-
Notifications
You must be signed in to change notification settings - Fork 0
/
mobsf_automator.py
66 lines (59 loc) · 2.13 KB
/
mobsf_automator.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#!/usr/bin/env python
import pycurl, json, glob
from io import BytesIO
'''
Script to automate MobSF's API operations. This code currently accepts no arguments.
All malware files (.APK extension) must be put inside the same directory as the code itself.
The user has the option to not delete scans. This allows him to further check results
on the web interface.
'''
# Building the Base URL.
base = input("Type the full URL of MobSF, including port. (No trailing slash): ").strip()
base += "/api/v1/"
key = input("Type the current API key: ").strip()
delete = input("DELETE the scans? Only y or Y will be considered a positive answer: ").strip()
delete = delete.upper()
# Operations to make with the API
operations = ["upload", "scan", "download_pdf"]
if delete == "Y":
operations.append("delete_scan")
# Listing .API files located in the same directory.
files = sorted(glob.glob("*.apk"))
total_files = len(files)
position = 1
print()
for file in files:
print("Processing file %d of %d..." % (position, total_files))
for operation in operations:
buffer = BytesIO()
url = base + operation
c = pycurl.Curl()
c.setopt(c.URL, url)
c.setopt(c.POST, 1)
c.setopt(pycurl.HTTPHEADER, ['Authorization:' + key])
c.setopt(c.WRITEDATA, buffer)
print("Running %s of %s file..." % (operation, file))
if operation == "upload":
c.setopt(c.HTTPPOST, [("file", (c.FORM_FILE, file))])
c.perform()
body = buffer.getvalue()
result = json.loads(body.decode('iso-8859-1'))
code = result["hash"]
elif operation == "scan":
c.setopt(c.POSTFIELDS, "scan_type=apk&file_name=" + file + "&hash=" + code)
c.perform()
elif operation == "download_pdf":
file_pdf = file.replace("apk", "pdf")
c.setopt(c.POSTFIELDS, "hash=" + code + "&scan_type=apk")
c.perform()
body = buffer.getvalue()
f = open(file_pdf, "wb")
f.write(body)
f.close()
elif operation == "delete_scan":
c.setopt(c.POSTFIELDS, "hash=" + code)
c.perform()
c.close()
print("------------------------------------------------------------------")
position += 1
print("End of Processing.")