fics / bigmac Goto Github PK
View Code? Open in Web Editor NEWBigMAC: Analysis tool to introspect and query Android security policies.
License: BSD 3-Clause "New" or "Revised" License
BigMAC: Analysis tool to introspect and query Android security policies.
License: BSD 3-Clause "New" or "Revised" License
File "process.py", line 14, in
from security_policy import ASPCodec, AndroidSecurityPolicy
File "/home/kevin/gits/BigMAC/security_policy.py", line 18, in
from android.file_contexts import convert_file_contexts
File "/home/kevin/gits/BigMAC/android/file_contexts.py", line 4, in
from folder import sefcontext_parser as sefparse
** Fix is too modify imported folder name from: sefcontext-parser to sefcontext_parser**
Current problem, haven't found a way to fix but:
Traceback (most recent call last):
File "./process.py", line 14, in
from security_policy import ASPCodec, AndroidSecurityPolicy
File "/home/kevin/gits/BigMAC/security_policy.py", line 18, in
from android.file_contexts import convert_file_contexts
File "/home/kevin/gits/BigMAC/android/file_contexts.py", line 4, in
from stats import *
File "/home/kevin/gits/BigMAC/stats.py", line 14, in
from security_policy import ASPCodec, AndroidSecurityPolicy
ImportError: cannot import name 'ASPCodec'
** Going into terminal in BigMac folder and using python manually importing causes same error. All files have been checked and exists.
Hi there!
First of all, this framework seems pretty awesome! I'm working on a project to automate the analysis of Android firmware and I would like to integrate parts of your framework into my tool. However, I have some questions:
Kind Regards
Tom
I have been tweaking this script for days now. The lz4 decompress seems to decompress a weird way files into other file paths which causes issues with multiple directories found or cd'ing into a empty directory looking for the files? No idea what's going on have tried fix after fix and just reverted back to your stock script. Here's the failure without any changes:
Developed by researchers from the Florida Institute for Cybersecurity Research (FICS Research)
Check out our webpage: https://atcommands.org
DEPPATH -> /home/kevin/gits/BigMAC/tools/atsh_setup
WARN : some images may require alternative steps for extraction, in which case you should supply
an additional argument (1). currently applies to:
password protected Samsung (.zip) image files from firmwarefile.com
Continuing after defaulting to 0!
cp: target '/home/kevin/gits/BigMAC/tools/extract/samsung/AP_G975USQS3CTA3_CL17369568_QB28697944_REV00_user_low_ship_MULTI_CERT_meta_OS10.tar/extract.usb' is not a directory
summarizing...
This is my ouptut of script after i modified making it decompress each lz4 file before trying to unpack. It does almost everything including mounting sparse system.img and supposedly unpacks but does not process anything or extract any policies though:
https://pastebin.com/3rrhVNz9
It seems that the extraction process isn't completely working on newer Samsung ROMs. Trying to extract an S10 firmware - G973U1UES4ETI1_G973U1OYM4ETI1_ACG seems to complete, but then process.py has a number of failures like failing to find vendor_file_contexts, and sepolicy (precompiled_sepolicy in this case), although both files are present in the ROM when I extract it.
I went through and manually copied in the missing files, however it eventually fails as it cannot determine the parent of system_server.
as both precompiled_policy, and vendor_file_contexts are in vendor.img, the issue might lie somewhere in the parsing of the vendor partition.
I've attached the extract files which end up in policy/samsung/ after the extract stage, and here's a gdrive link to the actual firmware: https://drive.google.com/file/d/1PgNpZEfBAjuT7wPeB_T8AknJ9tJDLHfT/view?usp=sharing
Using samples in Eval doesn't seem to work unless there's a part missing of actual method to extract firmware, its policies, etc.
`./process.py --vendor aosp eval/policy/aosp/sailfish-pq2a.190205.003-factory-164a7269/ --load --prolog
BigMAC Android Policy Processor
by Grant Hernandez (https://hernan.de/z)
ERROR: Policy directory does not exist or is not readable
`
Also have tried to extract policies with extract.py but throws errors on sefcontext_parser (which is imported and was confirmed being importable) Any help would be great, would love to check out this tool but have not been able to get it to work for 3 days after many code changes back/forth. Help!!!?
Telegram anything? LMK
Getting the following error while trying to make selinux, attached screenshot. The errors are due to different gcc versions; need to make changes so that these errors can be avoided. Currently using docker to run previous version of ubuntu and running the tool there.
/usr/bin/ld: ../cil/src/cil_verify.lo:(.bss+0x4f8): multiple definition of `cil_mem_error_handler'; ../cil/src/cil.lo:(.bss+0x4f8): first defined here
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:51: libsepol.so.1] Error 1
make[2]: Leaving directory '/home/vamsi/BigMAC/sefcontext-parser/selinux/libsepol/src'
make[1]: *** [Makefile:6: all] Error 2
![Screenshot from 2023-09-17 21-39-44](https://github.com/FICS/BigMAC/assets/28599904/c927cd66-f5dc-48b6-a23e-4e4bf6d47211)
make[1]: Leaving directory '/home/vamsi/BigMAC/sefcontext-parser/selinux/libsepol'
make: *** [Makefile:19: all] Error 1
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.