y7P/BjGGsV1u6Zz9i0ZSDQ8UAfS/NDVANgonleFmzh0jTT0GLHmQ17RI+G+Jm9VE 9 | /x3kzSqT68MJen1NANOselcPrMdz5JTjoxcKsaypcGu9RSVNIlefQPY8UoqAp8zk 10 | a40TqAOWij3a/pQ/1FP6sx4a4rpF+RIkNxT1fziWfJYKjbnHWd83YS31lYU0nFeT 11 | suaAnZCO2IduMruUh+gHkcMEoFk8JIxVsNNfNtRGQxBGQf6+QXZCgVRUGnCEiz+I 12 | Q15Xgwcxj7KvljiKX7V8LkqHrAtyC0SjnoQ8mf+VeIxvx1dEGbacQI75DMtyKrM3 13 | 2lOOIXBDseUd1iTPiw3Q/UJyRJsxtFWetF4rsXnw+p6igfCzpTSJkQ3vXhjAP+wu 14 | xHJ5EbPOTmjN7+upN3+TqMZlsBYwPOsnF+w5lDOQu9LW1dBtLNK2QLIU7tWijFgo 15 | +ULHx4fqsiLb7AVzheuLeqV+bqafo3vLheWSFqzPcacZf/k/vQGAyWsq4xztHMH3 16 | E4xNsU5CAZH7LXcSbr+KPBGwO1kco+4A1bYhleum7Wvl91IjBABnp/K+iqr2zTP7 17 | 3BVRsMnLxMHMOfvVdB7aqdMNZgRD7KhPzDFYA9VEUVzYvbV3b8W0UA== 18 | -----END RSA PRIVATE KEY----- 19 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tests.py: -------------------------------------------------------------------------------- 1 | from django.test import TestCase 2 | 3 | # Create your tests here. 4 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/adb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/linux/adb -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/dmtracedump: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/linux/dmtracedump -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/etc1tool: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/linux/etc1tool -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/fastboot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/linux/fastboot -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/hprof-conv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/linux/hprof-conv -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/source.properties: -------------------------------------------------------------------------------- 1 | Pkg.UserSrc=false 2 | Pkg.Revision=22.0.0 3 | 4 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/sqlite3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/linux/sqlite3 -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/systrace/AUTHORS: -------------------------------------------------------------------------------- 1 | # Names should be added to this file with this pattern: 2 | # 3 | # For individuals: 4 | # Name 5 | # 6 | # For organizations: 7 | # Organization 8 | # 9 | # See python fnmatch module documentation for more information. 10 | 11 | The Chromium Authors <*@chromium.org> 12 | Google Inc. <*@google.com> 13 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/systrace/LICENSE: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2010 The Chromium Authors. All rights reserved. 2 | // 3 | // Redistribution and use in source and binary forms, with or without 4 | // modification, are permitted provided that the following conditions are 5 | // met: 6 | // 7 | // * Redistributions of source code must retain the above copyright 8 | // notice, this list of conditions and the following disclaimer. 9 | // * Redistributions in binary form must reproduce the above 10 | // copyright notice, this list of conditions and the following disclaimer 11 | // in the documentation and/or other materials provided with the 12 | // distribution. 13 | // * Neither the name of Google Inc. nor the names of its 14 | // contributors may be used to endorse or promote products derived from 15 | // this software without specific prior written permission. 16 | // 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/systrace/UPSTREAM_REVISION: -------------------------------------------------------------------------------- 1 | 775 2 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/linux/systrace/prefix.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Android System Trace 6 | %s 7 | %s 8 | 21 | 31 | 32 | 33 |
%s
34 |
35 |
36 | 37 | 3 | 4 | 5 | 6 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/adb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/mac/adb -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/dmtracedump: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/mac/dmtracedump -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/etc1tool: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/mac/etc1tool -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/fastboot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/mac/fastboot -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/hprof-conv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/mac/hprof-conv -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/sqlite3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/mac/sqlite3 -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/systrace/AUTHORS: -------------------------------------------------------------------------------- 1 | # Names should be added to this file with this pattern: 2 | # 3 | # For individuals: 4 | # Name 5 | # 6 | # For organizations: 7 | # Organization 8 | # 9 | # See python fnmatch module documentation for more information. 10 | 11 | The Chromium Authors <*@chromium.org> 12 | Google Inc. <*@google.com> 13 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/systrace/LICENSE: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2010 The Chromium Authors. All rights reserved. 2 | // 3 | // Redistribution and use in source and binary forms, with or without 4 | // modification, are permitted provided that the following conditions are 5 | // met: 6 | // 7 | // * Redistributions of source code must retain the above copyright 8 | // notice, this list of conditions and the following disclaimer. 9 | // * Redistributions in binary form must reproduce the above 10 | // copyright notice, this list of conditions and the following disclaimer 11 | // in the documentation and/or other materials provided with the 12 | // distribution. 13 | // * Neither the name of Google Inc. nor the names of its 14 | // contributors may be used to endorse or promote products derived from 15 | // this software without specific prior written permission. 16 | // 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/systrace/UPSTREAM_REVISION: -------------------------------------------------------------------------------- 1 | 775 2 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/mac/systrace/prefix.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Android System Trace 6 | %s 7 | %s 8 | 21 | 31 | 32 | 33 |
%s
34 |
35 |
36 | 37 | 3 | 4 | 5 | 6 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/AdbWinApi.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/windows/AdbWinApi.dll -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/AdbWinUsbApi.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/windows/AdbWinUsbApi.dll -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/adb.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/windows/adb.exe -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/dmtracedump.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/windows/dmtracedump.exe -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/etc1tool.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/windows/etc1tool.exe -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/fastboot.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/windows/fastboot.exe -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/hprof-conv.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/windows/hprof-conv.exe -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/sqlite3.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/adb/windows/sqlite3.exe -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/systrace/AUTHORS: -------------------------------------------------------------------------------- 1 | # Names should be added to this file with this pattern: 2 | # 3 | # For individuals: 4 | # Name 5 | # 6 | # For organizations: 7 | # Organization 8 | # 9 | # See python fnmatch module documentation for more information. 10 | 11 | The Chromium Authors <*@chromium.org> 12 | Google Inc. <*@google.com> 13 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/systrace/LICENSE: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2010 The Chromium Authors. All rights reserved. 2 | // 3 | // Redistribution and use in source and binary forms, with or without 4 | // modification, are permitted provided that the following conditions are 5 | // met: 6 | // 7 | // * Redistributions of source code must retain the above copyright 8 | // notice, this list of conditions and the following disclaimer. 9 | // * Redistributions in binary form must reproduce the above 10 | // copyright notice, this list of conditions and the following disclaimer 11 | // in the documentation and/or other materials provided with the 12 | // distribution. 13 | // * Neither the name of Google Inc. nor the names of its 14 | // contributors may be used to endorse or promote products derived from 15 | // this software without specific prior written permission. 16 | // 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/systrace/UPSTREAM_REVISION: -------------------------------------------------------------------------------- 1 | 775 2 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/adb/windows/systrace/prefix.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Android System Trace 6 | %s 7 | %s 8 | 21 | 31 | 32 | 33 |
%s
34 |
35 |
36 | 37 | 3 | 4 | 5 | 6 | -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/onDevice/AndroidBluePill.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/onDevice/AndroidBluePill.apk -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/onDevice/DataPusher.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/onDevice/DataPusher.apk -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/onDevice/Droidmon.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/onDevice/Droidmon.apk -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/onDevice/JustTrustMe.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/onDevice/JustTrustMe.apk -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/onDevice/RootCloak.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/onDevice/RootCloak.apk -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/onDevice/ScreenCast.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/onDevice/ScreenCast.apk -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/onDevice/Xposed.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/DynamicAnalyzer/tools/onDevice/Xposed.apk -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/onDevice/antivm/fake-cpuinfo: -------------------------------------------------------------------------------- 1 | Processor : ARMv7 Processor rev 0 (v7l) 2 | BogoMIPS : 366.18 3 | Features : swp half thumb fastmult vfp edsp neon vfpv3 4 | CPU implementer : 0x41 5 | CPU architecture: 7 6 | CPU variant : 0x0 7 | CPU part : 0xc08 8 | CPU revision : 0 9 | 10 | Hardware : Qualcomm MSM 8974 HAMMERHEAD (Flattened Device Tree) 11 | Revision : 0000 12 | Serial : 0000000000000000 -------------------------------------------------------------------------------- /DynamicAnalyzer/tools/onDevice/antivm/fake-drivers: -------------------------------------------------------------------------------- 1 | /dev/tty /dev/tty 5 0 system:/dev/tty 2 | /dev/console /dev/console 5 1 system:console 3 | /dev/ptmx /dev/ptmx 5 2 system 4 | /dev/vc/0 /dev/vc/0 4 0 system:vtmaster 5 | rfcomm /dev/rfcomm 216 0-255 serial 6 | acm /dev/ttyACM 166 0-31 serial 7 | hso /dev/ttyHS 243 0-255 serial 8 | msm_serial_hsl /dev/ttyHSL 247 0-2 serial 9 | msm_serial_hs /dev/ttyHS 248 0-255 serial 10 | pty_slave /dev/pts 136 0-1048575 pty:slave 11 | pty_master /dev/ptm 128 0-1048575 pty:master 12 | unknown /dev/tty 4 1-63 console 13 | -------------------------------------------------------------------------------- /LICENSES/AdminLTE_theme.txt: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | Copyright © 2014-2015 Almsaeed Studio 3 | 4 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 5 | 6 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 7 | 8 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- /LICENSES/CFR.txt: -------------------------------------------------------------------------------- 1 | CFR - License 2 | 3 | 4 | Sourced from The MIT License (MIT) 5 | 6 | Copyright (c) 2011-2014 Lee Benfield - http://www.benf.org/other/cfr 7 | 8 | Permission is hereby granted, free of charge, to any person obtaining a copy 9 | of this software and associated documentation files (the "Software"), to deal 10 | in the Software without restriction, including without limitation the rights 11 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 | copies of the Software, and to permit persons to whom the Software is 13 | furnished to do so, subject to the following conditions: 14 | 15 | The above copyright notice and this permission notice shall be included in 16 | all copies or substantial portions of the Software. 17 | 18 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 21 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 | THE SOFTWARE. -------------------------------------------------------------------------------- /LICENSES/Rootcloak.txt: -------------------------------------------------------------------------------- 1 | Copyright 2013 Matt Joseph (devadvance) 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. -------------------------------------------------------------------------------- /LICENSES/backsmali.txt: -------------------------------------------------------------------------------- 1 | The BSD 3-Clause License 2 | The following is a BSD 3-Clause ("BSD New" or "BSD Simplified") license template. To generate your own license, change the values of OWNER, ORGANIZATION and YEAR from their original values as given here, and substitute your own. 3 | 4 | Note: You may omit clause 3 and still be OSD-conformant. Despite its colloquial name "BSD New", this is not the newest version of the BSD license; it was followed by the even newer BSD-2-Clause version, sometimes known as the "Simplified BSD License". On January 9th, 2008 the OSI Board approved BSD-2-Clause, which is used by FreeBSD and others. It omits the final "no-endorsement" clause and is thus roughly equivalent to the MIT License. 5 | 6 | Historical Background: The original license used on BSD Unix had four clauses. The advertising clause (the third of four clauses) required you to acknowledge use of U.C. Berkeley code in your advertising of any product using that code. It was officially rescinded by the Director of the Office of Technology Licensing of the University of California on July 22nd, 1999. He states that clause 3 is "hereby deleted in its entirety." The four clause license has not been approved by OSI. The license below does not contain the advertising clause. 7 | 8 | This prelude is not part of the license. 9 | 10 | = Regents of the University of California 11 | = University of California, Berkeley 12 | = 1998 13 | 14 | In the original BSD license, the occurrence of "copyright holder" in the 3rd clause read "ORGANIZATION", placeholder for "University of California". In the original BSD license, both occurrences of the phrase "COPYRIGHT HOLDERS AND CONTRIBUTORS" in the disclaimer read "REGENTS AND CONTRIBUTORS". 15 | 16 | Here is the license template: 17 | 18 | Copyright (c) , 19 | All rights reserved. 20 | 21 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 22 | 23 | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 24 | 25 | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 26 | 27 | 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 28 | 29 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- /LICENSES/class-dump-z.txt: -------------------------------------------------------------------------------- 1 | The BSD 3-Clause License 2 | Copyright (c) 2009, KennyTM 3 | All rights reserved. 4 | 5 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 6 | 7 | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 8 | 9 | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 10 | 11 | 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 12 | 13 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- /LICENSES/fuzzdb_path_traversal_payload.txt: -------------------------------------------------------------------------------- 1 | Copyright (c) 2010-2015, Adam Muntner 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 5 | 6 | Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 7 | Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 8 | Neither the name of fuzzdb nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 9 | 10 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 11 | 12 | Licensed under Creative Commons - By Attribution 13 | 14 | see 15 | 16 | http://creativecommons.org/licenses/by/3.0/legalcode -------------------------------------------------------------------------------- /LICENSES/ios_binary_analysis_rules.txt: -------------------------------------------------------------------------------- 1 | # 2 | # Redistribution and use in source and binary forms, with or without 3 | # modification, are permitted provided that the following conditions are met: 4 | # 5 | # * Redistributions of source code must retain the above copyright notice, this 6 | # list of conditions and the following disclaimer. 7 | # * Redistributions in binary form must reproduce the above copyright notice, 8 | # this list of conditions and the following disclaimer in the documentation 9 | # and/or other materials provided with the distribution. 10 | # * Neither the name of the Nth Dimension nor the names of its contributors may 11 | # be used to endorse or promote products derived from this software without 12 | # specific prior written permission. 13 | # 14 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 15 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 18 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 19 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 20 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 21 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 22 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 23 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 24 | # POSSIBILITY OF SUCH DAMAGE. 25 | # 26 | # (c) Tim Brown, 2014 27 | # 28 | # / -------------------------------------------------------------------------------- /LICENSES/jd-core.txt: -------------------------------------------------------------------------------- 1 | JD-Core-java is released under the MIT license. 2 | 3 | JD-IntelliJ is free for non-commercial use. This means that JD-IntelliJ shall not be included or embedded into commercial software products. Nevertheless, this project may be freely used for personal needs in a commercial or non-commercial environments. -------------------------------------------------------------------------------- /LICENSES/pywebproxy.txt: -------------------------------------------------------------------------------- 1 | owtf is an OWASP+PTES-focused try to unite great tools & facilitate pentesting 2 | Copyright (c) 2013, Abraham Aranguren http://7-a.org 3 | All rights reserved. 4 | 5 | Inbound Proxy Module developed by Bharadwaj Machiraju (blog.tunnelshade.in) as a part of Google Summer of Code 2013 6 | 7 | Redistribution and use in source and binary forms, with or without 8 | modification, are permitted provided that the following conditions are met: 9 | * Redistributions of source code must retain the above copyright 10 | notice, this list of conditions and the following disclaimer. 11 | * Redistributions in binary form must reproduce the above copyright 12 | notice, this list of conditions and the following disclaimer in the 13 | documentation and/or other materials provided with the distribution. 14 | * Neither the name of the copyright owner nor the 15 | names of its contributors may be used to endorse or promote products 16 | derived from this software without specific prior written permission. 17 | 18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 19 | ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 20 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 22 | ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 23 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 24 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 25 | ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 27 | SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- /MalwareAnalyzer/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/MalwareAnalyzer/__init__.py -------------------------------------------------------------------------------- /MalwareAnalyzer/admin.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | 3 | # Register your models here. 4 | -------------------------------------------------------------------------------- /MalwareAnalyzer/malwaredb/malwaredomainlist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/MalwareAnalyzer/malwaredb/malwaredomainlist -------------------------------------------------------------------------------- /MalwareAnalyzer/models.py: -------------------------------------------------------------------------------- 1 | from django.db import models 2 | 3 | # Create your models here. 4 | -------------------------------------------------------------------------------- /MalwareAnalyzer/tests.py: -------------------------------------------------------------------------------- 1 | from django.test import TestCase 2 | 3 | # Create your tests here. 4 | -------------------------------------------------------------------------------- /MalwareAnalyzer/views.py: -------------------------------------------------------------------------------- 1 | from django.shortcuts import render 2 | from django.conf import settings 3 | 4 | from MobSF.utils import PrintException,isInternetAvailable,sha256 5 | 6 | from urlparse import urlparse 7 | import urllib2,shutil,io,os,re,tempfile 8 | 9 | #PATH 10 | MALWARE_DB_DIR=TOOLS_DIR=os.path.join(settings.BASE_DIR, 'MalwareAnalyzer/malwaredb/') 11 | 12 | def UpdateDB(): 13 | try: 14 | url = "https://www.malwaredomainlist.com/mdlcsv.php" 15 | response = urllib2.urlopen(url) 16 | data = response.read() 17 | TMP_DWD = tempfile.NamedTemporaryFile() 18 | TMP_DWD.write(data) 19 | DB = os.path.join(MALWARE_DB_DIR,'malwaredomainlist') 20 | #Check1: SHA256 Change 21 | if sha256(TMP_DWD.name) != sha256(DB): 22 | #DB needs update 23 | #Check2: DB Syntax Changed 24 | rd = io.open(TMP_DWD.name,mode='r',encoding="utf8",errors="ignore") 25 | line = rd.readline() 26 | rd.close() 27 | lst = line.split('",') 28 | if len(lst) == 10: 29 | #DB Format is not changed. Let's update DB 30 | print "\n[INFO] Updating Malware Database...." 31 | shutil.copyfile(TMP_DWD.name,DB) 32 | else: 33 | print "\n[WARNING] Malware Database format from malwaredomainlist.com changed. Database is not updated. Please report to: https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/issues" 34 | else: 35 | print "\n[INFO] Malware Database is up-to-date." 36 | TMP_DWD.close() 37 | except: 38 | PrintException("[ERROR] Malware DB Update") 39 | def MalwareCheck(urllist): 40 | RESULT = {} 41 | domainlist = list() 42 | try: 43 | domainlist = getDomains(urllist) 44 | if domainlist: 45 | if isInternetAvailable(): 46 | UpdateDB(); 47 | else: 48 | print "\n[WARNING] No Internet Connection. Skipping Malware Database Update." 49 | DB = os.path.join(MALWARE_DB_DIR,'malwaredomainlist') 50 | with io.open(DB,mode='r',encoding="utf8",errors="ignore") as f: 51 | entry_list = f.readlines() 52 | for entry in entry_list: 53 | enlist = entry.split('","') 54 | if len(enlist) > 5: 55 | details_dict = dict() 56 | details_dict["domain_or_url"] = enlist[1] 57 | details_dict["ip"] = enlist[2] 58 | details_dict["desc"] = enlist[4] 59 | details_dict["bad"] = "yes" 60 | for domain in domainlist: 61 | if (domain in details_dict["domain_or_url"]) or (domain in details_dict["ip"]): 62 | RESULT[domain] = details_dict 63 | for domain in domainlist: 64 | if domain not in RESULT: 65 | x = dict() 66 | x["bad"] = "no" 67 | RESULT[domain] = x 68 | except: 69 | PrintException("[ERROR] Performing Malware Check") 70 | return RESULT 71 | 72 | #Helper Functions 73 | 74 | 75 | def getDomains(urls): 76 | try: 77 | DOMAINS=list() 78 | for url in urls: 79 | parsed_uri = urlparse(url) 80 | domain = '{uri.netloc}'.format(uri=parsed_uri) 81 | if ((domain not in DOMAINS) and 82 | (len(domain) > 2) and 83 | ("." in domain) and 84 | (domain.endswith(".")==False and 85 | re.search('[a-zA-Z0-9]', domain))): 86 | DOMAINS.append(domain) 87 | return DOMAINS 88 | except: 89 | PrintException("[ERROR] Extracting Domain form URL") 90 | pass 91 | -------------------------------------------------------------------------------- /MobSF/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/MobSF/__init__.py -------------------------------------------------------------------------------- /MobSF/forms.py: -------------------------------------------------------------------------------- 1 | from django import forms 2 | 3 | class UploadFileForm(forms.Form): 4 | file = forms.FileField() 5 | -------------------------------------------------------------------------------- /MobSF/models.py: -------------------------------------------------------------------------------- 1 | from django.db import models 2 | 3 | class RecentScansDB(models.Model): 4 | NAME=models.TextField() 5 | MD5=models.CharField(max_length=50) 6 | URL=models.TextField() 7 | TS=models.DateTimeField() 8 | 9 | -------------------------------------------------------------------------------- /MobSF/urls.py: -------------------------------------------------------------------------------- 1 | from django.conf.urls import include, url 2 | from django.contrib import admin 3 | 4 | urlpatterns = [ 5 | # Examples: 6 | url(r'^$','MobSF.views.index', name='index'), 7 | url(r'^Upload/$', 'MobSF.views.Upload', name='Upload'), 8 | url(r'^download/', 'MobSF.views.Download', name='download'), 9 | url(r'^about/$', 'MobSF.views.about', name='about'), 10 | url(r'^RecentScans/$', 'MobSF.views.RecentScans', name='RecentScans'), 11 | url(r'^Search/$', 'MobSF.views.Search', name='Search'), 12 | url(r'^error/$', 'MobSF.views.error', name='error'), 13 | url(r'^NotFound/$', 'MobSF.views.NotFound', name='NotFound'), 14 | url(r'^ZIP_FORMAT/$', 'MobSF.views.ZIP_FORMAT', name='ZIP_FORMAT'), 15 | url(r'^MAC_ONLY/$', 'MobSF.views.MAC_ONLY', name='MAC_ONLY'), 16 | url(r'^StaticAnalyzer/$', 'StaticAnalyzer.views.StaticAnalyzer', name='StaticAnalyzer'), 17 | url(r'^StaticAnalyzer_iOS/$', 'StaticAnalyzer.views.StaticAnalyzer_iOS', name='StaticAnalyzer_iOS'), 18 | url(r'^ViewSource/$', 'StaticAnalyzer.views.ViewSource', name='ViewSource'), 19 | url(r'^PDF/$', 'StaticAnalyzer.views.PDF', name='PDF'), 20 | url(r'^ViewFile/$', 'StaticAnalyzer.views.ViewFile', name='ViewFile'), 21 | url(r'^Smali/$', 'StaticAnalyzer.views.Smali', name='Smali'), 22 | url(r'^Java/$', 'StaticAnalyzer.views.Java', name='Java'), 23 | url(r'^Find/$', 'StaticAnalyzer.views.Find', name='Find'), 24 | url(r'^ManifestView/$', 'StaticAnalyzer.views.ManifestView', name='ManifestView'), 25 | url(r'^DynamicAnalyzer/$', 'DynamicAnalyzer.views.DynamicAnalyzer', name='DynamicAnalyzer'), 26 | url(r'^GetEnv/$', 'DynamicAnalyzer.views.GetEnv', name='GetEnv'), 27 | url(r'^GetRes/$', 'DynamicAnalyzer.views.GetRes', name='GetRes'), 28 | url(r'^MobSFCA/$', 'DynamicAnalyzer.views.MobSFCA', name='MobSFCA'), 29 | url(r'^TakeScreenShot/$', 'DynamicAnalyzer.views.TakeScreenShot', name='TakeScreenShot'), 30 | url(r'^ExportedActivityTester/$', 'DynamicAnalyzer.views.ExportedActivityTester', name='ExportedActivityTester'), 31 | url(r'^ActivityTester/$', 'DynamicAnalyzer.views.ActivityTester', name='ActivityTester'), 32 | url(r'^FinalTest/$', 'DynamicAnalyzer.views.FinalTest', name='FinalTest'), 33 | url(r'^DumpData/$', 'DynamicAnalyzer.views.DumpData', name='DumpData'), 34 | url(r'^ExecuteADB/$', 'DynamicAnalyzer.views.ExecuteADB', name='ExecuteADB'), 35 | url(r'^Report/$', 'DynamicAnalyzer.views.Report', name='Report'), 36 | url(r'^View/$', 'DynamicAnalyzer.views.View', name='View'), 37 | url(r'^ScreenCast/$', 'DynamicAnalyzer.views.ScreenCast', name='ScreenCast'), 38 | url(r'^Touch/$', 'DynamicAnalyzer.views.Touch', name='Touch'), 39 | url(r'^APIFuzzer/$', 'APITester.views.APIFuzzer', name='APIFuzzer'), 40 | url(r'^StartScan/$', 'APITester.views.StartScan', name='StartScan'), 41 | url(r'^NoAPI/$', 'APITester.views.NoAPI', name='NoAPI'), 42 | #url(r'^admin/', include(admin.site.urls)), 43 | ] 44 | 45 | 46 | 47 | -------------------------------------------------------------------------------- /MobSF/wsgi.py: -------------------------------------------------------------------------------- 1 | """ 2 | WSGI config for MobSF project. 3 | 4 | It exposes the WSGI callable as a module-level variable named ``application``. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/dev/howto/deployment/wsgi/ 8 | """ 9 | 10 | import os 11 | os.environ.setdefault("DJANGO_SETTINGS_MODULE", "MobSF.settings") 12 | 13 | from django.core.wsgi import get_wsgi_application 14 | application = get_wsgi_application() 15 | -------------------------------------------------------------------------------- /StaticAnalyzer/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/__init__.py -------------------------------------------------------------------------------- /StaticAnalyzer/admin.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | 3 | # Register your models here. 4 | -------------------------------------------------------------------------------- /StaticAnalyzer/models.py: -------------------------------------------------------------------------------- 1 | from django.db import models 2 | # Create your models here. 3 | class StaticAnalyzerAndroid(models.Model): 4 | TITLE=models.TextField() 5 | APP_NAME = models.TextField() 6 | SIZE = models.CharField(max_length=50) 7 | MD5 =models.CharField(max_length=30) 8 | SHA1 =models.TextField() 9 | SHA256 =models.TextField() 10 | PACKAGENAME=models.TextField() 11 | MAINACTIVITY=models.TextField() 12 | TARGET_SDK=models.CharField(max_length=50) 13 | MAX_SDK=models.CharField(max_length=50) 14 | MIN_SDK=models.CharField(max_length=50) 15 | ANDROVERNAME=models.CharField(max_length=100) 16 | ANDROVER=models.CharField(max_length=50) 17 | MANIFEST_ANAL=models.TextField() 18 | PERMISSIONS=models.TextField() 19 | FILES=models.TextField() 20 | CERTZ=models.TextField() 21 | ACTIVITIES=models.TextField() 22 | RECEIVERS=models.TextField() 23 | PROVIDERS=models.TextField() 24 | SERVICES=models.TextField() 25 | LIBRARIES=models.TextField() 26 | CNT_ACT=models.CharField(max_length=50) 27 | CNT_PRO=models.CharField(max_length=50) 28 | CNT_SER=models.CharField(max_length=50) 29 | CNT_BRO=models.CharField(max_length=50) 30 | CERT_INFO=models.TextField() 31 | ISSUED=models.CharField(max_length=10) 32 | NATIVE=models.CharField(max_length=50) 33 | DYNAMIC=models.CharField(max_length=50) 34 | REFLECT=models.CharField(max_length=50) 35 | CRYPTO=models.CharField(max_length=50) 36 | OBFUS=models.CharField(max_length=50) 37 | API=models.TextField() 38 | DANG=models.TextField() 39 | URLS=models.TextField() 40 | DOMAINS=models.TextField() 41 | EMAILS=models.TextField() 42 | STRINGS=models.TextField() 43 | ZIPPED=models.TextField() 44 | MANI=models.TextField() 45 | EXPORTED_ACT=models.TextField() 46 | E_ACT=models.CharField(max_length=50) 47 | E_SER=models.CharField(max_length=50) 48 | E_BRO=models.CharField(max_length=50) 49 | E_CNT=models.CharField(max_length=50) 50 | class StaticAnalyzerIPA(models.Model): 51 | TITLE=models.TextField() 52 | APPNAMEX=models.TextField() 53 | SIZE=models.CharField(max_length=50) 54 | MD5=models.CharField(max_length=50) 55 | SHA1=models.TextField() 56 | SHA256=models.TextField() 57 | INFOPLIST=models.TextField() 58 | BINNAME=models.TextField() 59 | IDF=models.TextField() 60 | VERSION=models.CharField(max_length=50) 61 | SDK=models.TextField() 62 | PLTFM=models.TextField() 63 | MINX=models.TextField() 64 | BIN_ANAL=models.TextField() 65 | LIBS=models.TextField() 66 | FILES=models.TextField() 67 | SFILESX=models.TextField() 68 | class StaticAnalyzerIOSZIP(models.Model): 69 | TITLE=models.TextField() 70 | APPNAMEX=models.TextField() 71 | SIZE=models.CharField(max_length=50) 72 | MD5=models.CharField(max_length=50) 73 | SHA1=models.TextField() 74 | SHA256=models.TextField() 75 | INFOPLIST=models.TextField() 76 | BINNAME=models.TextField() 77 | IDF=models.TextField() 78 | VERSION=models.CharField(max_length=50) 79 | SDK=models.TextField() 80 | PLTFM=models.TextField() 81 | MINX=models.TextField() 82 | BIN_ANAL=models.TextField() 83 | LIBS=models.TextField() 84 | FILES=models.TextField() 85 | SFILESX=models.TextField() 86 | HTML=models.TextField() 87 | CODEANAL=models.TextField() 88 | URLnFile=models.TextField() 89 | DOMAINS=models.TextField() 90 | EmailnFile=models.TextField() -------------------------------------------------------------------------------- /StaticAnalyzer/tests.py: -------------------------------------------------------------------------------- 1 | from django.test import TestCase 2 | 3 | # Create your tests here. 4 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/AXMLPrinter2.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/AXMLPrinter2.jar -------------------------------------------------------------------------------- /StaticAnalyzer/tools/CertPrint.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/CertPrint.jar -------------------------------------------------------------------------------- /StaticAnalyzer/tools/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/__init__.py -------------------------------------------------------------------------------- /StaticAnalyzer/tools/baksmali.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/baksmali.jar -------------------------------------------------------------------------------- /StaticAnalyzer/tools/cfr_0_115.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/cfr_0_115.jar -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-baksmali.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM 4 | REM dex2jar - Tools to work with android .dex and java .class files 5 | REM Copyright (c) 2009-2013 Panxiaobo 6 | REM 7 | REM Licensed under the Apache License, Version 2.0 (the "License"); 8 | REM you may not use this file except in compliance with the License. 9 | REM You may obtain a copy of the License at 10 | REM 11 | REM http://www.apache.org/licenses/LICENSE-2.0 12 | REM 13 | REM Unless required by applicable law or agreed to in writing, software 14 | REM distributed under the License is distributed on an "AS IS" BASIS, 15 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | REM See the License for the specific language governing permissions and 17 | REM limitations under the License. 18 | REM 19 | 20 | REM call d2j_invoke.bat to setup java environment 21 | @"%~dp0d2j_invoke.bat" com.googlecode.d2j.smali.BaksmaliCmd %* 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-baksmali.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | # call d2j_invoke.sh to setup java environment 36 | "$PRGDIR/d2j_invoke.sh" "com.googlecode.d2j.smali.BaksmaliCmd" "$@" 37 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-dex-recompute-checksum.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM 4 | REM dex2jar - Tools to work with android .dex and java .class files 5 | REM Copyright (c) 2009-2013 Panxiaobo 6 | REM 7 | REM Licensed under the Apache License, Version 2.0 (the "License"); 8 | REM you may not use this file except in compliance with the License. 9 | REM You may obtain a copy of the License at 10 | REM 11 | REM http://www.apache.org/licenses/LICENSE-2.0 12 | REM 13 | REM Unless required by applicable law or agreed to in writing, software 14 | REM distributed under the License is distributed on an "AS IS" BASIS, 15 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | REM See the License for the specific language governing permissions and 17 | REM limitations under the License. 18 | REM 19 | 20 | REM call d2j_invoke.bat to setup java environment 21 | @"%~dp0d2j_invoke.bat" com.googlecode.dex2jar.tools.DexRecomputeChecksum %* 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-dex-recompute-checksum.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | # call d2j_invoke.sh to setup java environment 36 | "$PRGDIR/d2j_invoke.sh" "com.googlecode.dex2jar.tools.DexRecomputeChecksum" "$@" 37 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-dex2jar.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM 4 | REM dex2jar - Tools to work with android .dex and java .class files 5 | REM Copyright (c) 2009-2013 Panxiaobo 6 | REM 7 | REM Licensed under the Apache License, Version 2.0 (the "License"); 8 | REM you may not use this file except in compliance with the License. 9 | REM You may obtain a copy of the License at 10 | REM 11 | REM http://www.apache.org/licenses/LICENSE-2.0 12 | REM 13 | REM Unless required by applicable law or agreed to in writing, software 14 | REM distributed under the License is distributed on an "AS IS" BASIS, 15 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | REM See the License for the specific language governing permissions and 17 | REM limitations under the License. 18 | REM 19 | 20 | REM call d2j_invoke.bat to setup java environment 21 | @"%~dp0d2j_invoke.bat" com.googlecode.dex2jar.tools.Dex2jarCmd %* 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-dex2jar.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | # call d2j_invoke.sh to setup java environment 36 | "$PRGDIR/d2j_invoke.sh" "com.googlecode.dex2jar.tools.Dex2jarCmd" "$@" 37 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-dex2smali.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM 4 | REM dex2jar - Tools to work with android .dex and java .class files 5 | REM Copyright (c) 2009-2013 Panxiaobo 6 | REM 7 | REM Licensed under the Apache License, Version 2.0 (the "License"); 8 | REM you may not use this file except in compliance with the License. 9 | REM You may obtain a copy of the License at 10 | REM 11 | REM http://www.apache.org/licenses/LICENSE-2.0 12 | REM 13 | REM Unless required by applicable law or agreed to in writing, software 14 | REM distributed under the License is distributed on an "AS IS" BASIS, 15 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | REM See the License for the specific language governing permissions and 17 | REM limitations under the License. 18 | REM 19 | 20 | REM call d2j_invoke.bat to setup java environment 21 | @"%~dp0d2j_invoke.bat" com.googlecode.d2j.smali.BaksmaliCmd %* 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-dex2smali.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | # call d2j_invoke.sh to setup java environment 36 | "$PRGDIR/d2j_invoke.sh" "com.googlecode.d2j.smali.BaksmaliCmd" "$@" 37 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-jar2dex.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM 4 | REM dex2jar - Tools to work with android .dex and java .class files 5 | REM Copyright (c) 2009-2013 Panxiaobo 6 | REM 7 | REM Licensed under the Apache License, Version 2.0 (the "License"); 8 | REM you may not use this file except in compliance with the License. 9 | REM You may obtain a copy of the License at 10 | REM 11 | REM http://www.apache.org/licenses/LICENSE-2.0 12 | REM 13 | REM Unless required by applicable law or agreed to in writing, software 14 | REM distributed under the License is distributed on an "AS IS" BASIS, 15 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | REM See the License for the specific language governing permissions and 17 | REM limitations under the License. 18 | REM 19 | 20 | REM call d2j_invoke.bat to setup java environment 21 | @"%~dp0d2j_invoke.bat" com.googlecode.dex2jar.tools.Jar2Dex %* 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-jar2dex.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | # call d2j_invoke.sh to setup java environment 36 | "$PRGDIR/d2j_invoke.sh" "com.googlecode.dex2jar.tools.Jar2Dex" "$@" 37 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-jar2jasmin.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM 4 | REM dex2jar - Tools to work with android .dex and java .class files 5 | REM Copyright (c) 2009-2013 Panxiaobo 6 | REM 7 | REM Licensed under the Apache License, Version 2.0 (the "License"); 8 | REM you may not use this file except in compliance with the License. 9 | REM You may obtain a copy of the License at 10 | REM 11 | REM http://www.apache.org/licenses/LICENSE-2.0 12 | REM 13 | REM Unless required by applicable law or agreed to in writing, software 14 | REM distributed under the License is distributed on an "AS IS" BASIS, 15 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | REM See the License for the specific language governing permissions and 17 | REM limitations under the License. 18 | REM 19 | 20 | REM call d2j_invoke.bat to setup java environment 21 | @"%~dp0d2j_invoke.bat" com.googlecode.d2j.jasmin.Jar2JasminCmd %* 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-jar2jasmin.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | # call d2j_invoke.sh to setup java environment 36 | "$PRGDIR/d2j_invoke.sh" "com.googlecode.d2j.jasmin.Jar2JasminCmd" "$@" 37 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-jasmin2jar.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM 4 | REM dex2jar - Tools to work with android .dex and java .class files 5 | REM Copyright (c) 2009-2013 Panxiaobo 6 | REM 7 | REM Licensed under the Apache License, Version 2.0 (the "License"); 8 | REM you may not use this file except in compliance with the License. 9 | REM You may obtain a copy of the License at 10 | REM 11 | REM http://www.apache.org/licenses/LICENSE-2.0 12 | REM 13 | REM Unless required by applicable law or agreed to in writing, software 14 | REM distributed under the License is distributed on an "AS IS" BASIS, 15 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | REM See the License for the specific language governing permissions and 17 | REM limitations under the License. 18 | REM 19 | 20 | REM call d2j_invoke.bat to setup java environment 21 | @"%~dp0d2j_invoke.bat" com.googlecode.d2j.jasmin.Jasmin2JarCmd %* 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-jasmin2jar.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | # call d2j_invoke.sh to setup java environment 36 | "$PRGDIR/d2j_invoke.sh" "com.googlecode.d2j.jasmin.Jasmin2JarCmd" "$@" 37 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-smali.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM 4 | REM dex2jar - Tools to work with android .dex and java .class files 5 | REM Copyright (c) 2009-2013 Panxiaobo 6 | REM 7 | REM Licensed under the Apache License, Version 2.0 (the "License"); 8 | REM you may not use this file except in compliance with the License. 9 | REM You may obtain a copy of the License at 10 | REM 11 | REM http://www.apache.org/licenses/LICENSE-2.0 12 | REM 13 | REM Unless required by applicable law or agreed to in writing, software 14 | REM distributed under the License is distributed on an "AS IS" BASIS, 15 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | REM See the License for the specific language governing permissions and 17 | REM limitations under the License. 18 | REM 19 | 20 | REM call d2j_invoke.bat to setup java environment 21 | @"%~dp0d2j_invoke.bat" com.googlecode.d2j.smali.SmaliCmd %* 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-smali.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | # call d2j_invoke.sh to setup java environment 36 | "$PRGDIR/d2j_invoke.sh" "com.googlecode.d2j.smali.SmaliCmd" "$@" 37 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-std-apk.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM 4 | REM dex2jar - Tools to work with android .dex and java .class files 5 | REM Copyright (c) 2009-2013 Panxiaobo 6 | REM 7 | REM Licensed under the Apache License, Version 2.0 (the "License"); 8 | REM you may not use this file except in compliance with the License. 9 | REM You may obtain a copy of the License at 10 | REM 11 | REM http://www.apache.org/licenses/LICENSE-2.0 12 | REM 13 | REM Unless required by applicable law or agreed to in writing, software 14 | REM distributed under the License is distributed on an "AS IS" BASIS, 15 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | REM See the License for the specific language governing permissions and 17 | REM limitations under the License. 18 | REM 19 | 20 | REM call d2j_invoke.bat to setup java environment 21 | @"%~dp0d2j_invoke.bat" com.googlecode.dex2jar.tools.StdApkCmd %* 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j-std-apk.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | # call d2j_invoke.sh to setup java environment 36 | "$PRGDIR/d2j_invoke.sh" "com.googlecode.dex2jar.tools.StdApkCmd" "$@" 37 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j_invoke.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | REM better invocation scripts for windows from lanchon, release in public domain. thanks! 3 | REM https://code.google.com/p/dex2jar/issues/detail?id=192 4 | 5 | setlocal enabledelayedexpansion 6 | 7 | set LIB=%~dp0lib 8 | 9 | set CP= 10 | for %%X in ("%LIB%"\*.jar) do ( 11 | set CP=!CP!%%X; 12 | ) 13 | 14 | java -Xms512m -Xmx1024m -cp "%CP%" %* 15 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j_invoke.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # dex2jar - Tools to work with android .dex and java .class files 5 | # Copyright (c) 2009-2013 Panxiaobo 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | # copy from $Tomcat/bin/startup.sh 21 | # resolve links - $0 may be a softlink 22 | PRG="$0" 23 | while [ -h "$PRG" ] ; do 24 | ls=`ls -ld "$PRG"` 25 | link=`expr "$ls" : '.*-> \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | PRGDIR=`dirname "$PRG"` 33 | # 34 | 35 | _classpath="." 36 | if [ `uname -a | grep -i -c cygwin` -ne 0 ]; then # Cygwin, translate the path 37 | for k in "$PRGDIR"/lib/*.jar 38 | do 39 | _classpath="${_classpath};`cygpath -w ${k}`" 40 | done 41 | else 42 | for k in "$PRGDIR"/lib/*.jar 43 | do 44 | _classpath="${_classpath}:${k}" 45 | done 46 | fi 47 | 48 | java -Xms512m -Xmx1024m -classpath "${_classpath}" "$@" 49 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/d2j2/d2j_invoke.tmp: -------------------------------------------------------------------------------- 1 | @echo off 2 | REM better invocation scripts for windows from lanchon, release in public domain. thanks! 3 | REM https://code.google.com/p/dex2jar/issues/detail?id=192 4 | 5 | setlocal enabledelayedexpansion 6 | 7 | set LIB=%~dp0lib 8 | 9 | set CP= 10 | for %%X in ("%LIB%"\*.jar) do ( 11 | set CP=!CP!%%X; 12 | ) 13 | 14 | "[xxx]" -Xms512m -Xmx1024m -cp "%CP%" %* 15 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/CONTRIBUTING.txt: -------------------------------------------------------------------------------- 1 | Want to contribute? Great! First, read this page (including the small print at the end). 2 | 3 | ### Before you contribute 4 | Before we can use your code, you must sign the 5 | [Google Individual Contributor License Agreement](https://developers.google.com/open-source/cla/individual?csw=1) 6 | (CLA), which you can do online. The CLA is necessary mainly because you own the 7 | copyright to your changes, even after your contribution becomes part of our 8 | codebase, so we need your permission to use and distribute your code. We also 9 | need to be sure of various other things—for instance that you'll tell us if you 10 | know that your code infringes on other people's patents. You don't have to sign 11 | the CLA until after you've submitted your code for review and a member has 12 | approved it, but you must do it before we can put your code into our codebase. 13 | Before you start working on a larger contribution, you should get in touch with 14 | us first through the issue tracker with your idea so that we can help out and 15 | possibly guide you. Coordinating up front makes it much easier to avoid 16 | frustration later on. 17 | 18 | ### Code reviews 19 | All submissions, including submissions by project members, require review. We 20 | use Github pull requests for this purpose. 21 | 22 | ### The small print 23 | Contributions made by corporations are covered by a different agreement than 24 | the one above, the Software Grant and Corporate Contributor License Agreement. -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM Copyright 2015 Google Inc. All Rights Reserved. 4 | REM 5 | REM Licensed under the Apache License, Version 2.0 (the "License"); 6 | REM you may not use this file except in compliance with the License. 7 | REM You may obtain a copy of the License at 8 | REM 9 | REM http://www.apache.org/licenses/LICENSE-2.0 10 | REM 11 | REM Unless required by applicable law or agreed to in writing, software 12 | REM distributed under the License is distributed on an "AS IS" BASIS, 13 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | REM See the License for the specific language governing permissions and 15 | REM limitations under the License. 16 | 17 | set PYTHONPATH=%~dp0 18 | python3 -O -m enjarify.main %* 19 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2015 Google Inc. All Rights Reserved. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | 18 | # Try to find a valid python3 command, preferring pypy if available 19 | function guess { 20 | if [ -z "$PYTHON" ]; then 21 | result=$($1 -c "print(range)" 2>/dev/null) 22 | if [ "$result" = "" ]; then 23 | PYTHON=$1 24 | fi 25 | fi 26 | } 27 | 28 | guess "pypy3" 29 | guess "python3" 30 | guess "pypy" 31 | guess "python" 32 | 33 | if [ -z "$PYTHON" ]; then 34 | echo "Unable to find python3 on path" 35 | else 36 | echo "Using $PYTHON as Python interpreter" 37 | 38 | # Find location of this bash script, and set its directory as the PYTHONPATH 39 | export PYTHONPATH=$(dirname "$(readlink "${BASH_SOURCE[0]}")") 40 | 41 | # Now execute the actual program 42 | exec $PYTHON -O -m enjarify.main "$@" 43 | fi 44 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify.tmp: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | REM Copyright 2015 Google Inc. All Rights Reserved. 4 | REM 5 | REM Licensed under the Apache License, Version 2.0 (the "License"); 6 | REM you may not use this file except in compliance with the License. 7 | REM You may obtain a copy of the License at 8 | REM 9 | REM http://www.apache.org/licenses/LICENSE-2.0 10 | REM 11 | REM Unless required by applicable law or agreed to in writing, software 12 | REM distributed under the License is distributed on an "AS IS" BASIS, 13 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | REM See the License for the specific language governing permissions and 15 | REM limitations under the License. 16 | 17 | set PYTHONPATH=%~dp0 18 | [xxx] -O -m enjarify.main %* 19 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/byteio.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | import struct 16 | 17 | from .util import signExtend 18 | 19 | class Reader: 20 | def __init__(self, data, pos=0): 21 | self.data = data 22 | self.pos = pos 23 | 24 | def read(self, size): 25 | if not 0 <= size <= len(self.data) - self.pos: 26 | raise IndexError 27 | result = self.data[self.pos: self.pos+size] 28 | self.pos += size 29 | return result 30 | 31 | def _unpack(self, fmt): 32 | fmt = struct.Struct(fmt) 33 | return fmt.unpack_from(self.read(fmt.size))[0] 34 | 35 | def u8(self): return self.read(1)[0] 36 | def u16(self): return self._unpack('> 7: 44 | result ^= (self.data[self.pos] & 0x7f) << size 45 | size += 7 46 | self.pos += 1 47 | result ^= (self.data[self.pos] & 0x7f) << size 48 | size += 7 49 | self.pos += 1 50 | 51 | if signed: 52 | result = signExtend(result, size) 53 | return result 54 | 55 | def uleb128(self): return self._leb128() 56 | def sleb128(self): return self._leb128(signed=True) 57 | 58 | # Maintain strings in binary encoding instead of attempting to decode them 59 | # since the output will be using the same encoding anyway 60 | def readCStr(self): 61 | oldpos, self.pos = self.pos, self.data.find(b'\0', self.pos) 62 | return self.data[oldpos:self.pos] 63 | 64 | class Writer: 65 | def __init__(self): 66 | self.buf = bytearray() 67 | 68 | def write(self, s): 69 | self.buf += s 70 | 71 | def _pack(self, fmt, arg): 72 | return self.write(struct.pack(fmt, arg)) 73 | 74 | def u8(self, x): return self.write(bytes([x])) 75 | def u16(self, x): return self._pack('>H', x) 76 | def u32(self, x): return self._pack('>I', x) 77 | def u64(self, x): return self._pack('>Q', x) 78 | 79 | def toBytes(self): 80 | return bytes(self.buf) 81 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/flags.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | ACC_PUBLIC = 0x1 16 | ACC_PRIVATE = 0x2 17 | ACC_PROTECTED = 0x4 18 | ACC_STATIC = 0x8 19 | ACC_FINAL = 0x10 20 | ACC_SYNCHRONIZED = 0x20 21 | ACC_VOLATILE = 0x40 22 | ACC_BRIDGE = 0x40 23 | ACC_TRANSIENT = 0x80 24 | ACC_VARARGS = 0x80 25 | ACC_NATIVE = 0x100 26 | ACC_INTERFACE = 0x200 27 | ACC_ABSTRACT = 0x400 28 | ACC_STRICT = 0x800 29 | ACC_SYNTHETIC = 0x1000 30 | ACC_ANNOTATION = 0x2000 31 | ACC_ENUM = 0x4000 32 | ACC_CONSTRUCTOR = 0x10000 33 | ACC_DECLARED_SYNCHRONIZED = 0x20000 34 | 35 | # Might as well include this for completeness even though modern JVMs ignore it 36 | ACC_SUPER = 0x20 37 | 38 | CLASS_FLAGS = ACC_PUBLIC | ACC_FINAL | ACC_SUPER | ACC_INTERFACE | ACC_ABSTRACT | ACC_SYNTHETIC | ACC_ANNOTATION | ACC_ENUM 39 | FIELD_FLAGS = ACC_PUBLIC | ACC_PRIVATE | ACC_PROTECTED | ACC_STATIC | ACC_FINAL | ACC_VOLATILE | ACC_TRANSIENT | ACC_SYNTHETIC | ACC_ENUM 40 | METHOD_FLAGS = ACC_PUBLIC | ACC_PRIVATE | ACC_PROTECTED | ACC_STATIC | ACC_FINAL | ACC_SYNCHRONIZED | ACC_BRIDGE | ACC_VARARGS | ACC_NATIVE | ACC_ABSTRACT | ACC_STRICT | ACC_SYNTHETIC 41 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/hashtests.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | import hashlib, os 16 | 17 | from .main import read, translate 18 | from .jvm.optimization import options 19 | 20 | # Hash outputs of all tests in order to easily detect changes between versions 21 | fullhash = b'' 22 | 23 | for i in range(1, 7): 24 | name = 'test{}'.format(i) 25 | print(name) 26 | dir = os.path.join('tests', name) 27 | rawdex = read(os.path.join(dir, 'classes.dex'), 'rb') 28 | 29 | for bits in range(256): 30 | opts = options.Options(*[bool(bits & (1 << b)) for b in range(8)]) 31 | classes, errors = translate(rawdex, opts=opts) 32 | assert(not errors) 33 | 34 | for cls in classes.values(): 35 | print('{:08b}'.format(bits), hashlib.sha256(cls).hexdigest()) 36 | fullhash = hashlib.sha256(fullhash + cls).digest() 37 | 38 | print('done!') 39 | print('Final hash:', hashlib.sha256(fullhash).hexdigest()) 40 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/arraytypes.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | from . import scalartypes as scalars 16 | 17 | # Array type inference - 18 | # For object arrays, we don't actually care which type of object it is, so we just 19 | # use a single value for them (INVALID) and assume all such values are an object 20 | # array of some type. For primative arrays, we just use the entire array descriptor 21 | # e.g. b'[[[C', except that bool arrays are treated as byte arrays. 22 | # For null we use a special marker object 23 | 24 | # These strings can't be valid descriptors so there's no conflict 25 | INVALID = b'INVALID' 26 | NULL = b'NULL' 27 | 28 | def merge(t1, t2): 29 | if t1 is NULL: 30 | return t2 31 | if t2 is NULL: 32 | return t1 33 | return t1 if (t1 == t2) else INVALID 34 | 35 | # intersect types 36 | def narrow(t1, t2): 37 | if t1 is INVALID: 38 | return t2 39 | if t2 is INVALID: 40 | return t1 41 | return t1 if (t1 == t2) else NULL 42 | 43 | def eletPair(t): 44 | assert(t is not NULL) 45 | if t is INVALID: 46 | return scalars.OBJ, t 47 | 48 | assert(t.startswith(b'[')) 49 | t = t[1:] 50 | return scalars.fromDesc(t), t 51 | 52 | def fromDesc(desc): 53 | if not desc.startswith(b'[') or desc.endswith(b';'): 54 | return INVALID 55 | return desc.replace(b'Z', b'B') # treat bool arrays as byte arrays 56 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/constants/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/error.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # e.g. too many registers in a method, too many constant pool entries, code too long 16 | class ClassfileLimitExceeded(Exception): pass 17 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/genmathops.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # Generate mathops.py, the lookup tables giving information about dalvik math operations by opcode 16 | if __name__ == "__main__": 17 | unary = 'ineg inot lneg lnot fneg dneg i2l i2f i2d l2i l2f l2d f2i f2l f2d d2i d2l d2f i2b i2c i2s' 18 | binary = 'iadd isub imul idiv irem iand ior ixor ishl ishr iushr ladd lsub lmul ldiv lrem land lor lxor lshl lshr lushr fadd fsub fmul fdiv frem dadd dsub dmul ddiv drem' 19 | binary = binary + ' ' + binary 20 | binlit = 'iadd isub imul idiv irem iand ior ixor ' 21 | binlit = binlit + binlit + 'ishl ishr iushr' 22 | stypes = dict(zip('ifldbcs', 'INT FLOAT LONG DOUBLE INT INT INT'.split())) 23 | 24 | print(''' 25 | # Copyright 2015 Google Inc. All Rights Reserved. 26 | # 27 | # Licensed under the Apache License, Version 2.0 (the "License"); 28 | # you may not use this file except in compliance with the License. 29 | # You may obtain a copy of the License at 30 | # 31 | # http://www.apache.org/licenses/LICENSE-2.0 32 | # 33 | # Unless required by applicable law or agreed to in writing, software 34 | # distributed under the License is distributed on an "AS IS" BASIS, 35 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 36 | # See the License for the specific language governing permissions and 37 | # limitations under the License. 38 | 39 | # Autogenerated by genmathops.py - do not edit''') 40 | print('from . import jvmops') 41 | print('from . import scalartypes as scalars') 42 | 43 | print('UNARY = {') 44 | for i, code in enumerate(unary.split()): 45 | code = code.replace('not','xor') 46 | if '2' in code: 47 | srct = stypes[code[0]] 48 | destt = stypes[code[2]] 49 | else: 50 | srct = destt = stypes[code[0]] 51 | print(' 0x{:02X}: (jvmops.{}, scalars.{}, scalars.{}),'.format(i + 0x7b, code.upper(), srct, destt)) 52 | print('}') 53 | 54 | print('BINARY = {') 55 | for i, code in enumerate(binary.split()): 56 | st = stypes[code[0]] 57 | # shift instructions have second arg an int even when operating on longs 58 | st2 = 'INT' if 'sh' in code else st 59 | print(' 0x{:02X}: (jvmops.{}, scalars.{}, scalars.{}),'.format(i + 0x90, code.upper(), st, st2)) 60 | print('}') 61 | 62 | print('BINARY_LIT = {') 63 | for i, code in enumerate(binlit.split()): 64 | print(' 0x{:02X}: jvmops.{},'.format(i + 0xd0, code.upper())) 65 | print('}') 66 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/optimization/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/optimization/consts.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | import collections 16 | 17 | from .. import scalartypes as scalars 18 | from .. import ir 19 | 20 | def allocateRequiredConstants(pool, long_irs): 21 | # see comments in writebytecode.finishCodeAttrs 22 | # We allocate the constants pretty much greedily. This is far from optimal, 23 | # but it shouldn't be a big deal since this code is almost never required 24 | # in the first place. In fact, there are no known real world classes that 25 | # even come close to exhausting the constant pool. 26 | 27 | # print('{} methods potentially too long'.format(len(long_irs))) 28 | # print(sorted([_ir.upper_bound for _ir in long_irs], reverse=True)) 29 | # for _ir in long_irs: 30 | # print(_ir.method.id.triple(), _ir.upper_bound) 31 | 32 | narrow_pairs = collections.Counter() 33 | wide_pairs = collections.Counter() 34 | alt_lens = {} 35 | for _ir in long_irs: 36 | for ins in _ir.flat_instructions: 37 | if isinstance(ins, ir.PrimConstant): 38 | key = ins.cpool_key() 39 | alt_lens[key] = len(ins.bytecode) 40 | if scalars.iswide(ins.st): 41 | if len(ins.bytecode) > 3: 42 | wide_pairs[key] += 1 43 | else: 44 | if len(ins.bytecode) > 2: 45 | narrow_pairs[key] += 1 46 | 47 | # see if already in the constant pool 48 | for x in pool.vals: 49 | del narrow_pairs[x] 50 | del wide_pairs[x] 51 | 52 | # if we have enough space for all required constants, preferentially allocate 53 | # most commonly used constants to first 255 slots 54 | if pool.space() >= len(narrow_pairs) + 2*len(wide_pairs) and pool.lowspace() > 0: 55 | # We can't use Counter.most_common here because it is nondeterminstic in 56 | # the case of ties. 57 | most_common = sorted(narrow_pairs, key=lambda p:(-narrow_pairs[p], p)) 58 | for key in most_common[:pool.lowspace()]: 59 | pool.insertDirectly(key, True) 60 | del narrow_pairs[key] 61 | 62 | scores = {} 63 | for p, count in narrow_pairs.items(): 64 | scores[p] = (alt_lens[p] - 3) * count 65 | for p, count in wide_pairs.items(): 66 | scores[p] = (alt_lens[p] - 3) * count 67 | 68 | # sort by score 69 | narrowq = sorted(narrow_pairs, key=lambda p:(scores[p], p)) 70 | wideq = sorted(wide_pairs, key=lambda p:(scores[p], p)) 71 | while pool.space() >= 1 and (narrowq or wideq): 72 | if not narrowq and pool.space() < 2: 73 | break 74 | 75 | wscore = sum(scores[p] for p in wideq[-1:]) 76 | nscore = sum(scores[p] for p in narrowq[-2:]) 77 | if pool.space() >= 2 and wscore > nscore and wscore > 0: 78 | pool.insertDirectly(wideq.pop(), False) 79 | elif nscore > 0: 80 | pool.insertDirectly(narrowq.pop(), True) 81 | else: 82 | break 83 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/optimization/jumps.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | import struct 16 | 17 | from .. import ir 18 | from ..jvmops import * 19 | 20 | def _calcMinimumPositions(instrs): 21 | posd = {} 22 | pos = 0 23 | for ins in instrs: 24 | posd[ins] = pos 25 | if isinstance(ins, ir.LazyJumpBase): 26 | pos += ins.min 27 | elif isinstance(ins, ir.Switch): 28 | pad = (-pos-1) % 4 29 | pos += pad + ins.nopad_size 30 | else: 31 | pos += len(ins.bytecode) 32 | return posd, pos 33 | 34 | def optimizeJumps(irdata): 35 | # For jump offsets of more than +-32767, a longer form of the jump instruction 36 | # is required. This function finds the optimal jump widths by optimistically 37 | # starting with everything narrow and then iteratively marking instructions 38 | # as wide if their offset is too large (in rare cases, this can in turn cause 39 | # other jumps to become wide, hence iterating until convergence) 40 | instrs = irdata.flat_instructions 41 | jump_instrs = [ins for ins in instrs if isinstance(ins, ir.LazyJumpBase)] 42 | 43 | while 1: 44 | done = True 45 | posd, _ = _calcMinimumPositions(instrs) 46 | 47 | for ins in jump_instrs: 48 | if ins.min < ins.max and ins.widenIfNecessary(irdata.labels, posd): 49 | done = False 50 | if done: 51 | break 52 | 53 | for ins in jump_instrs: 54 | assert(ins.min <= ins.max) 55 | ins.max = ins.min 56 | 57 | def createBytecode(irdata): 58 | instrs = irdata.flat_instructions 59 | posd, end_pos = _calcMinimumPositions(instrs) 60 | 61 | bytecode = bytearray() 62 | for ins in instrs: 63 | if isinstance(ins, (ir.LazyJumpBase, ir.Switch)): 64 | ins.calcBytecode(posd, irdata.labels) 65 | bytecode += ins.bytecode 66 | assert(len(bytecode) == end_pos) 67 | 68 | prev_instr_map = dict(zip(instrs[1:], instrs)) 69 | packed_excepts = [] 70 | for s, e, h, c in irdata.excepts: 71 | # There appears to be a bug in the JVM where in rare cases, it throws 72 | # the exception at the address of the instruction _before_ the instruction 73 | # that actually caused the exception, triggering the wrong handler 74 | # therefore we include the previous (IR) instruction too 75 | # Note that this cannot cause an overlap because in that case the previous 76 | # instruction would just be a label and hence not change anything 77 | s = prev_instr_map.get(s, s) 78 | 79 | s_off = posd[s] 80 | e_off = posd[e] 81 | h_off = posd[h] 82 | assert(s_off <= e_off) 83 | if s_off < e_off: 84 | packed_excepts.append(struct.pack('>HHHH', s_off, e_off, h_off, c)) 85 | else: 86 | print('Skipping zero width exception!') 87 | assert(0) 88 | 89 | return bytes(bytecode), packed_excepts 90 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/optimization/options.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | class Options: 16 | def __init__(self, inline_consts=False, prune_store_loads=False, 17 | copy_propagation=False, remove_unused_regs=False, dup2ize=False, 18 | sort_registers=False, split_pool=False, delay_consts=False): 19 | self.inline_consts = inline_consts 20 | self.prune_store_loads = prune_store_loads 21 | self.copy_propagation = copy_propagation 22 | self.remove_unused_regs = remove_unused_regs 23 | self.dup2ize = dup2ize 24 | self.sort_registers = sort_registers 25 | self.split_pool = split_pool 26 | self.delay_consts = delay_consts 27 | 28 | NONE = Options() 29 | # Options which make the generated code more readable for humans 30 | PRETTY = Options(inline_consts=True, prune_store_loads=True, copy_propagation=True, remove_unused_regs=True) 31 | ALL = Options(inline_consts=True, prune_store_loads=True, copy_propagation=True, remove_unused_regs=True, dup2ize=True, 32 | sort_registers=True, split_pool=True, delay_consts=True) 33 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/jvm/scalartypes.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # Primative type inference 16 | # In dalvik bytecode, constants are untyped, which effectively means a union type 17 | # They can be zero (int/float/null), narrow (int/float) or wide (long/double) 18 | 19 | INVALID = 0 20 | INT = 1 << 0 21 | FLOAT = 1 << 1 22 | OBJ = 1 << 2 23 | LONG = 1 << 3 24 | DOUBLE = 1 << 4 25 | 26 | ZERO = INT | FLOAT | OBJ 27 | C32 = INT | FLOAT 28 | C64 = LONG | DOUBLE 29 | ALL = ZERO | C64 30 | 31 | _descToScalar = dict(zip(map(ord, 'ZBCSIFJDL['), [INT, INT, INT, INT, INT, FLOAT, LONG, DOUBLE, OBJ, OBJ])) 32 | def fromDesc(desc): 33 | return _descToScalar[desc[0]] 34 | 35 | def iswide(st): 36 | return st & C64 37 | 38 | def paramTypes(method_id, static): 39 | temp = method_id.getSpacedParamTypes(static) 40 | return [(INVALID if desc is None else fromDesc(desc)) for desc in temp] 41 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/enjarify/mutf8.py: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # Unfortunately, there's no easy way to decode Modified UTF8 in Python, so we 16 | # have to write a custom decoder. This one is error tolerant and will decode 17 | # anything resembling mutf8. 18 | 19 | def _decode(b): 20 | # decode arbitrary utf8 codepoints, tolerating surrogate pairs, nonstandard encodings, etc. 21 | for x in b: 22 | if x < 128: 23 | yield x 24 | else: 25 | # figure out how many bytes 26 | extra = 0 27 | for i in range(6, 0, -1): 28 | if x & (1<= 1 << 15: 30 | val -= 1 << 16 31 | return val 32 | 33 | def s32(val): 34 | val %= 1 << 32 35 | if val >= 1 << 31: 36 | val -= 1 << 32 37 | return val 38 | 39 | def s64(val): 40 | val %= 1 << 64 41 | if val >= 1 << 63: 42 | val -= 1 << 64 43 | return val 44 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/stubs/src/Main.java: -------------------------------------------------------------------------------- 1 | // Copyright 2015 Google Inc. All Rights Reserved. 2 | 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | public class Main { 16 | private android.util.Log a; 17 | private android.os.Bundle b; 18 | private android.app.Activity c; 19 | 20 | public static void main(String[] args) { 21 | try{ 22 | Class c = Class.forName(args[0]); 23 | java.lang.reflect.Constructor ctr = c.getDeclaredConstructor(); 24 | Object o = ctr.newInstance(); 25 | 26 | java.lang.reflect.Method m = c.getDeclaredMethod("onCreate", android.os.Bundle.class); 27 | m.invoke(o, (Object)null); 28 | } catch (Throwable t) { 29 | t.printStackTrace(); 30 | } 31 | } 32 | } -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/stubs/src/android/app/Activity.java: -------------------------------------------------------------------------------- 1 | // Copyright 2015 Google Inc. All Rights Reserved. 2 | 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package android.app; 16 | 17 | public class Activity { 18 | public void onCreate(android.os.Bundle b) {} 19 | 20 | 21 | private android.util.Log a; 22 | } -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/stubs/src/android/os/Bundle.java: -------------------------------------------------------------------------------- 1 | // Copyright 2015 Google Inc. All Rights Reserved. 2 | 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package android.os; 16 | 17 | public class Bundle { 18 | } -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/stubs/src/android/util/Log.java: -------------------------------------------------------------------------------- 1 | // Copyright 2015 Google Inc. All Rights Reserved. 2 | 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package android.util; 16 | 17 | public class Log { 18 | static public int e(String tag, String msg) { 19 | System.out.println(msg); 20 | return 0; 21 | } 22 | } -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/stubs/stubs.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/enjarify/tests/stubs/stubs.zip -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test1/classes.dex: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/enjarify/tests/test1/classes.dex -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test1/expected.txt: -------------------------------------------------------------------------------- 1 | 123456789abcdef 2 | 0x1.3456789abcdefp-1005 3 | NaN 4 | fff1000000000000 5 | 3f800000 6 | 40000000 7 | 40400000 8 | 436a4ccd 9 | 7fc00000 10 | 7f800000 11 | ff800000 12 | 0 13 | 0 14 | 0 15 | 80000000 16 | 0 17 | 3fe00000 18 | fe362a00 19 | 43b7979c 20 | 0 21 | 1 22 | 2 23 | 3 24 | 4 25 | 5 26 | 6 27 | ffffffff 28 | fffffffe 29 | fffffffd 30 | ffff 31 | ffaa 32 | ffff0001 33 | 80 34 | ffffff80 35 | 7fffffff 36 | deadbeef 37 | 2a 38 | 539 39 | 0 40 | 0 41 | 0 42 | 0x1.0p0 43 | 0x1.0p1 44 | 0x1.8p1 45 | 0x1.d4999ap7 46 | NaN 47 | Infinity 48 | -Infinity 49 | 0x0.0p0 50 | 0x0.0p0 51 | 0x0.0p0 52 | -0x0.0p0 53 | 0x0.0p0 54 | 0x1.cp0 55 | -0x1.6c54p125 56 | 0x1.6f2f38p8 57 | 0x0.0p0 58 | 0x0.000002p-126 59 | 0x0.000004p-126 60 | 0x0.000006p-126 61 | 0x0.000008p-126 62 | 0x0.00000ap-126 63 | 0x0.00000cp-126 64 | NaN 65 | NaN 66 | NaN 67 | 0x0.01fffep-126 68 | 0x0.01ff54p-126 69 | NaN 70 | 0x0.0001p-126 71 | NaN 72 | NaN 73 | -0x1.5b7ddep62 74 | 0x0.000054p-126 75 | 0x0.000a72p-126 76 | 0x0.0p0 77 | 0x0.0p0 78 | 0x0.0p0 79 | 0x0.0p0 -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test2/classes.dex: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/enjarify/tests/test2/classes.dex -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test2/expected.txt: -------------------------------------------------------------------------------- 1 | testConsts 2 | Hello, World! 3 | 0x0.0p0 4 | null 5 | 0x0.0p0 6 | ffff8000 7 | NaN 8 | NaN 9 | c203126f 10 | -0x1.0624dep5 11 | -0x1.0624dep5 12 | 0 13 | 0x0.0p0 14 | 0x0.0p0 15 | NaN 16 | ffff8000 17 | 0x1.0p0 18 | -0x1.0624dep5 19 | c203126f 20 | 0x0.0p0 21 | 0x0.0p0 22 | 0 23 | 0x1.fcp6 24 | testFields 25 | 0x0.0p0 26 | 0 27 | Code 28 | null 29 | 22b 30 | 1 31 | 20 32 | NaN 33 | 40815c70a3d70a3d 34 | 0x0.0p0 35 | testFillArray 36 | [100, 101, 102, 103, 32767] 37 | [-1073709056, -32768, -1073709056, -32768, -1073709056] 38 | null -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test2/smali/a/util.smali: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | .class public Lutil; 15 | .super Ljava/lang/Object; 16 | 17 | .method public constructor ()V 18 | .locals 0 19 | invoke-direct {p0}, Ljava/lang/Object;->()V 20 | return-void 21 | .end method 22 | 23 | .method public static print(Ljava/lang/String;)V 24 | .locals 1 25 | const-string v0, "minimalFOO" 26 | invoke-static {v0, p0}, Landroid/util/Log;->e(Ljava/lang/String;Ljava/lang/String;)I 27 | return-void 28 | .end method 29 | 30 | .method public static print(I)V 31 | .locals 1 32 | 33 | invoke-static {p0}, Ljava/lang/Integer;->toHexString(I)Ljava/lang/String; 34 | move-result-object v0 35 | 36 | invoke-static {v0}, Lutil;->print(Ljava/lang/String;)V 37 | return-void 38 | .end method 39 | 40 | .method public static print(F)V 41 | .locals 1 42 | 43 | invoke-static {p0}, Ljava/lang/Float;->toHexString(F)Ljava/lang/String; 44 | move-result-object v0 45 | 46 | invoke-static {v0}, Lutil;->print(Ljava/lang/String;)V 47 | return-void 48 | .end method 49 | 50 | .method public static print(J)V 51 | .locals 1 52 | 53 | invoke-static {p0, p1}, Ljava/lang/Long;->toHexString(J)Ljava/lang/String; 54 | move-result-object v0 55 | 56 | invoke-static {v0}, Lutil;->print(Ljava/lang/String;)V 57 | return-void 58 | .end method 59 | 60 | .method public static print(D)V 61 | .locals 1 62 | 63 | invoke-static {p0, p1}, Ljava/lang/Double;->toHexString(D)Ljava/lang/String; 64 | move-result-object v0 65 | 66 | invoke-static {v0}, Lutil;->print(Ljava/lang/String;)V 67 | return-void 68 | .end method 69 | 70 | .method public static print(Ljava/lang/Object;)V 71 | .locals 13 72 | 73 | instance-of v0, p0, [I 74 | if-eqz v0, :else1 75 | invoke-static {p0}, Ljava/util/Arrays;->toString([I)Ljava/lang/String; 76 | move-result-object v0 77 | goto :end 78 | 79 | :else1 80 | # invoke-virtual {p0}, Ljava/lang/Object;->toString()Ljava/lang/String; 81 | invoke-static {p0}, Ljava/lang/String;->valueOf(Ljava/lang/Object;)Ljava/lang/String; 82 | move-result-object v0 83 | 84 | :end 85 | invoke-static {v0}, Lutil;->print(Ljava/lang/String;)V 86 | return-void 87 | .end method -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test3/classes.dex: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/enjarify/tests/test3/classes.dex -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test4/classes.dex: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/enjarify/tests/test4/classes.dex -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test5/classes.dex: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/enjarify/tests/test5/classes.dex -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test5/smali/a/_.smali: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | .class interface public L_; 15 | .super Ljava/lang/Object; 16 | 17 | .method abstract public testMovesSub(IDCJF)V 18 | .end method 19 | 20 | # Java requires all interface methods to be implemented but Android doesn't 21 | #.method abstract public notImplemented()V 22 | #.end method 23 | 24 | .method abstract public toString()Ljava/lang/String; 25 | .end method -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test6/classes.dex: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/enjarify/tests/test6/classes.dex -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test6/smali/a/_.smali: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | .class interface public L_; 15 | .super Ljava/lang/Object; 16 | 17 | .method abstract public testMovesSub(IDCJF)V 18 | .end method 19 | 20 | # Java requires all interface methods to be implemented but Android doesn't 21 | #.method abstract public notImplemented()V 22 | #.end method 23 | 24 | .method abstract public toString()Ljava/lang/String; 25 | .end method -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test6/smali/ffi.smali: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | .class public Lffi; 15 | .super Lffi; 16 | 17 | .method public constructor ()V 18 | .locals 0 19 | invoke-direct {p0}, Lffi;->()V 20 | return-void 21 | .end method 22 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test6/smali/finaltarget.smali: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | .class public final Lfinal; 15 | .super LFinal; 16 | 17 | .field public x:I 18 | #.field private x:I 19 | 20 | .method public constructor ()V 21 | .locals 1 22 | const-string v0, "final ()V" 23 | invoke-static {v0}, LL/util;->print(Ljava/lang/Object;)V 24 | 25 | 26 | 27 | invoke-direct {p0}, LFinal;->()V 28 | 29 | const v0, 10 30 | iput v0, p0, Lfinal;->x:I 31 | 32 | const v0, 0 33 | invoke-virtual {p0, v0}, LFinal;->init-cb(I)I 34 | return-void 35 | .end method 36 | 37 | .method public constructor (I)V 38 | .locals 1 39 | const-string v0, "final (I)V" 40 | invoke-static {v0}, LL/util;->print(Ljava/lang/Object;)V 41 | 42 | const v0, 170 43 | iput v0, p0, Lfinal;->x:I 44 | #iget v0, p0, Lfinal;->x:I 45 | 46 | invoke-direct {p0, p1}, LFinal;->(I)V 47 | 48 | iget v0, p0, LFinal;->x:I 49 | 50 | const v0, 210 51 | iput v0, p0, Lfinal;->x:I 52 | 53 | const v0, 0 54 | invoke-virtual {p0, v0}, LFinal;->init-cb(I)I 55 | return-void 56 | .end method 57 | 58 | .method public init-cb(I)I 59 | .locals 1 60 | iget v0, p0, Lfinal;->x:I 61 | xor-int/2addr v0, p1 62 | invoke-static {v0}, LL/util;->print(I)V 63 | 64 | return p1 65 | .end method -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test6/smali/notfinal.smali: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | .class abstract public LFinal; 15 | .super L-2; 16 | 17 | .field public x:I 18 | 19 | .method public constructor ()V 20 | .locals 1 21 | const-string v0, "Final ()V" 22 | invoke-static {v0}, LL/util;->print(Ljava/lang/Object;)V 23 | 24 | 25 | #iget v0, p0, LFinal;->x:I 26 | #invoke-static {v0}, LL/util;->print(I)V 27 | 28 | 29 | invoke-direct {p0}, L-2;->()V 30 | const v0, -1 31 | invoke-virtual {p0, v0}, LFinal;->init-cb(I)I 32 | return-void 33 | .end method 34 | 35 | .method public constructor (I)V 36 | .locals 1 37 | const-string v0, "Final (I)V" 38 | invoke-static {v0}, LL/util;->print(Ljava/lang/Object;)V 39 | 40 | #iget v0, p0, LFinal;->x:I 41 | #invoke-static {v0}, LL/util;->print(I)V 42 | 43 | 44 | 45 | invoke-direct {p0}, L-2;->()V 46 | invoke-virtual {p0, p1}, LFinal;->init-cb(I)I 47 | return-void 48 | .end method 49 | 50 | .method abstract public init-cb(I)I 51 | .end method 52 | -------------------------------------------------------------------------------- /StaticAnalyzer/tools/enjarify/tests/test6/smali/uniA.smali: -------------------------------------------------------------------------------- 1 | # Copyright 2015 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | .class public Lffi; 15 | .super Ljava/util/Stack; 16 | 17 | .method public constructor ()V 18 | .locals 0 19 | invoke-direct {p0}, Ljava/util/Stack;->()V 20 | return-void 21 | .end method 22 | 23 | .method public size()F 24 | .locals 0 25 | invoke-super {p0}, Ljava/util/Stack;->size()I 26 | move-result p0 27 | int-to-float p0, p0 28 | return p0 29 | .end method -------------------------------------------------------------------------------- /StaticAnalyzer/tools/jd-core.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/jd-core.jar -------------------------------------------------------------------------------- /StaticAnalyzer/tools/mac/class-dump-z: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/mac/class-dump-z -------------------------------------------------------------------------------- /StaticAnalyzer/tools/procyon-decompiler-0.5.30.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/procyon-decompiler-0.5.30.jar -------------------------------------------------------------------------------- /StaticAnalyzer/tools/strings_from_apk.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/StaticAnalyzer/tools/strings_from_apk.jar -------------------------------------------------------------------------------- /clean.sh: -------------------------------------------------------------------------------- 1 | echo 2 | echo "=======================MobSF Clean Script=======================" 3 | echo "Running this script will delete the Scan database, all files uploaded and generated." 4 | read -p "Are you sure? " -n 1 -r 5 | echo 6 | if [[ $REPLY =~ ^[Yy]$ ]] 7 | then 8 | echo "Deleting all Uploads" 9 | rm -rf uploads/* 10 | echo "Deleting all Downloads" 11 | rm -rf downloads/* 12 | echo "Deleting temp and log files" 13 | rm -rf logs/* 14 | rm -rf classes-error.zip 15 | echo "Deleting DB" 16 | rm -rf db.sqlite3 17 | echo "Deleting Secret File" 18 | rm -rf secret 19 | echo "Done" 20 | fi -------------------------------------------------------------------------------- /manage.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import os 3 | import sys 4 | 5 | if __name__ == "__main__": 6 | os.environ.setdefault("DJANGO_SETTINGS_MODULE", "MobSF.settings") 7 | 8 | from django.core.management import execute_from_command_line 9 | 10 | execute_from_command_line(sys.argv) 11 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | Django==1.8 2 | pyOpenSSL==0.15 3 | tornado==4.1 4 | xhtml2pdf==0.0.6 5 | psutil==4.2.0 6 | -------------------------------------------------------------------------------- /static/bootstrap/fonts/glyphicons-halflings-regular.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/bootstrap/fonts/glyphicons-halflings-regular.eot -------------------------------------------------------------------------------- /static/bootstrap/fonts/glyphicons-halflings-regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/bootstrap/fonts/glyphicons-halflings-regular.ttf -------------------------------------------------------------------------------- /static/bootstrap/fonts/glyphicons-halflings-regular.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/bootstrap/fonts/glyphicons-halflings-regular.woff -------------------------------------------------------------------------------- /static/bootstrap/fonts/glyphicons-halflings-regular.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/bootstrap/fonts/glyphicons-halflings-regular.woff2 -------------------------------------------------------------------------------- /static/bootstrap/js/npm.js: -------------------------------------------------------------------------------- 1 | // This file is autogenerated via the `commonjs` Grunt task. You can require() this file in a CommonJS environment. 2 | require('../../js/transition.js') 3 | require('../../js/alert.js') 4 | require('../../js/button.js') 5 | require('../../js/carousel.js') 6 | require('../../js/collapse.js') 7 | require('../../js/dropdown.js') 8 | require('../../js/modal.js') 9 | require('../../js/tooltip.js') 10 | require('../../js/popover.js') 11 | require('../../js/scrollspy.js') 12 | require('../../js/tab.js') 13 | require('../../js/affix.js') -------------------------------------------------------------------------------- /static/css/cover.css: -------------------------------------------------------------------------------- 1 | /* 2 | * Globals 3 | */ 4 | 5 | /* Links */ 6 | a, 7 | a:focus, 8 | a:hover { 9 | color: #fff; 10 | } 11 | 12 | /* Custom default button */ 13 | .btn-default, 14 | .btn-default:hover, 15 | .btn-default:focus { 16 | color: #333; 17 | text-shadow: none; /* Prevent inheritence from `body` */ 18 | background-color: #fff; 19 | border: 1px solid #fff; 20 | } 21 | 22 | 23 | /* 24 | * Base structure 25 | */ 26 | 27 | html, 28 | body { 29 | height: 100%; 30 | background-color: #1D9DCE; 31 | } 32 | body { 33 | color: #fff; 34 | text-align: center; 35 | text-shadow: 0 1px 3px rgba(0,0,0,.5); 36 | } 37 | 38 | /* Extra markup and styles for table-esque vertical and horizontal centering */ 39 | .site-wrapper { 40 | display: table; 41 | width: 100%; 42 | height: 100%; /* For at least Firefox */ 43 | min-height: 100%; 44 | -webkit-box-shadow: inset 0 0 100px rgba(0,0,0,.5); 45 | box-shadow: inset 0 0 100px rgba(0,0,0,.5); 46 | } 47 | .site-wrapper-inner { 48 | display: table-cell; 49 | vertical-align: top; 50 | } 51 | .cover-container { 52 | margin-right: auto; 53 | margin-left: auto; 54 | } 55 | 56 | /* Padding for spacing */ 57 | .inner { 58 | padding: 30px; 59 | } 60 | 61 | 62 | /* 63 | * Header 64 | */ 65 | .masthead-brand { 66 | margin-top: 10px; 67 | margin-bottom: 10px; 68 | } 69 | 70 | .masthead-nav > li { 71 | display: inline-block; 72 | } 73 | .masthead-nav > li + li { 74 | margin-left: 20px; 75 | } 76 | .masthead-nav > li > a { 77 | padding-right: 0; 78 | padding-left: 0; 79 | font-size: 16px; 80 | font-weight: bold; 81 | color: #fff; /* IE8 proofing */ 82 | color: rgba(255,255,255,.95); 83 | border-bottom: 2px solid transparent; 84 | } 85 | .masthead-nav > li > a:hover, 86 | .masthead-nav > li > a:focus { 87 | background-color: transparent; 88 | border-bottom-color: #a9a9a9; 89 | border-bottom-color: rgba(255,255,255,.25); 90 | } 91 | .masthead-nav > .active > a, 92 | .masthead-nav > .active > a:hover, 93 | .masthead-nav > .active > a:focus { 94 | color: #fff; 95 | border-bottom-color: #fff; 96 | } 97 | 98 | @media (min-width: 768px) { 99 | .masthead-brand { 100 | float: left; 101 | } 102 | .masthead-nav { 103 | float: right; 104 | } 105 | } 106 | 107 | 108 | /* 109 | * Cover 110 | */ 111 | 112 | .cover { 113 | padding: 0 20px; 114 | } 115 | .cover .btn-lg { 116 | padding: 10px 20px; 117 | font-weight: bold; 118 | } 119 | 120 | 121 | /* 122 | * Footer 123 | */ 124 | 125 | .mastfoot { 126 | color: #999; /* IE8 proofing */ 127 | color: rgba(255,255,255,.86); 128 | } 129 | 130 | 131 | /* 132 | * Affix and center 133 | */ 134 | 135 | @media (min-width: 768px) { 136 | /* Pull out the header and footer */ 137 | .masthead { 138 | position: fixed; 139 | top: 0; 140 | } 141 | .mastfoot { 142 | position: fixed; 143 | bottom: 0; 144 | } 145 | /* Start the vertical centering */ 146 | .site-wrapper-inner { 147 | vertical-align: middle; 148 | } 149 | /* Handle the widths */ 150 | .masthead, 151 | .mastfoot, 152 | .cover-container { 153 | width: 100%; /* Must be percentage or pixels for horizontal alignment */ 154 | } 155 | } 156 | 157 | @media (min-width: 992px) { 158 | .masthead, 159 | .mastfoot, 160 | .cover-container { 161 | width: 700px; 162 | } 163 | } 164 | div.file_res { 165 | width: 600px; 166 | padding-left: 30px; 167 | position: relative; 168 | } 169 | 170 | .fileUpload { 171 | position: relative; 172 | overflow: hidden; 173 | margin: 10px; 174 | 175 | } 176 | .fileUpload input { 177 | position: absolute; 178 | top: 0; 179 | right: 0; 180 | margin: 0; 181 | padding: 0; 182 | font-size: 20px; 183 | cursor: pointer; 184 | opacity: 0; 185 | filter: alpha(opacity=0); 186 | } -------------------------------------------------------------------------------- /static/css/dashboard.css: -------------------------------------------------------------------------------- 1 | /* 2 | * Base structure 3 | */ 4 | 5 | /* Move down content because we have a fixed navbar that is 50px tall */ 6 | body { 7 | padding-top: 50px; 8 | } 9 | 10 | 11 | /* 12 | * Global add-ons 13 | */ 14 | 15 | .sub-header { 16 | padding-bottom: 10px; 17 | border-bottom: 1px solid #eee; 18 | } 19 | 20 | /* 21 | * Top navigation 22 | * Hide default border to remove 1px line. 23 | */ 24 | .navbar-fixed-top { 25 | border: 0; 26 | } 27 | 28 | /* 29 | * Sidebar 30 | */ 31 | 32 | /* Hide for mobile, show later */ 33 | .sidebar { 34 | display: none; 35 | } 36 | @media (min-width: 768px) { 37 | .sidebar { 38 | position: fixed; 39 | top: 51px; 40 | bottom: 0; 41 | left: 0; 42 | z-index: 1000; 43 | display: block; 44 | padding: 20px; 45 | overflow-x: hidden; 46 | overflow-y: auto; /* Scrollable contents if viewport is shorter than content. */ 47 | background-color: #f5f5f5; 48 | border-right: 1px solid #eee; 49 | } 50 | } 51 | 52 | /* Sidebar navigation */ 53 | .nav-sidebar { 54 | margin-right: -21px; /* 20px padding + 1px border */ 55 | margin-bottom: 20px; 56 | margin-left: -20px; 57 | } 58 | .nav-sidebar > li > a { 59 | padding-right: 20px; 60 | padding-left: 20px; 61 | } 62 | .nav-sidebar > .active > a, 63 | .nav-sidebar > .active > a:hover, 64 | .nav-sidebar > .active > a:focus { 65 | color: #fff; 66 | background-color: #428bca; 67 | } 68 | 69 | 70 | /* 71 | * Main content 72 | */ 73 | 74 | .main { 75 | padding: 20px; 76 | } 77 | @media (min-width: 768px) { 78 | .main { 79 | padding-right: 40px; 80 | padding-left: 40px; 81 | } 82 | } 83 | .main .page-header { 84 | margin-top: 0; 85 | } 86 | 87 | 88 | /* 89 | * Placeholder dashboard ideas 90 | */ 91 | 92 | .placeholders { 93 | margin-bottom: 30px; 94 | text-align: center; 95 | } 96 | .placeholders h4 { 97 | margin-bottom: 0; 98 | } 99 | .placeholder { 100 | margin-bottom: 20px; 101 | } 102 | .placeholder img { 103 | display: inline-block; 104 | border-radius: 50%; 105 | } 106 | -------------------------------------------------------------------------------- /static/css/progress-polyfill.css: -------------------------------------------------------------------------------- 1 | progress[role] { 2 | display: inline-block; 3 | position: relative; 4 | width: 10em; 5 | height: 1em; 6 | vertical-align: -.2em; 7 | background-image: url('data:image/gif;base64,R0lGODlhIAAQAIAAAP///////yH/C05FVFNDQVBFMi4wAwEAAAAh+QQJBwABACwAAAAAIAAQAAACLISPF8vtkWJ8lMlrasVXb554FBiKDomYJ5qpFgu4LysvcFzfNQTvet4D0hgFACH5BAkHAAEALAAAAAAgABAAAAIshH+hyx0Io3F0yTsrxVdvHnkOGIoMCZknmqgWC7gvKytwXN/1A+963gPSKAUAIfkECQcAAQAsAAAAACAAEAAAAi2EHanLcQ9hmyraR+ndee7bNZ8VMmNULqeUJivWOi8Sz3RrA7E77/LrswV7oQIAIfkECQcAAQAsAAAAACAAEAAAAixEjqkB7Q/bmijaR+ndee7bLZ8VKmNUJieUVqvTHi8cz1Jtx0yOz7pt6L10BQAh+QQJBwABACwAAAAAIAAQAAACLIyPB8vtkGJ8lMlrasVXb554FBiKDomYJ5qpFhu4LysvcFzfNQTvet4D0hgFACH5BAkHAAEALAAAAAAgABAAAAIsjH+gyw0Io3F0yTsrxVdvHnkOGIoMCZknmqgWG7gvKytwXN/1A+963gPSKAUAIfkECQcAAQAsAAAAACAAEAAAAi2MDanLcA9hmyraR+ndee7bNZ8VMmNULqeUJivWOi8Sz3RrB7E77/LrswV7oQIAIfkEAQcAAQAsAAAAACAAEAAAAiwMjqkQ7Q/bmijaR+ndee7bLZ8VKmNUJieUVqvTHi8cz1Jtx0yOz7pt6L10BQA7'); 8 | 9 | -moz-box-sizing: border-box; 10 | box-sizing: border-box; 11 | } 12 | 13 | progress[role], 14 | progress[aria-valuenow]:before { 15 | background-color: #5af; 16 | } 17 | 18 | progress[role], 19 | progress[role]:after { 20 | background-repeat:repeat-x; 21 | background-position: 0 0; 22 | -moz-background-size: auto 100%; 23 | -webkit-background-size: auto 100%; 24 | background-size: auto 100%; 25 | } 26 | 27 | /* Determinate only overrides */ 28 | progress[aria-valuenow] { 29 | background: #eee; 30 | } 31 | 32 | progress[aria-valuenow]:before { 33 | content: ""; 34 | display: block; 35 | height: 100%; 36 | } 37 | 38 | /* Overlay */ 39 | progress[role]:after { 40 | content: ""; 41 | position: absolute; 42 | top: 0; 43 | right: 0; 44 | bottom: 0; 45 | left: 0; 46 | background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAAQBAMAAAAlsQiEAAAABGdBTUEAALGPC/xhBQAAAC1QTFRF////////gYGA+/v7////3NzcQUFCkZGQWFlZAAAAAAAA////WFhY////r6+w5vktvgAAAA90Uk5TZB4sW3ZODgMEJgBVHDY+cmAeZAAAACZJREFUeNpjmMBQwHCBAQQMGAIYHjAoMBxgSGBoYFjAIMCwgcEBAGgwBpG64ZoMAAAAAElFTkSuQmCC'); 47 | } 48 | -------------------------------------------------------------------------------- /static/dash/css/skins/skin-black-light.min.css: -------------------------------------------------------------------------------- 1 | .skin-black-light .main-header{-webkit-box-shadow:0 1px 1px rgba(0,0,0,0.05);box-shadow:0 1px 1px rgba(0,0,0,0.05)}.skin-black-light .main-header .navbar-toggle{color:#333}.skin-black-light .main-header .navbar-brand{color:#333;border-right:1px solid #eee}.skin-black-light .main-header>.navbar{background-color:#fff}.skin-black-light .main-header>.navbar .nav>li>a{color:#333}.skin-black-light .main-header>.navbar .nav>li>a:hover,.skin-black-light .main-header>.navbar .nav>li>a:active,.skin-black-light .main-header>.navbar .nav>li>a:focus,.skin-black-light .main-header>.navbar .nav .open>a,.skin-black-light .main-header>.navbar .nav .open>a:hover,.skin-black-light .main-header>.navbar .nav .open>a:focus,.skin-black-light .main-header>.navbar .nav>.active>a{background:#fff;color:#999}.skin-black-light .main-header>.navbar .sidebar-toggle{color:#333}.skin-black-light .main-header>.navbar .sidebar-toggle:hover{color:#999;background:#fff}.skin-black-light .main-header>.navbar>.sidebar-toggle{color:#333;border-right:1px solid #eee}.skin-black-light .main-header>.navbar .navbar-nav>li>a{border-right:1px solid #eee}.skin-black-light .main-header>.navbar .navbar-custom-menu .navbar-nav>li>a,.skin-black-light .main-header>.navbar .navbar-right>li>a{border-left:1px solid #eee;border-right-width:0}.skin-black-light .main-header>.logo{background-color:#fff;color:#333;border-bottom:0 solid transparent;border-right:1px solid #eee}.skin-black-light .main-header>.logo:hover{background-color:#fcfcfc}@media (max-width:767px){.skin-black-light .main-header>.logo{background-color:#222;color:#fff;border-bottom:0 solid transparent;border-right:none}.skin-black-light .main-header>.logo:hover{background-color:#1f1f1f}}.skin-black-light .main-header li.user-header{background-color:#222}.skin-black-light .content-header{background:transparent;box-shadow:none}.skin-black-light .wrapper,.skin-black-light .main-sidebar,.skin-black-light .left-side{background-color:#f9fafc}.skin-black-light .content-wrapper,.skin-black-light .main-footer{border-left:1px solid #d2d6de}.skin-black-light .user-panel>.info,.skin-black-light .user-panel>.info>a{color:#444}.skin-black-light .sidebar-menu>li{-webkit-transition:border-left-color .3s ease;-o-transition:border-left-color .3s ease;transition:border-left-color .3s ease}.skin-black-light .sidebar-menu>li.header{color:#848484;background:#f9fafc}.skin-black-light .sidebar-menu>li>a{border-left:3px solid transparent;font-weight:600}.skin-black-light .sidebar-menu>li:hover>a,.skin-black-light .sidebar-menu>li.active>a{color:#000;background:#f4f4f5}.skin-black-light .sidebar-menu>li.active{border-left-color:#fff}.skin-black-light .sidebar-menu>li.active>a{font-weight:600}.skin-black-light .sidebar-menu>li>.treeview-menu{background:#f4f4f5}.skin-black-light .sidebar a{color:#444}.skin-black-light .sidebar a:hover{text-decoration:none}.skin-black-light .treeview-menu>li>a{color:#777}.skin-black-light .treeview-menu>li.active>a,.skin-black-light .treeview-menu>li>a:hover{color:#000}.skin-black-light .treeview-menu>li.active>a{font-weight:600}.skin-black-light .sidebar-form{border-radius:3px;border:1px solid #d2d6de;margin:10px 10px}.skin-black-light .sidebar-form input[type="text"],.skin-black-light .sidebar-form .btn{box-shadow:none;background-color:#fff;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-black-light .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-black-light .sidebar-form input[type="text"]:focus,.skin-black-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-black-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-black-light .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0}@media (min-width:768px){.skin-black-light.sidebar-mini.sidebar-collapse .sidebar-menu>li>.treeview-menu{border-left:1px solid #d2d6de}} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-black.min.css: -------------------------------------------------------------------------------- 1 | .skin-black .main-header{-webkit-box-shadow:0 1px 1px rgba(0,0,0,0.05);box-shadow:0 1px 1px rgba(0,0,0,0.05)}.skin-black .main-header .navbar-toggle{color:#333}.skin-black .main-header .navbar-brand{color:#333;border-right:1px solid #eee}.skin-black .main-header>.navbar{background-color:#fff}.skin-black .main-header>.navbar .nav>li>a{color:#333}.skin-black .main-header>.navbar .nav>li>a:hover,.skin-black .main-header>.navbar .nav>li>a:active,.skin-black .main-header>.navbar .nav>li>a:focus,.skin-black .main-header>.navbar .nav .open>a,.skin-black .main-header>.navbar .nav .open>a:hover,.skin-black .main-header>.navbar .nav .open>a:focus,.skin-black .main-header>.navbar .nav>.active>a{background:#fff;color:#999}.skin-black .main-header>.navbar .sidebar-toggle{color:#333}.skin-black .main-header>.navbar .sidebar-toggle:hover{color:#999;background:#fff}.skin-black .main-header>.navbar>.sidebar-toggle{color:#333;border-right:1px solid #eee}.skin-black .main-header>.navbar .navbar-nav>li>a{border-right:1px solid #eee}.skin-black .main-header>.navbar .navbar-custom-menu .navbar-nav>li>a,.skin-black .main-header>.navbar .navbar-right>li>a{border-left:1px solid #eee;border-right-width:0}.skin-black .main-header>.logo{background-color:#fff;color:#333;border-bottom:0 solid transparent;border-right:1px solid #eee}.skin-black .main-header>.logo:hover{background-color:#fcfcfc}@media (max-width:767px){.skin-black .main-header>.logo{background-color:#222;color:#fff;border-bottom:0 solid transparent;border-right:none}.skin-black .main-header>.logo:hover{background-color:#1f1f1f}}.skin-black .main-header li.user-header{background-color:#222}.skin-black .content-header{background:transparent;box-shadow:none}.skin-black .wrapper,.skin-black .main-sidebar,.skin-black .left-side{background-color:#222d32}.skin-black .user-panel>.info,.skin-black .user-panel>.info>a{color:#fff}.skin-black .sidebar-menu>li.header{color:#4b646f;background:#1a2226}.skin-black .sidebar-menu>li>a{border-left:3px solid transparent}.skin-black .sidebar-menu>li:hover>a,.skin-black .sidebar-menu>li.active>a{color:#fff;background:#1e282c;border-left-color:#fff}.skin-black .sidebar-menu>li>.treeview-menu{margin:0 1px;background:#2c3b41}.skin-black .sidebar a{color:#b8c7ce}.skin-black .sidebar a:hover{text-decoration:none}.skin-black .treeview-menu>li>a{color:#8aa4af}.skin-black .treeview-menu>li.active>a,.skin-black .treeview-menu>li>a:hover{color:#fff}.skin-black .sidebar-form{border-radius:3px;border:1px solid #374850;margin:10px 10px}.skin-black .sidebar-form input[type="text"],.skin-black .sidebar-form .btn{box-shadow:none;background-color:#374850;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-black .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-black .sidebar-form input[type="text"]:focus,.skin-black .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-black .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-black .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-blue-light.min.css: -------------------------------------------------------------------------------- 1 | .skin-blue-light .main-header .navbar{background-color:#3c8dbc}.skin-blue-light .main-header .navbar .nav>li>a{color:#fff}.skin-blue-light .main-header .navbar .nav>li>a:hover,.skin-blue-light .main-header .navbar .nav>li>a:active,.skin-blue-light .main-header .navbar .nav>li>a:focus,.skin-blue-light .main-header .navbar .nav .open>a,.skin-blue-light .main-header .navbar .nav .open>a:hover,.skin-blue-light .main-header .navbar .nav .open>a:focus,.skin-blue-light .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-blue-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-blue-light .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-blue-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-blue-light .main-header .navbar .sidebar-toggle:hover{background-color:#367fa9}@media (max-width:767px){.skin-blue-light .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-blue-light .main-header .navbar .dropdown-menu li a{color:#fff}.skin-blue-light .main-header .navbar .dropdown-menu li a:hover{background:#367fa9}}.skin-blue-light .main-header .logo{background-color:#3c8dbc;color:#fff;border-bottom:0 solid transparent}.skin-blue-light .main-header .logo:hover{background-color:#3b8ab8}.skin-blue-light .main-header li.user-header{background-color:#3c8dbc}.skin-blue-light .content-header{background:transparent}.skin-blue-light .wrapper,.skin-blue-light .main-sidebar,.skin-blue-light .left-side{background-color:#f9fafc}.skin-blue-light .content-wrapper,.skin-blue-light .main-footer{border-left:1px solid #d2d6de}.skin-blue-light .user-panel>.info,.skin-blue-light .user-panel>.info>a{color:#444}.skin-blue-light .sidebar-menu>li{-webkit-transition:border-left-color .3s ease;-o-transition:border-left-color .3s ease;transition:border-left-color .3s ease}.skin-blue-light .sidebar-menu>li.header{color:#848484;background:#f9fafc}.skin-blue-light .sidebar-menu>li>a{border-left:3px solid transparent;font-weight:600}.skin-blue-light .sidebar-menu>li:hover>a,.skin-blue-light .sidebar-menu>li.active>a{color:#000;background:#f4f4f5}.skin-blue-light .sidebar-menu>li.active{border-left-color:#3c8dbc}.skin-blue-light .sidebar-menu>li.active>a{font-weight:600}.skin-blue-light .sidebar-menu>li>.treeview-menu{background:#f4f4f5}.skin-blue-light .sidebar a{color:#444}.skin-blue-light .sidebar a:hover{text-decoration:none}.skin-blue-light .treeview-menu>li>a{color:#777}.skin-blue-light .treeview-menu>li.active>a,.skin-blue-light .treeview-menu>li>a:hover{color:#000}.skin-blue-light .treeview-menu>li.active>a{font-weight:600}.skin-blue-light .sidebar-form{border-radius:3px;border:1px solid #d2d6de;margin:10px 10px}.skin-blue-light .sidebar-form input[type="text"],.skin-blue-light .sidebar-form .btn{box-shadow:none;background-color:#fff;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-blue-light .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-blue-light .sidebar-form input[type="text"]:focus,.skin-blue-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-blue-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-blue-light .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0}@media (min-width:768px){.skin-blue-light.sidebar-mini.sidebar-collapse .sidebar-menu>li>.treeview-menu{border-left:1px solid #d2d6de}}.skin-blue-light .main-footer{border-top-color:#d2d6de}.skin-blue.layout-top-nav .main-header>.logo{background-color:#3c8dbc;color:#fff;border-bottom:0 solid transparent}.skin-blue.layout-top-nav .main-header>.logo:hover{background-color:#3b8ab8} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-blue.min.css: -------------------------------------------------------------------------------- 1 | .skin-blue .main-header .navbar{background-color:#3c8dbc}.skin-blue .main-header .navbar .nav>li>a{color:#fff}.skin-blue .main-header .navbar .nav>li>a:hover,.skin-blue .main-header .navbar .nav>li>a:active,.skin-blue .main-header .navbar .nav>li>a:focus,.skin-blue .main-header .navbar .nav .open>a,.skin-blue .main-header .navbar .nav .open>a:hover,.skin-blue .main-header .navbar .nav .open>a:focus,.skin-blue .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-blue .main-header .navbar .sidebar-toggle{color:#fff}.skin-blue .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-blue .main-header .navbar .sidebar-toggle{color:#fff}.skin-blue .main-header .navbar .sidebar-toggle:hover{background-color:#367fa9}@media (max-width:767px){.skin-blue .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-blue .main-header .navbar .dropdown-menu li a{color:#fff}.skin-blue .main-header .navbar .dropdown-menu li a:hover{background:#367fa9}}.skin-blue .main-header .logo{background-color:#367fa9;color:#fff;border-bottom:0 solid transparent}.skin-blue .main-header .logo:hover{background-color:#357ca5}.skin-blue .main-header li.user-header{background-color:#3c8dbc}.skin-blue .content-header{background:transparent}.skin-blue .wrapper,.skin-blue .main-sidebar,.skin-blue .left-side{background-color:#222d32}.skin-blue .user-panel>.info,.skin-blue .user-panel>.info>a{color:#fff}.skin-blue .sidebar-menu>li.header{color:#4b646f;background:#1a2226}.skin-blue .sidebar-menu>li>a{border-left:3px solid transparent}.skin-blue .sidebar-menu>li:hover>a,.skin-blue .sidebar-menu>li.active>a{color:#fff;background:#1e282c;border-left-color:#3c8dbc}.skin-blue .sidebar-menu>li>.treeview-menu{margin:0 1px;background:#2c3b41}.skin-blue .sidebar a{color:#b8c7ce}.skin-blue .sidebar a:hover{text-decoration:none}.skin-blue .treeview-menu>li>a{color:#8aa4af}.skin-blue .treeview-menu>li.active>a,.skin-blue .treeview-menu>li>a:hover{color:#fff}.skin-blue .sidebar-form{border-radius:3px;border:1px solid #374850;margin:10px 10px}.skin-blue .sidebar-form input[type="text"],.skin-blue .sidebar-form .btn{box-shadow:none;background-color:#374850;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-blue .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-blue .sidebar-form input[type="text"]:focus,.skin-blue .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-blue .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-blue .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0}.skin-blue.layout-top-nav .main-header>.logo{background-color:#3c8dbc;color:#fff;border-bottom:0 solid transparent}.skin-blue.layout-top-nav .main-header>.logo:hover{background-color:#3b8ab8} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-green-light.min.css: -------------------------------------------------------------------------------- 1 | .skin-green-light .main-header .navbar{background-color:#00a65a}.skin-green-light .main-header .navbar .nav>li>a{color:#fff}.skin-green-light .main-header .navbar .nav>li>a:hover,.skin-green-light .main-header .navbar .nav>li>a:active,.skin-green-light .main-header .navbar .nav>li>a:focus,.skin-green-light .main-header .navbar .nav .open>a,.skin-green-light .main-header .navbar .nav .open>a:hover,.skin-green-light .main-header .navbar .nav .open>a:focus,.skin-green-light .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-green-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-green-light .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-green-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-green-light .main-header .navbar .sidebar-toggle:hover{background-color:#008d4c}@media (max-width:767px){.skin-green-light .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-green-light .main-header .navbar .dropdown-menu li a{color:#fff}.skin-green-light .main-header .navbar .dropdown-menu li a:hover{background:#008d4c}}.skin-green-light .main-header .logo{background-color:#00a65a;color:#fff;border-bottom:0 solid transparent}.skin-green-light .main-header .logo:hover{background-color:#00a157}.skin-green-light .main-header li.user-header{background-color:#00a65a}.skin-green-light .content-header{background:transparent}.skin-green-light .wrapper,.skin-green-light .main-sidebar,.skin-green-light .left-side{background-color:#f9fafc}.skin-green-light .content-wrapper,.skin-green-light .main-footer{border-left:1px solid #d2d6de}.skin-green-light .user-panel>.info,.skin-green-light .user-panel>.info>a{color:#444}.skin-green-light .sidebar-menu>li{-webkit-transition:border-left-color .3s ease;-o-transition:border-left-color .3s ease;transition:border-left-color .3s ease}.skin-green-light .sidebar-menu>li.header{color:#848484;background:#f9fafc}.skin-green-light .sidebar-menu>li>a{border-left:3px solid transparent;font-weight:600}.skin-green-light .sidebar-menu>li:hover>a,.skin-green-light .sidebar-menu>li.active>a{color:#000;background:#f4f4f5}.skin-green-light .sidebar-menu>li.active{border-left-color:#00a65a}.skin-green-light .sidebar-menu>li.active>a{font-weight:600}.skin-green-light .sidebar-menu>li>.treeview-menu{background:#f4f4f5}.skin-green-light .sidebar a{color:#444}.skin-green-light .sidebar a:hover{text-decoration:none}.skin-green-light .treeview-menu>li>a{color:#777}.skin-green-light .treeview-menu>li.active>a,.skin-green-light .treeview-menu>li>a:hover{color:#000}.skin-green-light .treeview-menu>li.active>a{font-weight:600}.skin-green-light .sidebar-form{border-radius:3px;border:1px solid #d2d6de;margin:10px 10px}.skin-green-light .sidebar-form input[type="text"],.skin-green-light .sidebar-form .btn{box-shadow:none;background-color:#fff;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-green-light .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-green-light .sidebar-form input[type="text"]:focus,.skin-green-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-green-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-green-light .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0}@media (min-width:768px){.skin-green-light.sidebar-mini.sidebar-collapse .sidebar-menu>li>.treeview-menu{border-left:1px solid #d2d6de}} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-green.min.css: -------------------------------------------------------------------------------- 1 | .skin-green .main-header .navbar{background-color:#00a65a}.skin-green .main-header .navbar .nav>li>a{color:#fff}.skin-green .main-header .navbar .nav>li>a:hover,.skin-green .main-header .navbar .nav>li>a:active,.skin-green .main-header .navbar .nav>li>a:focus,.skin-green .main-header .navbar .nav .open>a,.skin-green .main-header .navbar .nav .open>a:hover,.skin-green .main-header .navbar .nav .open>a:focus,.skin-green .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-green .main-header .navbar .sidebar-toggle{color:#fff}.skin-green .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-green .main-header .navbar .sidebar-toggle{color:#fff}.skin-green .main-header .navbar .sidebar-toggle:hover{background-color:#008d4c}@media (max-width:767px){.skin-green .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-green .main-header .navbar .dropdown-menu li a{color:#fff}.skin-green .main-header .navbar .dropdown-menu li a:hover{background:#008d4c}}.skin-green .main-header .logo{background-color:#008d4c;color:#fff;border-bottom:0 solid transparent}.skin-green .main-header .logo:hover{background-color:#008749}.skin-green .main-header li.user-header{background-color:#00a65a}.skin-green .content-header{background:transparent}.skin-green .wrapper,.skin-green .main-sidebar,.skin-green .left-side{background-color:#222d32}.skin-green .user-panel>.info,.skin-green .user-panel>.info>a{color:#fff}.skin-green .sidebar-menu>li.header{color:#4b646f;background:#1a2226}.skin-green .sidebar-menu>li>a{border-left:3px solid transparent}.skin-green .sidebar-menu>li:hover>a,.skin-green .sidebar-menu>li.active>a{color:#fff;background:#1e282c;border-left-color:#00a65a}.skin-green .sidebar-menu>li>.treeview-menu{margin:0 1px;background:#2c3b41}.skin-green .sidebar a{color:#b8c7ce}.skin-green .sidebar a:hover{text-decoration:none}.skin-green .treeview-menu>li>a{color:#8aa4af}.skin-green .treeview-menu>li.active>a,.skin-green .treeview-menu>li>a:hover{color:#fff}.skin-green .sidebar-form{border-radius:3px;border:1px solid #374850;margin:10px 10px}.skin-green .sidebar-form input[type="text"],.skin-green .sidebar-form .btn{box-shadow:none;background-color:#374850;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-green .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-green .sidebar-form input[type="text"]:focus,.skin-green .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-green .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-green .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-purple-light.min.css: -------------------------------------------------------------------------------- 1 | .skin-purple-light .main-header .navbar{background-color:#605ca8}.skin-purple-light .main-header .navbar .nav>li>a{color:#fff}.skin-purple-light .main-header .navbar .nav>li>a:hover,.skin-purple-light .main-header .navbar .nav>li>a:active,.skin-purple-light .main-header .navbar .nav>li>a:focus,.skin-purple-light .main-header .navbar .nav .open>a,.skin-purple-light .main-header .navbar .nav .open>a:hover,.skin-purple-light .main-header .navbar .nav .open>a:focus,.skin-purple-light .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-purple-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-purple-light .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-purple-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-purple-light .main-header .navbar .sidebar-toggle:hover{background-color:#555299}@media (max-width:767px){.skin-purple-light .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-purple-light .main-header .navbar .dropdown-menu li a{color:#fff}.skin-purple-light .main-header .navbar .dropdown-menu li a:hover{background:#555299}}.skin-purple-light .main-header .logo{background-color:#605ca8;color:#fff;border-bottom:0 solid transparent}.skin-purple-light .main-header .logo:hover{background-color:#5d59a6}.skin-purple-light .main-header li.user-header{background-color:#605ca8}.skin-purple-light .content-header{background:transparent}.skin-purple-light .wrapper,.skin-purple-light .main-sidebar,.skin-purple-light .left-side{background-color:#f9fafc}.skin-purple-light .content-wrapper,.skin-purple-light .main-footer{border-left:1px solid #d2d6de}.skin-purple-light .user-panel>.info,.skin-purple-light .user-panel>.info>a{color:#444}.skin-purple-light .sidebar-menu>li{-webkit-transition:border-left-color .3s ease;-o-transition:border-left-color .3s ease;transition:border-left-color .3s ease}.skin-purple-light .sidebar-menu>li.header{color:#848484;background:#f9fafc}.skin-purple-light .sidebar-menu>li>a{border-left:3px solid transparent;font-weight:600}.skin-purple-light .sidebar-menu>li:hover>a,.skin-purple-light .sidebar-menu>li.active>a{color:#000;background:#f4f4f5}.skin-purple-light .sidebar-menu>li.active{border-left-color:#605ca8}.skin-purple-light .sidebar-menu>li.active>a{font-weight:600}.skin-purple-light .sidebar-menu>li>.treeview-menu{background:#f4f4f5}.skin-purple-light .sidebar a{color:#444}.skin-purple-light .sidebar a:hover{text-decoration:none}.skin-purple-light .treeview-menu>li>a{color:#777}.skin-purple-light .treeview-menu>li.active>a,.skin-purple-light .treeview-menu>li>a:hover{color:#000}.skin-purple-light .treeview-menu>li.active>a{font-weight:600}.skin-purple-light .sidebar-form{border-radius:3px;border:1px solid #d2d6de;margin:10px 10px}.skin-purple-light .sidebar-form input[type="text"],.skin-purple-light .sidebar-form .btn{box-shadow:none;background-color:#fff;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-purple-light .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-purple-light .sidebar-form input[type="text"]:focus,.skin-purple-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-purple-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-purple-light .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0}@media (min-width:768px){.skin-purple-light.sidebar-mini.sidebar-collapse .sidebar-menu>li>.treeview-menu{border-left:1px solid #d2d6de}} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-purple.min.css: -------------------------------------------------------------------------------- 1 | .skin-purple .main-header .navbar{background-color:#605ca8}.skin-purple .main-header .navbar .nav>li>a{color:#fff}.skin-purple .main-header .navbar .nav>li>a:hover,.skin-purple .main-header .navbar .nav>li>a:active,.skin-purple .main-header .navbar .nav>li>a:focus,.skin-purple .main-header .navbar .nav .open>a,.skin-purple .main-header .navbar .nav .open>a:hover,.skin-purple .main-header .navbar .nav .open>a:focus,.skin-purple .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-purple .main-header .navbar .sidebar-toggle{color:#fff}.skin-purple .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-purple .main-header .navbar .sidebar-toggle{color:#fff}.skin-purple .main-header .navbar .sidebar-toggle:hover{background-color:#555299}@media (max-width:767px){.skin-purple .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-purple .main-header .navbar .dropdown-menu li a{color:#fff}.skin-purple .main-header .navbar .dropdown-menu li a:hover{background:#555299}}.skin-purple .main-header .logo{background-color:#555299;color:#fff;border-bottom:0 solid transparent}.skin-purple .main-header .logo:hover{background-color:#545096}.skin-purple .main-header li.user-header{background-color:#605ca8}.skin-purple .content-header{background:transparent}.skin-purple .wrapper,.skin-purple .main-sidebar,.skin-purple .left-side{background-color:#222d32}.skin-purple .user-panel>.info,.skin-purple .user-panel>.info>a{color:#fff}.skin-purple .sidebar-menu>li.header{color:#4b646f;background:#1a2226}.skin-purple .sidebar-menu>li>a{border-left:3px solid transparent}.skin-purple .sidebar-menu>li:hover>a,.skin-purple .sidebar-menu>li.active>a{color:#fff;background:#1e282c;border-left-color:#605ca8}.skin-purple .sidebar-menu>li>.treeview-menu{margin:0 1px;background:#2c3b41}.skin-purple .sidebar a{color:#b8c7ce}.skin-purple .sidebar a:hover{text-decoration:none}.skin-purple .treeview-menu>li>a{color:#8aa4af}.skin-purple .treeview-menu>li.active>a,.skin-purple .treeview-menu>li>a:hover{color:#fff}.skin-purple .sidebar-form{border-radius:3px;border:1px solid #374850;margin:10px 10px}.skin-purple .sidebar-form input[type="text"],.skin-purple .sidebar-form .btn{box-shadow:none;background-color:#374850;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-purple .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-purple .sidebar-form input[type="text"]:focus,.skin-purple .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-purple .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-purple .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-red-light.min.css: -------------------------------------------------------------------------------- 1 | .skin-red-light .main-header .navbar{background-color:#dd4b39}.skin-red-light .main-header .navbar .nav>li>a{color:#fff}.skin-red-light .main-header .navbar .nav>li>a:hover,.skin-red-light .main-header .navbar .nav>li>a:active,.skin-red-light .main-header .navbar .nav>li>a:focus,.skin-red-light .main-header .navbar .nav .open>a,.skin-red-light .main-header .navbar .nav .open>a:hover,.skin-red-light .main-header .navbar .nav .open>a:focus,.skin-red-light .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-red-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-red-light .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-red-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-red-light .main-header .navbar .sidebar-toggle:hover{background-color:#d73925}@media (max-width:767px){.skin-red-light .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-red-light .main-header .navbar .dropdown-menu li a{color:#fff}.skin-red-light .main-header .navbar .dropdown-menu li a:hover{background:#d73925}}.skin-red-light .main-header .logo{background-color:#dd4b39;color:#fff;border-bottom:0 solid transparent}.skin-red-light .main-header .logo:hover{background-color:#dc4735}.skin-red-light .main-header li.user-header{background-color:#dd4b39}.skin-red-light .content-header{background:transparent}.skin-red-light .wrapper,.skin-red-light .main-sidebar,.skin-red-light .left-side{background-color:#f9fafc}.skin-red-light .content-wrapper,.skin-red-light .main-footer{border-left:1px solid #d2d6de}.skin-red-light .user-panel>.info,.skin-red-light .user-panel>.info>a{color:#444}.skin-red-light .sidebar-menu>li{-webkit-transition:border-left-color .3s ease;-o-transition:border-left-color .3s ease;transition:border-left-color .3s ease}.skin-red-light .sidebar-menu>li.header{color:#848484;background:#f9fafc}.skin-red-light .sidebar-menu>li>a{border-left:3px solid transparent;font-weight:600}.skin-red-light .sidebar-menu>li:hover>a,.skin-red-light .sidebar-menu>li.active>a{color:#000;background:#f4f4f5}.skin-red-light .sidebar-menu>li.active{border-left-color:#dd4b39}.skin-red-light .sidebar-menu>li.active>a{font-weight:600}.skin-red-light .sidebar-menu>li>.treeview-menu{background:#f4f4f5}.skin-red-light .sidebar a{color:#444}.skin-red-light .sidebar a:hover{text-decoration:none}.skin-red-light .treeview-menu>li>a{color:#777}.skin-red-light .treeview-menu>li.active>a,.skin-red-light .treeview-menu>li>a:hover{color:#000}.skin-red-light .treeview-menu>li.active>a{font-weight:600}.skin-red-light .sidebar-form{border-radius:3px;border:1px solid #d2d6de;margin:10px 10px}.skin-red-light .sidebar-form input[type="text"],.skin-red-light .sidebar-form .btn{box-shadow:none;background-color:#fff;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-red-light .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-red-light .sidebar-form input[type="text"]:focus,.skin-red-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-red-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-red-light .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0}@media (min-width:768px){.skin-red-light.sidebar-mini.sidebar-collapse .sidebar-menu>li>.treeview-menu{border-left:1px solid #d2d6de}} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-red.min.css: -------------------------------------------------------------------------------- 1 | .skin-red .main-header .navbar{background-color:#dd4b39}.skin-red .main-header .navbar .nav>li>a{color:#fff}.skin-red .main-header .navbar .nav>li>a:hover,.skin-red .main-header .navbar .nav>li>a:active,.skin-red .main-header .navbar .nav>li>a:focus,.skin-red .main-header .navbar .nav .open>a,.skin-red .main-header .navbar .nav .open>a:hover,.skin-red .main-header .navbar .nav .open>a:focus,.skin-red .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-red .main-header .navbar .sidebar-toggle{color:#fff}.skin-red .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-red .main-header .navbar .sidebar-toggle{color:#fff}.skin-red .main-header .navbar .sidebar-toggle:hover{background-color:#d73925}@media (max-width:767px){.skin-red .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-red .main-header .navbar .dropdown-menu li a{color:#fff}.skin-red .main-header .navbar .dropdown-menu li a:hover{background:#d73925}}.skin-red .main-header .logo{background-color:#d73925;color:#fff;border-bottom:0 solid transparent}.skin-red .main-header .logo:hover{background-color:#d33724}.skin-red .main-header li.user-header{background-color:#dd4b39}.skin-red .content-header{background:transparent}.skin-red .wrapper,.skin-red .main-sidebar,.skin-red .left-side{background-color:#222d32}.skin-red .user-panel>.info,.skin-red .user-panel>.info>a{color:#fff}.skin-red .sidebar-menu>li.header{color:#4b646f;background:#1a2226}.skin-red .sidebar-menu>li>a{border-left:3px solid transparent}.skin-red .sidebar-menu>li:hover>a,.skin-red .sidebar-menu>li.active>a{color:#fff;background:#1e282c;border-left-color:#dd4b39}.skin-red .sidebar-menu>li>.treeview-menu{margin:0 1px;background:#2c3b41}.skin-red .sidebar a{color:#b8c7ce}.skin-red .sidebar a:hover{text-decoration:none}.skin-red .treeview-menu>li>a{color:#8aa4af}.skin-red .treeview-menu>li.active>a,.skin-red .treeview-menu>li>a:hover{color:#fff}.skin-red .sidebar-form{border-radius:3px;border:1px solid #374850;margin:10px 10px}.skin-red .sidebar-form input[type="text"],.skin-red .sidebar-form .btn{box-shadow:none;background-color:#374850;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-red .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-red .sidebar-form input[type="text"]:focus,.skin-red .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-red .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-red .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-yellow-light.min.css: -------------------------------------------------------------------------------- 1 | .skin-yellow-light .main-header .navbar{background-color:#f39c12}.skin-yellow-light .main-header .navbar .nav>li>a{color:#fff}.skin-yellow-light .main-header .navbar .nav>li>a:hover,.skin-yellow-light .main-header .navbar .nav>li>a:active,.skin-yellow-light .main-header .navbar .nav>li>a:focus,.skin-yellow-light .main-header .navbar .nav .open>a,.skin-yellow-light .main-header .navbar .nav .open>a:hover,.skin-yellow-light .main-header .navbar .nav .open>a:focus,.skin-yellow-light .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-yellow-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-yellow-light .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-yellow-light .main-header .navbar .sidebar-toggle{color:#fff}.skin-yellow-light .main-header .navbar .sidebar-toggle:hover{background-color:#e08e0b}@media (max-width:767px){.skin-yellow-light .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-yellow-light .main-header .navbar .dropdown-menu li a{color:#fff}.skin-yellow-light .main-header .navbar .dropdown-menu li a:hover{background:#e08e0b}}.skin-yellow-light .main-header .logo{background-color:#f39c12;color:#fff;border-bottom:0 solid transparent}.skin-yellow-light .main-header .logo:hover{background-color:#f39a0d}.skin-yellow-light .main-header li.user-header{background-color:#f39c12}.skin-yellow-light .content-header{background:transparent}.skin-yellow-light .wrapper,.skin-yellow-light .main-sidebar,.skin-yellow-light .left-side{background-color:#f9fafc}.skin-yellow-light .content-wrapper,.skin-yellow-light .main-footer{border-left:1px solid #d2d6de}.skin-yellow-light .user-panel>.info,.skin-yellow-light .user-panel>.info>a{color:#444}.skin-yellow-light .sidebar-menu>li{-webkit-transition:border-left-color .3s ease;-o-transition:border-left-color .3s ease;transition:border-left-color .3s ease}.skin-yellow-light .sidebar-menu>li.header{color:#848484;background:#f9fafc}.skin-yellow-light .sidebar-menu>li>a{border-left:3px solid transparent;font-weight:600}.skin-yellow-light .sidebar-menu>li:hover>a,.skin-yellow-light .sidebar-menu>li.active>a{color:#000;background:#f4f4f5}.skin-yellow-light .sidebar-menu>li.active{border-left-color:#f39c12}.skin-yellow-light .sidebar-menu>li.active>a{font-weight:600}.skin-yellow-light .sidebar-menu>li>.treeview-menu{background:#f4f4f5}.skin-yellow-light .sidebar a{color:#444}.skin-yellow-light .sidebar a:hover{text-decoration:none}.skin-yellow-light .treeview-menu>li>a{color:#777}.skin-yellow-light .treeview-menu>li.active>a,.skin-yellow-light .treeview-menu>li>a:hover{color:#000}.skin-yellow-light .treeview-menu>li.active>a{font-weight:600}.skin-yellow-light .sidebar-form{border-radius:3px;border:1px solid #d2d6de;margin:10px 10px}.skin-yellow-light .sidebar-form input[type="text"],.skin-yellow-light .sidebar-form .btn{box-shadow:none;background-color:#fff;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-yellow-light .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-yellow-light .sidebar-form input[type="text"]:focus,.skin-yellow-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-yellow-light .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-yellow-light .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0}@media (min-width:768px){.skin-yellow-light.sidebar-mini.sidebar-collapse .sidebar-menu>li>.treeview-menu{border-left:1px solid #d2d6de}} -------------------------------------------------------------------------------- /static/dash/css/skins/skin-yellow.min.css: -------------------------------------------------------------------------------- 1 | .skin-yellow .main-header .navbar{background-color:#f39c12}.skin-yellow .main-header .navbar .nav>li>a{color:#fff}.skin-yellow .main-header .navbar .nav>li>a:hover,.skin-yellow .main-header .navbar .nav>li>a:active,.skin-yellow .main-header .navbar .nav>li>a:focus,.skin-yellow .main-header .navbar .nav .open>a,.skin-yellow .main-header .navbar .nav .open>a:hover,.skin-yellow .main-header .navbar .nav .open>a:focus,.skin-yellow .main-header .navbar .nav>.active>a{background:rgba(0,0,0,0.1);color:#f6f6f6}.skin-yellow .main-header .navbar .sidebar-toggle{color:#fff}.skin-yellow .main-header .navbar .sidebar-toggle:hover{color:#f6f6f6;background:rgba(0,0,0,0.1)}.skin-yellow .main-header .navbar .sidebar-toggle{color:#fff}.skin-yellow .main-header .navbar .sidebar-toggle:hover{background-color:#e08e0b}@media (max-width:767px){.skin-yellow .main-header .navbar .dropdown-menu li.divider{background-color:rgba(255,255,255,0.1)}.skin-yellow .main-header .navbar .dropdown-menu li a{color:#fff}.skin-yellow .main-header .navbar .dropdown-menu li a:hover{background:#e08e0b}}.skin-yellow .main-header .logo{background-color:#e08e0b;color:#fff;border-bottom:0 solid transparent}.skin-yellow .main-header .logo:hover{background-color:#db8b0b}.skin-yellow .main-header li.user-header{background-color:#f39c12}.skin-yellow .content-header{background:transparent}.skin-yellow .wrapper,.skin-yellow .main-sidebar,.skin-yellow .left-side{background-color:#222d32}.skin-yellow .user-panel>.info,.skin-yellow .user-panel>.info>a{color:#fff}.skin-yellow .sidebar-menu>li.header{color:#4b646f;background:#1a2226}.skin-yellow .sidebar-menu>li>a{border-left:3px solid transparent}.skin-yellow .sidebar-menu>li:hover>a,.skin-yellow .sidebar-menu>li.active>a{color:#fff;background:#1e282c;border-left-color:#f39c12}.skin-yellow .sidebar-menu>li>.treeview-menu{margin:0 1px;background:#2c3b41}.skin-yellow .sidebar a{color:#b8c7ce}.skin-yellow .sidebar a:hover{text-decoration:none}.skin-yellow .treeview-menu>li>a{color:#8aa4af}.skin-yellow .treeview-menu>li.active>a,.skin-yellow .treeview-menu>li>a:hover{color:#fff}.skin-yellow .sidebar-form{border-radius:3px;border:1px solid #374850;margin:10px 10px}.skin-yellow .sidebar-form input[type="text"],.skin-yellow .sidebar-form .btn{box-shadow:none;background-color:#374850;border:1px solid transparent;height:35px;-webkit-transition:all .3s ease-in-out;-o-transition:all .3s ease-in-out;transition:all .3s ease-in-out}.skin-yellow .sidebar-form input[type="text"]{color:#666;border-top-left-radius:2px;border-top-right-radius:0;border-bottom-right-radius:0;border-bottom-left-radius:2px}.skin-yellow .sidebar-form input[type="text"]:focus,.skin-yellow .sidebar-form input[type="text"]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-yellow .sidebar-form input[type="text"]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-yellow .sidebar-form .btn{color:#999;border-top-left-radius:0;border-top-right-radius:2px;border-bottom-right-radius:2px;border-bottom-left-radius:0} -------------------------------------------------------------------------------- /static/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/favicon.ico -------------------------------------------------------------------------------- /static/fonts/fontawesome-webfont.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/fonts/fontawesome-webfont.ttf -------------------------------------------------------------------------------- /static/fonts/fontawesome-webfont.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/fonts/fontawesome-webfont.woff -------------------------------------------------------------------------------- /static/fonts/fontawesome-webfont.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/fonts/fontawesome-webfont.woff2 -------------------------------------------------------------------------------- /static/fonts/glyphicons-halflings-regular.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/fonts/glyphicons-halflings-regular.eot -------------------------------------------------------------------------------- /static/fonts/glyphicons-halflings-regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/fonts/glyphicons-halflings-regular.ttf -------------------------------------------------------------------------------- /static/fonts/glyphicons-halflings-regular.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/fonts/glyphicons-halflings-regular.woff -------------------------------------------------------------------------------- /static/img/MobSF_Logo_small.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/img/MobSF_Logo_small.png -------------------------------------------------------------------------------- /static/img/loading.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HackingLab/MobileSF/29080070b3a6f5d12f7bd0d4dd78ece2cd140ed4/static/img/loading.jpg -------------------------------------------------------------------------------- /static/js/docs.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Documentation JS script 3 | */ 4 | $(function () { 5 | var slideToTop = $("
"); 6 | slideToTop.html(''); 7 | slideToTop.css({ 8 | position: 'fixed', 9 | bottom: '20px', 10 | right: '25px', 11 | width: '40px', 12 | height: '40px', 13 | color: '#eee', 14 | 'font-size': '', 15 | 'line-height': '40px', 16 | 'text-align': 'center', 17 | 'background-color': '#222d32', 18 | cursor: 'pointer', 19 | 'border-radius': '5px', 20 | 'z-index': '99999', 21 | opacity: '.7', 22 | 'display': 'none' 23 | }); 24 | slideToTop.on('mouseenter', function () { 25 | $(this).css('opacity', '1'); 26 | }); 27 | slideToTop.on('mouseout', function () { 28 | $(this).css('opacity', '.7'); 29 | }); 30 | $('.wrapper').append(slideToTop); 31 | $(window).scroll(function () { 32 | if ($(window).scrollTop() >= 150) { 33 | if (!$(slideToTop).is(':visible')) { 34 | $(slideToTop).fadeIn(500); 35 | } 36 | } else { 37 | $(slideToTop).fadeOut(500); 38 | } 39 | }); 40 | $(slideToTop).click(function () { 41 | $("body").animate({ 42 | scrollTop: 0 43 | }, 500); 44 | }); 45 | $(".sidebar-menu li:not(.treeview) a").click(function () { 46 | var $this = $(this); 47 | var target = $this.attr("href"); 48 | if (typeof target === 'string') { 49 | $("body").animate({ 50 | scrollTop: ($(target).offset().top) + "px" 51 | }, 500); 52 | } 53 | }); 54 | //Skin switcher 55 | var current_skin = "skin-blue"; 56 | $('#layout-skins-list [data-skin]').click(function(e) { 57 | e.preventDefault(); 58 | var skinName = $(this).data('skin'); 59 | $('body').removeClass(current_skin); 60 | $('body').addClass(skinName); 61 | current_skin = skinName; 62 | }); 63 | }); 64 | -------------------------------------------------------------------------------- /static/js/ie-emulation-modes-warning.js: -------------------------------------------------------------------------------- 1 | // NOTICE!! DO NOT USE ANY OF THIS JAVASCRIPT 2 | // IT'S JUST JUNK FOR OUR DOCS! 3 | // ++++++++++++++++++++++++++++++++++++++++++ 4 | /*! 5 | * Copyright 2014 Twitter, Inc. 6 | * 7 | * Licensed under the Creative Commons Attribution 3.0 Unported License. For 8 | * details, see http://creativecommons.org/licenses/by/3.0/. 9 | */ 10 | // Intended to prevent false-positive bug reports about Bootstrap not working properly in old versions of IE due to folks testing using IE's unreliable emulation modes. 11 | (function () { 12 | 'use strict'; 13 | 14 | function emulatedIEMajorVersion() { 15 | var groups = /MSIE ([0-9.]+)/.exec(window.navigator.userAgent) 16 | if (groups === null) { 17 | return null 18 | } 19 | var ieVersionNum = parseInt(groups[1], 10) 20 | var ieMajorVersion = Math.floor(ieVersionNum) 21 | return ieMajorVersion 22 | } 23 | 24 | function actualNonEmulatedIEMajorVersion() { 25 | // Detects the actual version of IE in use, even if it's in an older-IE emulation mode. 26 | // IE JavaScript conditional compilation docs: http://msdn.microsoft.com/en-us/library/ie/121hztk3(v=vs.94).aspx 27 | // @cc_on docs: http://msdn.microsoft.com/en-us/library/ie/8ka90k2e(v=vs.94).aspx 28 | var jscriptVersion = new Function('/*@cc_on return @_jscript_version; @*/')() // jshint ignore:line 29 | if (jscriptVersion === undefined) { 30 | return 11 // IE11+ not in emulation mode 31 | } 32 | if (jscriptVersion < 9) { 33 | return 8 // IE8 (or lower; haven't tested on IE<8) 34 | } 35 | return jscriptVersion // IE9 or IE10 in any mode, or IE11 in non-IE11 mode 36 | } 37 | 38 | var ua = window.navigator.userAgent 39 | if (ua.indexOf('Opera') > -1 || ua.indexOf('Presto') > -1) { 40 | return // Opera, which might pretend to be IE 41 | } 42 | var emulated = emulatedIEMajorVersion() 43 | if (emulated === null) { 44 | return // Not IE 45 | } 46 | var nonEmulated = actualNonEmulatedIEMajorVersion() 47 | 48 | if (emulated !== nonEmulated) { 49 | window.alert('WARNING: You appear to be using IE' + nonEmulated + ' in IE' + emulated + ' emulation mode.\nIE emulation modes can behave significantly differently from ACTUAL older versions of IE.\nPLEASE DON\'T FILE BOOTSTRAP BUGS based on testing in IE emulation modes!') 50 | } 51 | })(); 52 | -------------------------------------------------------------------------------- /static/js/ie10-viewport-bug-workaround.js: -------------------------------------------------------------------------------- 1 | /*! 2 | * IE10 viewport hack for Surface/desktop Windows 8 bug 3 | * Copyright 2014 Twitter, Inc. 4 | * Licensed under the Creative Commons Attribution 3.0 Unported License. For 5 | * details, see http://creativecommons.org/licenses/by/3.0/. 6 | */ 7 | 8 | // See the Getting Started docs for more information: 9 | // http://getbootstrap.com/getting-started/#support-ie10-width 10 | 11 | (function () { 12 | 'use strict'; 13 | if (navigator.userAgent.match(/IEMobile\/10\.0/)) { 14 | var msViewportStyle = document.createElement('style') 15 | msViewportStyle.appendChild( 16 | document.createTextNode( 17 | '@-ms-viewport{width:auto!important}' 18 | ) 19 | ) 20 | document.querySelector('head').appendChild(msViewportStyle) 21 | } 22 | })(); 23 | -------------------------------------------------------------------------------- /static/js/shBrushJava.js: -------------------------------------------------------------------------------- 1 | /** 2 | * SyntaxHighlighter 3 | * http://alexgorbatchev.com/SyntaxHighlighter 4 | * 5 | * SyntaxHighlighter is donationware. If you are using it, please donate. 6 | * http://alexgorbatchev.com/SyntaxHighlighter/donate.html 7 | * 8 | * @version 9 | * 3.0.83 (July 02 2010) 10 | * 11 | * @copyright 12 | * Copyright (C) 2004-2010 Alex Gorbatchev. 13 | * 14 | * @license 15 | * Dual licensed under the MIT and GPL licenses. 16 | */ 17 | ;(function() 18 | { 19 | // CommonJS 20 | typeof(require) != 'undefined' ? SyntaxHighlighter = require('shCore').SyntaxHighlighter : null; 21 | 22 | function Brush() 23 | { 24 | var keywords = 'abstract assert boolean break byte case catch char class const ' + 25 | 'continue default do double else enum extends ' + 26 | 'false final finally float for goto if implements import ' + 27 | 'instanceof int interface long native new null ' + 28 | 'package private protected public return ' + 29 | 'short static strictfp super switch synchronized this throw throws true ' + 30 | 'transient try void volatile while'; 31 | 32 | this.regexList = [ 33 | { regex: SyntaxHighlighter.regexLib.singleLineCComments, css: 'comments' }, // one line comments 34 | { regex: /\/\*([^\*][\s\S]*)?\*\//gm, css: 'comments' }, // multiline comments 35 | { regex: /\/\*(?!\*\/)\*[\s\S]*?\*\//gm, css: 'preprocessor' }, // documentation comments 36 | { regex: SyntaxHighlighter.regexLib.doubleQuotedString, css: 'string' }, // strings 37 | { regex: SyntaxHighlighter.regexLib.singleQuotedString, css: 'string' }, // strings 38 | { regex: /\b([\d]+(\.[\d]+)?|0x[a-f0-9]+)\b/gi, css: 'value' }, // numbers 39 | { regex: /(?!\@interface\b)\@[\$\w]+\b/g, css: 'color1' }, // annotation @anno 40 | { regex: /\@interface\b/g, css: 'color2' }, // @interface keyword 41 | { regex: new RegExp(this.getKeywords(keywords), 'gm'), css: 'keyword' } // java keyword 42 | ]; 43 | 44 | this.forHtmlScript({ 45 | left : /(<|<)%[@!=]?/g, 46 | right : /%(>|>)/g 47 | }); 48 | }; 49 | 50 | Brush.prototype = new SyntaxHighlighter.Highlighter(); 51 | Brush.aliases = ['java']; 52 | 53 | SyntaxHighlighter.brushes.Java = Brush; 54 | 55 | // CommonJS 56 | typeof(exports) != 'undefined' ? exports.Brush = Brush : null; 57 | })(); 58 | -------------------------------------------------------------------------------- /static/js/shBrushPlain.js: -------------------------------------------------------------------------------- 1 | /** 2 | * SyntaxHighlighter 3 | * http://alexgorbatchev.com/SyntaxHighlighter 4 | * 5 | * SyntaxHighlighter is donationware. If you are using it, please donate. 6 | * http://alexgorbatchev.com/SyntaxHighlighter/donate.html 7 | * 8 | * @version 9 | * 3.0.83 (July 02 2010) 10 | * 11 | * @copyright 12 | * Copyright (C) 2004-2010 Alex Gorbatchev. 13 | * 14 | * @license 15 | * Dual licensed under the MIT and GPL licenses. 16 | */ 17 | ;(function() 18 | { 19 | // CommonJS 20 | typeof(require) != 'undefined' ? SyntaxHighlighter = require('shCore').SyntaxHighlighter : null; 21 | 22 | function Brush() 23 | { 24 | }; 25 | 26 | Brush.prototype = new SyntaxHighlighter.Highlighter(); 27 | Brush.aliases = ['text', 'plain']; 28 | 29 | SyntaxHighlighter.brushes.Plain = Brush; 30 | 31 | // CommonJS 32 | typeof(exports) != 'undefined' ? exports.Brush = Brush : null; 33 | })(); 34 | -------------------------------------------------------------------------------- /static/js/shBrushXml.js: -------------------------------------------------------------------------------- 1 | /** 2 | * SyntaxHighlighter 3 | * http://alexgorbatchev.com/SyntaxHighlighter 4 | * 5 | * SyntaxHighlighter is donationware. If you are using it, please donate. 6 | * http://alexgorbatchev.com/SyntaxHighlighter/donate.html 7 | * 8 | * @version 9 | * 3.0.83 (July 02 2010) 10 | * 11 | * @copyright 12 | * Copyright (C) 2004-2010 Alex Gorbatchev. 13 | * 14 | * @license 15 | * Dual licensed under the MIT and GPL licenses. 16 | */ 17 | ;(function() 18 | { 19 | // CommonJS 20 | typeof(require) != 'undefined' ? SyntaxHighlighter = require('shCore').SyntaxHighlighter : null; 21 | 22 | function Brush() 23 | { 24 | function process(match, regexInfo) 25 | { 26 | var constructor = SyntaxHighlighter.Match, 27 | code = match[0], 28 | tag = new XRegExp('(<|<)[\\s\\/\\?]*(?[:\\w-\\.]+)', 'xg').exec(code), 29 | result = [] 30 | ; 31 | 32 | if (match.attributes != null) 33 | { 34 | var attributes, 35 | regex = new XRegExp('(? [\\w:\\-\\.]+)' + 36 | '\\s*=\\s*' + 37 | '(? ".*?"|\'.*?\'|\\w+)', 38 | 'xg'); 39 | 40 | while ((attributes = regex.exec(code)) != null) 41 | { 42 | result.push(new constructor(attributes.name, match.index + attributes.index, 'color1')); 43 | result.push(new constructor(attributes.value, match.index + attributes.index + attributes[0].indexOf(attributes.value), 'string')); 44 | } 45 | } 46 | 47 | if (tag != null) 48 | result.push( 49 | new constructor(tag.name, match.index + tag[0].indexOf(tag.name), 'keyword') 50 | ); 51 | 52 | return result; 53 | } 54 | 55 | this.regexList = [ 56 | { regex: new XRegExp('(\\<|<)\\!\\[[\\w\\s]*?\\[(.|\\s)*?\\]\\](\\>|>)', 'gm'), css: 'color2' }, // 57 | { regex: SyntaxHighlighter.regexLib.xmlComments, css: 'comments' }, // 58 | { regex: new XRegExp('(<|<)[\\s\\/\\?]*(\\w+)(?.*?)[\\s\\/\\?]*(>|>)', 'sg'), func: process } 59 | ]; 60 | }; 61 | 62 | Brush.prototype = new SyntaxHighlighter.Highlighter(); 63 | Brush.aliases = ['xml', 'xhtml', 'xslt', 'html']; 64 | 65 | SyntaxHighlighter.brushes.Xml = Brush; 66 | 67 | // CommonJS 68 | typeof(exports) != 'undefined' ? exports.Brush = Brush : null; 69 | })(); 70 | -------------------------------------------------------------------------------- /templates/about.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base_top_only.html" %} 3 | {% block content %} 4 | 5 | 6 |
7 | 8 |
9 | 10 | 11 |

关于 App分析工具(HackingLab定制版)

12 | 13 |

14 | MobSF是一款智能的,集多种功能于一体的移动App(安卓/IOS)测试工具框架.他支持安卓/IOS应用和ZIP格式的源码包 15 | 静态分析: 16 | 静态分析可以查看源代码,检测不安全的权限/配置,检测代码中不安全的ssl管理(如重写,绕过等),弱的加密算法,代码混淆,导入权限,硬编码秘钥,不恰当的危险的API使用,敏感信息泄露,不安全的文件存储等.

17 |

18 | 动态分析: 19 | 动态分析是在虚拟机中/或配置好的设备中运行APP并进行安全检测.对应用进行更深层的检测,包括网络抓包,解密HTTPS流量,应用dump,日志,错误,崩溃,调试信息,调用栈,应用资源,属性,数据库等.在这个框架中,你也可以自行定制自己的测试规则.最后会生成一份快速简洁的测试报告.以后我们也会拓展该框架,使得其能够支持其他的移动平台,如Tizen,WindowsPhone等. 20 | 21 | 它可用于有效和快速安全分析的Android和iOS应用程序和支持二进制文件(APK,IPA)和压缩源代码。MobSF还可以执行与它的API Fuzzer Web API的安全测试。

22 |

系统开发:http://twitter.com/ajinabraham Ajin Abraham

23 |

翻译优化:http://hackinglab.cn 翻译优化

24 |
25 | 26 |
27 | {% endblock %} 28 | -------------------------------------------------------------------------------- /templates/error.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base_top_only.html" %} 3 | {% block content %} 4 | 5 | 6 |
7 |
8 | 9 | 10 |

系统发生了错误
Don't Play Around. An Error just popped in!

11 |

{{ exp }}

12 |

{{ doc }}

13 | 14 |
15 | 16 |
17 | {% endblock %} 18 | -------------------------------------------------------------------------------- /templates/ios.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | {% extends "base_top_only.html" %} 4 | {% block content %} 5 | 6 | 7 |
8 |
9 |

需要macOs系统

10 |

iOS应用安全分析需要使用macOS。

11 |
12 | 13 |
14 | {% endblock %} 15 | -------------------------------------------------------------------------------- /templates/java.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base_top_only.html" %} 3 | {% block content %} 4 | 5 | 6 |
7 |
8 |

Java Source

9 |
10 | {% csrf_token %} 11 | Find in files: 12 | 13 | 14 |
15 |
16 | 17 |
18 | 19 |
20 | 21 | 22 | {{ files | safe}} 23 | 24 |
25 |
26 | 27 |
28 | 29 |
30 | {% endblock %} 31 | -------------------------------------------------------------------------------- /templates/not_api.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base_top_only.html" %} 3 | {% block content %} 4 | 5 | 6 |
7 |
8 | 9 | 10 |

No Web Traffic Captured

11 |

API Fuzzer couldn't find any Web Traffic.

12 | 13 | 14 |
15 | 16 |
17 | {% endblock %} 18 | -------------------------------------------------------------------------------- /templates/not_found.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base_top_only.html" %} 3 | {% block content %} 4 | 5 | 6 |
7 |
8 | 9 | 10 |

Scan Not Found

11 |

We couldn't find a scan matching that MD5!

12 | 13 | 14 |
15 | 16 |
17 | {% endblock %} 18 | -------------------------------------------------------------------------------- /templates/recent.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base_top_only.html" %} 3 | {% block content %} 4 | 5 | 6 |
7 |
8 |

历史任务

9 |
10 | 11 |
12 | 13 |
14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | {% for e in entries %} 24 | 25 | 26 | 27 | 28 | 29 | {% endfor %} 30 | 31 |
名称MD5查看报告
{{ e.NAME }}{{ e.MD5 }} 点击查看
32 |
33 | 34 |
35 | 36 |
37 | {% endblock %} 38 | -------------------------------------------------------------------------------- /templates/search.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base_top_only.html" %} 3 | {% block content %} 4 | 5 | 6 |
7 |
8 |

You 've searched for: {{ term }}. Found in {{ found }} files.

9 |
10 |
11 | 12 |
13 | 14 | 15 | 16 | {% for m in matches %} 17 | 18 | 19 | 20 | {% endfor %} 21 | 22 |
{{ m|safe }}
23 |
24 | 25 |
26 | 27 |
28 | {% endblock %} 29 | 30 | 31 | -------------------------------------------------------------------------------- /templates/skelton_base.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | {{ title }} 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 28 | 29 | 30 | 31 | 32 | 56 | 57 |
58 | 59 | {% block content %} 60 | {% endblock %} 61 | 62 |
63 |
64 |
65 |

© Mobile Security Framework 2015. | Ajin Abraham | All Rights Reserved

66 |
67 |
68 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | -------------------------------------------------------------------------------- /templates/smali.html: -------------------------------------------------------------------------------- 1 | {% extends "base_top_only.html" %} 2 | {% block content %} 3 | 4 | 5 |
6 |
7 |

Smali 源码

8 |
9 | {% csrf_token %} 10 | Find in files: 11 | 12 | 13 |
14 |
15 | 16 |
17 | 18 |
19 | 20 | 21 | {{ files | safe}} 22 | 23 |
24 |
25 | 26 |
27 | 28 |
29 | {% endblock %} 30 | -------------------------------------------------------------------------------- /templates/view.html: -------------------------------------------------------------------------------- 1 | {% extends "base_top_only.html" %} 2 | {% block content %} 3 | 4 | 5 | 6 | 7 | 8 | 12 | 13 |
14 | 15 |
16 | 17 | 18 |

{{file}}

19 | 
20 |       {{ dat }}
21 |
22 |
23 | 24 |
25 | {% endblock %} 26 | -------------------------------------------------------------------------------- /templates/view_mani.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | {% extends "base_top_only.html" %} 4 | {% block content %} 5 | 6 | 7 | 8 | 9 | 13 |
14 | 15 |
16 | 17 | 18 |

{{file}}

19 | 
20 |       {{ dat}}
21 |
22 |
23 | 24 |
25 | {% endblock %} 26 | -------------------------------------------------------------------------------- /templates/view_source.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base_top_only.html" %} 3 | {% block content %} 4 | 5 | 6 | 7 | 8 | 12 |
13 | 14 |
15 | 16 | 17 |

{{file}}

18 | 
19 |       {{ dat }}
20 |
21 |
22 | 23 |
24 | {% endblock %} 25 | -------------------------------------------------------------------------------- /templates/web_api_scan.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base.html" %} 3 | {% block content %} 4 | 7 | 8 | 28 | 29 | 30 |
31 | 32 | 33 | 34 |
35 | 36 | 37 | 38 | 42 | 43 | 44 | 45 | 46 | {% for finding_name, value in result.items %} 47 |
48 |

49 | 50 |
51 |
52 | 53 |

{{ finding_name }}

54 |
55 |
56 |
57 | {% for find_dic in result|key:finding_name %} 58 | 59 | Description: {{find_dic|key:"techinfo" | safe}}
60 | URL: {{find_dic|key:"url"}}
61 | Finding: {{find_dic|key:"proof"}}
62 |
63 |
64 | 65 |
66 | 70 |
71 | 72 |
73 | 
 74 | {{find_dic|key:"request"}}
 75 |
76 |
77 | 78 |
79 | 
 80 | {{find_dic|key:"response"}}
 81 |
82 |
83 | 84 | 85 |
86 | 87 |
88 | 89 |
90 | 91 | 92 | 93 | {% endfor %} 94 | 95 |
96 | 97 | 98 |
99 | 100 |
101 |
102 | 103 | 104 | {% endfor %} 105 | 106 | 107 |
108 |
109 | 110 | 111 | {% endblock %} 112 | 113 | 114 | 115 | 116 | -------------------------------------------------------------------------------- /templates/zip.html: -------------------------------------------------------------------------------- 1 | 2 | {% extends "base_top_only.html" %} 3 | {% block content %} 4 | 5 | 6 |
7 | 8 |
9 | 10 |

Zipped Source Code Instruction

11 |

Mobile Security Framework supports iOS and Android (eclipse and Android Studio) project files.

12 | 13 | 14 |

15 | Eclipse Project: The file AndroidManifest.xml and the directory 'src' must exist in the root directory of ZIPPED Source files for eclipse projects. 16 |

17 |

18 | Android Studio Project: AndroidManifest.xml must be located at 'app/src/main/AndroidManifest.xml' and the directory 'app/src/main/java/' must exist for Android Studio projects. 19 |

20 |

21 | iOS Project: For iOS projects, the .xcodeproj file must exist in the root directory of the ZIPPED Source files. 22 |

23 | 24 |
25 | 26 |
27 | {% endblock %} 28 | --------------------------------------------------------------------------------