fics / bigmac Goto Github PK

File "process.py", line 14, in
from security_policy import ASPCodec, AndroidSecurityPolicy
File "/home/kevin/gits/BigMAC/security_policy.py", line 18, in
from android.file_contexts import convert_file_contexts
File "/home/kevin/gits/BigMAC/android/file_contexts.py", line 4, in
from folder import sefcontext_parser as sefparse

** Fix is too modify imported folder name from: sefcontext-parser to sefcontext_parser**

Current problem, haven't found a way to fix but:
Traceback (most recent call last):
File "./process.py", line 14, in
from security_policy import ASPCodec, AndroidSecurityPolicy
File "/home/kevin/gits/BigMAC/security_policy.py", line 18, in
from android.file_contexts import convert_file_contexts
File "/home/kevin/gits/BigMAC/android/file_contexts.py", line 4, in
from stats import *
File "/home/kevin/gits/BigMAC/stats.py", line 14, in
from security_policy import ASPCodec, AndroidSecurityPolicy
ImportError: cannot import name 'ASPCodec'

** Going into terminal in BigMac folder and using python manually importing causes same error. All files have been checked and exists.

Hi there!

First of all, this framework seems pretty awesome! I'm working on a project to automate the analysis of Android firmware and I would like to integrate parts of your framework into my tool. However, I have some questions:

• Under what Licence is your framework? I couldn't find any licence file in this repository
• Do you think your framework would run within a docker container? If so I would like to build one

Kind Regards

Tom

I have been tweaking this script for days now. The lz4 decompress seems to decompress a weird way files into other file paths which causes issues with multiple directories found or cd'ing into a empty directory looking for the files? No idea what's going on have tried fix after fix and just reverted back to your stock script. Here's the failure without any changes:

sudo ./android-extract.sh "/media/kevin/Seagate/Samsung Firmware/Galaxy S10+ (SM-G975U) Sprint/AP_G975USQS3CTA3_CL17369568_QB28697944_REV00_user_low_ship_MULTI_CERT_meta_OS10.tar.md5" samsung 1 1
DEPPATH: /home/kevin/gits/BigMAC/tools/atsh_setup
Android Firmware Extraction tool:

Developed by researchers from the Florida Institute for Cybersecurity Research (FICS Research)
Check out our webpage: https://atcommands.org

DEPPATH -> /home/kevin/gits/BigMAC/tools/atsh_setup
WARN : some images may require alternative steps for extraction, in which case you should supply
an additional argument (1). currently applies to:
password protected Samsung (.zip) image files from firmwarefile.com
Continuing after defaulting to 0!

ALERT: Now initiating extraction process
samsung
ALERT: Cleaning up temporary files from prior run (if any).
umount: /home/kevin/atsh_tmp1/mnt*: no mount point specified.
Output will be available in: extract/samsung/AP_G975USQS3CTA3_CL17369568_QB28697944_REV00_user_low_ship_MULTI_CERT_meta_OS10.tar
unziping the image...
handling Samsung images...
Current working directory: /home/kevin/gits/BigMAC/tools/extract/samsung/AP_G975USQS3CTA3_CL17369568_QB28697944_REV00_user_low_ship_MULTI_CERT_meta_OS10.tar/extract_sub
unarchiving each zip inside...
attempting to untar *
find: ‘*’: No such file or directory

cp: target '/home/kevin/gits/BigMAC/tools/extract/samsung/AP_G975USQS3CTA3_CL17369568_QB28697944_REV00_user_low_ship_MULTI_CERT_meta_OS10.tar/extract.usb' is not a directory
summarizing...

This is my ouptut of script after i modified making it decompress each lz4 file before trying to unpack. It does almost everything including mounting sparse system.img and supposedly unpacks but does not process anything or extract any policies though:
https://pastebin.com/3rrhVNz9

It seems that the extraction process isn't completely working on newer Samsung ROMs. Trying to extract an S10 firmware - G973U1UES4ETI1_G973U1OYM4ETI1_ACG seems to complete, but then process.py has a number of failures like failing to find vendor_file_contexts, and sepolicy (precompiled_sepolicy in this case), although both files are present in the ROM when I extract it.

I went through and manually copied in the missing files, however it eventually fails as it cannot determine the parent of system_server.

as both precompiled_policy, and vendor_file_contexts are in vendor.img, the issue might lie somewhere in the parsing of the vendor partition.

I've attached the extract files which end up in policy/samsung/ after the extract stage, and here's a gdrive link to the actual firmware: https://drive.google.com/file/d/1PgNpZEfBAjuT7wPeB_T8AknJ9tJDLHfT/view?usp=sharing

G973U1UES4ETI1_G973U1OYM4ETI1_ACG_extract.zip

Using samples in Eval doesn't seem to work unless there's a part missing of actual method to extract firmware, its policies, etc.

`./process.py --vendor aosp eval/policy/aosp/sailfish-pq2a.190205.003-factory-164a7269/ --load --prolog
BigMAC Android Policy Processor
by Grant Hernandez (https://hernan.de/z)

ERROR: Policy directory does not exist or is not readable

`
Also have tried to extract policies with extract.py but throws errors on sefcontext_parser (which is imported and was confirmed being importable) Any help would be great, would love to check out this tool but have not been able to get it to work for 3 days after many code changes back/forth. Help!!!?
Telegram anything? LMK

Getting the following error while trying to make selinux, attached screenshot. The errors are due to different gcc versions; need to make changes so that these errors can be avoided. Currently using docker to run previous version of ubuntu and running the tool there.

/usr/bin/ld: ../cil/src/cil_verify.lo:(.bss+0x4f8): multiple definition of `cil_mem_error_handler'; ../cil/src/cil.lo:(.bss+0x4f8): first defined here
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:51: libsepol.so.1] Error 1
make[2]: Leaving directory '/home/vamsi/BigMAC/sefcontext-parser/selinux/libsepol/src'
make[1]: *** [Makefile:6: all] Error 2
![Screenshot from 2023-09-17 21-39-44](https://github.com/FICS/BigMAC/assets/28599904/c927cd66-f5dc-48b6-a23e-4e4bf6d47211)

make[1]: Leaving directory '/home/vamsi/BigMAC/sefcontext-parser/selinux/libsepol'
make: *** [Makefile:19: all] Error 1