Skip to content

Auto Drozer a tool designed to automate the usage of Drozer with a custom commands.yml file

Notifications You must be signed in to change notification settings

0xbinder/AutoDrozer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Auto Drozer

Auto Drozer is a tool designed to automate the usage of Drozer using a commands.yml file to define the commands to be run. It returns a html file that can be viewed on a browser and also a json file.

Usage

Usage: python main.py <commands.yml> <output.json> <package_name>

Example

python main.py ../commands.yml results.json io.hextree.attacksurface1
    ___         __           ____                            
   /   | __  __/ /_____     / __ \_________  ____  ___  _____
  / /| |/ / / / __/ __ \   / / / / ___/ __ \/_  / / _ \/ ___/
 / ___ / /_/ / /_/ /_/ /  / /_/ / /  / /_/ / / /_/  __/ /    
/_/  |_\__,_/\__/\____/  /_____/_/   \____/ /___/\___/_/     
                                                             

[ + ] [INFO] Executing: Package Information
[ + ] [INFO] Running command: run app.package.info -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Attack Surface Analysis
[ + ] [INFO] Running command: run app.package.attacksurface io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Package Backup
[ + ] [INFO] Running command: run app.package.backup -f io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Activity Information
[ + ] [INFO] Running command: run app.activity.info -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Detailed Activity Information with Intent and URI
[ + ] [INFO] Running command: run app.activity.info -i -u -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Broadcast Information with Intent and URI
[ + ] [INFO] Running command: run app.broadcast.info -i -u -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Native Library Information
[ + ] [INFO] Running command: run app.package.native io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Content Provider Information with URI Access
[ + ] [INFO] Running command: run app.provider.info -u -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Find Content Provider URIs
[ + ] [INFO] Running command: run app.provider.finduri io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Service Information with Intent and URI
[ + ] [INFO] Running command: run app.service.info -i -u -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Native Code Scanner
[ + ] [INFO] Running command: run scanner.misc.native -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Readable Files in Data Directory
[ + ] [INFO] Running command: run scanner.misc.readablefiles /data/data/io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Duplicate Readable Files Check in Data Directory
[ + ] [INFO] Running command: run scanner.misc.readablefiles /data/data/io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Find URIs for Accessible Content Providers
[ + ] [INFO] Running command: run scanner.provider.finduris -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: SQL Tables in Content Providers
[ + ] [INFO] Running command: run scanner.provider.sqltables -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ + ] [INFO] Executing: Directory Traversal in Content Providers
[ + ] [INFO] Running command: run scanner.provider.traversal -a io.hextree.attacksurface1
[ ✔ ] [SUCCESS] Command executed successfully.
[ ✔ ] [SUCCESS] Results saved to results.json
[ ✔ ] [SUCCESS] HTML file created: results.html

Installation

Clone the repository and navigate to the project directory:

git clone https://github.com/yourusername/auto-drozer.git
cd auto-drozer

Install the requirements

pip install -r requirements.txt

Custom rules

You can define your own custom commands to run in commands.yml. Just add a title and a drozer commands as follows

- title: "Package Information"
  command: "run app.package.info -a {package}"
- title: "Custom title"
  command: "Custom command"

About

Auto Drozer a tool designed to automate the usage of Drozer with a custom commands.yml file

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages