From 743f4e557fc739df7d63e43bf117bfa03a1b1726 Mon Sep 17 00:00:00 2001
From: "Ajin.Abraham" <ajin.abraham@chime.com>
Date: Fri, 24 Nov 2023 23:55:40 -0800
Subject: [PATCH] Remove app, recent scans report, frida err handling

---
 .../views/ios/corellium_instance.py           | 28 +++++++++
 mobsf/DynamicAnalyzer/views/ios/frida_core.py | 11 ++++
 mobsf/MobSF/urls.py                           |  3 +
 mobsf/MobSF/utils.py                          |  4 +-
 mobsf/MobSF/views/home.py                     | 11 +++-
 .../ios/dynamic_analysis.html                 | 63 ++++++++++++++++++-
 .../dynamic_analysis/ios/dynamic_report.html  | 50 +++++++--------
 mobsf/templates/general/recent.html           |  2 +
 8 files changed, 140 insertions(+), 32 deletions(-)

diff --git a/mobsf/DynamicAnalyzer/views/ios/corellium_instance.py b/mobsf/DynamicAnalyzer/views/ios/corellium_instance.py
index f350250eee..e6bb3003e3 100644
--- a/mobsf/DynamicAnalyzer/views/ios/corellium_instance.py
+++ b/mobsf/DynamicAnalyzer/views/ios/corellium_instance.py
@@ -401,6 +401,34 @@ def run_app(request, api=False):
 # AJAX
 
 
+@require_http_methods(['POST'])
+def remove_app(request, api=False):
+    """Remove an app from the device."""
+    data = {
+        'status': 'failed',
+        'message': 'Failed to uninstall the app'}
+    try:
+        instance_id = request.POST['instance_id']
+        bundle_id = request.POST['bundle_id']
+        failed = common_check(instance_id)
+        if failed:
+            return send_response(failed, api)
+        apikey = getattr(settings, 'CORELLIUM_API_KEY', '')
+        if not strict_package_check(bundle_id):
+            data['message'] = 'Invalid iOS Bundle id'
+            return send_response(data, api)
+        ca = CorelliumAgentAPI(apikey, instance_id)
+        if (ca.agent_ready()
+                and ca.remove_app(bundle_id) == OK):
+            data['status'] = OK
+            data['message'] = 'App uninstalled'
+    except Exception as exp:
+        logger.exception('Failed to uninstall the app')
+        data['message'] = str(exp)
+    return send_response(data, api)
+# AJAX
+
+
 @require_http_methods(['POST'])
 def take_screenshot(request, api=False):
     """Take a Screenshot."""
diff --git a/mobsf/DynamicAnalyzer/views/ios/frida_core.py b/mobsf/DynamicAnalyzer/views/ios/frida_core.py
index 5ebb641ff2..808167099c 100644
--- a/mobsf/DynamicAnalyzer/views/ios/frida_core.py
+++ b/mobsf/DynamicAnalyzer/views/ios/frida_core.py
@@ -167,6 +167,9 @@ def spawn(self):
             try:
                 _DEVICE = frida.get_remote_device()
                 _PID = _DEVICE.spawn([self.bundle_id])
+            except frida.NotSupportedError:
+                logger.exception('Not Supported Error')
+                return
             except frida.ServerNotRunningError:
                 self.frida_ssh_forward()
             if not _PID:
@@ -175,6 +178,9 @@ def spawn(self):
             time.sleep(2)
         except frida.TimedOutError:
             logger.error('Timed out while waiting for device to appear')
+        except frida.NotSupportedError:
+            logger.exception('Not Supported Error')
+            return
         except (frida.ProcessNotFoundError,
                 frida.TransportError,
                 frida.InvalidOperationError):
@@ -203,6 +209,9 @@ def session(self, pid, bundle_id):
                     _PID = _DEVICE.spawn([self.bundle_id])
                 # pid is the forntmost app
                 session = _DEVICE.attach(_PID)
+            except frida.NotSupportedError:
+                logger.exception('Not Supported Error')
+                return
             except Exception:
                 logger.warning('Cannot attach to pid, spawning again')
                 self.spawn()
@@ -218,6 +227,8 @@ def session(self, pid, bundle_id):
                 sys.stdin.read()
                 script.unload()
                 session.detach()
+        except frida.NotSupportedError:
+            logger.exception('Not Supported Error')
         except (frida.ProcessNotFoundError,
                 frida.TransportError,
                 frida.InvalidOperationError):
diff --git a/mobsf/MobSF/urls.py b/mobsf/MobSF/urls.py
index c39a68d86e..862e176590 100755
--- a/mobsf/MobSF/urls.py
+++ b/mobsf/MobSF/urls.py
@@ -235,6 +235,9 @@
         re_path(r'^ios/run_app/$',
                 instance.run_app,
                 name='run_app'),
+        re_path(r'^ios/remove_app/$',
+                instance.remove_app,
+                name='remove_app'),
         re_path(r'^ios/take_screenshot/$',
                 instance.take_screenshot,
                 name='take_screenshot'),
diff --git a/mobsf/MobSF/utils.py b/mobsf/MobSF/utils.py
index 7ed9d5b5b8..c4bc06c97e 100755
--- a/mobsf/MobSF/utils.py
+++ b/mobsf/MobSF/utils.py
@@ -734,12 +734,10 @@ def base64_decode(value):
         if is_base64(value) or value.startswith(commonb64s):
             decoded = base64.b64decode(
                 value).decode('ISO-8859-1')
-            if set(decoded).difference(string.printable):
-                decoded = None
     except Exception:
         pass
     if decoded:
-        return f'{value}\nBase64 Decoded: {decoded}'
+        return f'{value}\n\nBase64 Decoded: {decoded}'
     return value
 
 
diff --git a/mobsf/MobSF/views/home.py b/mobsf/MobSF/views/home.py
index 4aa85e517f..6f071416db 100755
--- a/mobsf/MobSF/views/home.py
+++ b/mobsf/MobSF/views/home.py
@@ -22,6 +22,7 @@
 from mobsf.MobSF.forms import FormUtil, UploadFileForm
 from mobsf.MobSF.utils import (
     api_key,
+    get_md5,
     is_dir_exists,
     is_file_exists,
     is_safe_path,
@@ -236,6 +237,7 @@ def recent_scans(request):
     db_obj = RecentScansDB.objects.all().order_by('-TIMESTAMP').values()
     android = StaticAnalyzerAndroid.objects.all()
     ios = StaticAnalyzerIOS.objects.all()
+    updir = Path(settings.UPLD_DIR)
     icon_mapping = {}
     package_mapping = {}
     for item in android:
@@ -249,8 +251,13 @@ def recent_scans(request):
         else:
             entry['PACKAGE'] = ''
         entry['ICON_PATH'] = icon_mapping.get(entry['MD5'], '')
-        logcat = Path(settings.UPLD_DIR) / entry['MD5'] / 'logcat.txt'
-        entry['DYNAMIC_REPORT_EXISTS'] = logcat.exists()
+        if entry['FILE_NAME'].endswith('.ipa'):
+            entry['BUNDLE_HASH'] = get_md5(
+                entry['PACKAGE_NAME'].encode('utf-8'))
+            report_file = updir / entry['BUNDLE_HASH'] / 'mobsf_dump_file.txt'
+        else:
+            report_file = updir / entry['MD5'] / 'logcat.txt'
+        entry['DYNAMIC_REPORT_EXISTS'] = report_file.exists()
         entries.append(entry)
     context = {
         'title': 'Recent Scans',
diff --git a/mobsf/templates/dynamic_analysis/ios/dynamic_analysis.html b/mobsf/templates/dynamic_analysis/ios/dynamic_analysis.html
index 28ba8ac152..0aa515fd3e 100644
--- a/mobsf/templates/dynamic_analysis/ios/dynamic_analysis.html
+++ b/mobsf/templates/dynamic_analysis/ios/dynamic_analysis.html
@@ -398,8 +398,13 @@ <h4 class="modal-title">Create a Corellium iOS VM</h4>
 
                               var url = `{% url 'dynamic_analyzer_ios'%}?bundleid=${escapeHtml(bundle)}&instance_id=${$('#ios_dynamic').val()}`;
                               $('#in_device > tbody:' + order + '-child').append(
-                                `<tr><td align="center"><img id="app_icon" src="data:image/png;base64,${escapeHtml(iconb64)}"/><br/><strong>${escapeHtml(name)}</strong></td><td>${escapeHtml(bundle)}</td><td>${escapeHtml(type)}</td><td><p><a class="btn btn-success disable" onclick="dynamic_loader()" href="${url}"><i class="fab fa-apple"></i> Start Dynamic Analysis</a> <a class="btn btn-info ${buttonState}" href="../../ios/view_report/${checksum}"><i class="fa fa-mobile"></i> View Report </a></p></td></tr>`);
-                                
+                                `<tr><td align="center">
+                                  <img id="app_icon" src="data:image/png;base64,${escapeHtml(iconb64)}"/><br/>
+                                  <strong>${escapeHtml(name)}</strong></td><td>${escapeHtml(bundle)}</td>
+                                  <td>${escapeHtml(type)}</td>
+                                  <td><p><a class="btn btn-success disable" onclick="dynamic_loader()" href="${url}"><i class="fab fa-apple"></i> Start Dynamic Analysis</a> 
+                                      <a class="btn btn-info ${buttonState}" href="../../ios/view_report/${checksum}"><i class="fa fa-mobile"></i> View Report </a>
+                                      <a class="btn btn-danger" id="${$('#ios_dynamic').val()}" onclick="remove_app(this, '${bundle}')"><i class="fas fa-trash-alt"></i>  Uninstall</a></p></td></tr>`);
                         }
                     }
                     else {
@@ -415,6 +420,60 @@ <h4 class="modal-title">Create a Corellium iOS VM</h4>
                 }
     });
 }
+
+// Remove app from device
+function remove_app(item, bundle_id){
+  Swal.fire({
+      title: 'Are you sure?',
+      text: "This will remove the app from the device",
+      type: 'warning',
+      showCancelButton: true,
+      confirmButtonText: 'Yes',
+      cancelButtonText: 'No',
+      confirmButtonColor: '#d33',
+      cancelButtonColor: '#2da532',
+    }).then((result) => {
+        if (result.value) {
+
+          $.ajax({
+                  url: '{% url 'remove_app' %}',
+                  type : 'POST',
+                  dataType: 'json',
+                      data : {
+                              csrfmiddlewaretoken: '{{ csrf_token }}',
+                              instance_id: item.id,
+                              bundle_id: bundle_id,
+                          },
+                          success : function(json) {
+                              if (json.status==='ok'){
+                                  Swal.fire(
+                                      'Uninstalled!',
+                                      'Application is uninstalled',
+                                      'success'
+                                  ).then(function () {
+                                      location.reload();
+                                  })
+                              }
+                              else {
+                                  Swal.fire(
+                                  'Uninstall Failed',
+                                  'Failed to uninstall the app: ' + json.message,
+                                  'error'
+                                  )
+                              }
+                          },
+                          error : function(xhr,errmsg,err) {
+                              Swal.fire(
+                                  'Uninstall Errored',
+                                  errmsg,
+                                  'error'
+                                  )
+                          }
+            });
+          }
+      });
+}
+
 //Start VM
 function start_vm(item){
       Swal.fire({
diff --git a/mobsf/templates/dynamic_analysis/ios/dynamic_report.html b/mobsf/templates/dynamic_analysis/ios/dynamic_report.html
index 1b89c83281..ce5f8ec7e8 100644
--- a/mobsf/templates/dynamic_analysis/ios/dynamic_report.html
+++ b/mobsf/templates/dynamic_analysis/ios/dynamic_report.html
@@ -66,7 +66,7 @@
           </li>
            <li class="nav-item">
             <a href="#keychain" class="nav-link">
-              <i class="nav-icon fas fa-shapes"></i>
+              <i class="nav-icon fas fa-key"></i>
               <p>
                 Keychain Data
               </p>
@@ -74,7 +74,7 @@
           </li>
           <li class="nav-item">
             <a href="#fileaccess" class="nav-link">
-              <i class="nav-icon fa fa-language"></i>
+              <i class="nav-icon fas fa-file-signature"></i>
               <p>
                 File Access
               </p>
@@ -82,7 +82,7 @@
           </li>
           <li class="nav-item">
             <a href="#appdata" class="nav-link">
-              <i class="nav-icon fas fa-running"></i>
+              <i class="nav-icon fas fa-folder-open"></i>
               <p>
                 App Data Directory
               </p>
@@ -90,7 +90,7 @@
           </li>
           <li class="nav-item">
             <a href="#network" class="nav-link">
-              <i class="nav-icon fas fa-running"></i>
+              <i class="nav-icon fas fa-project-diagram"></i>
               <p>
                 URLs Invoked
               </p>
@@ -98,7 +98,7 @@
           </li>
           <li class="nav-item">
             <a href="#logs" class="nav-link">
-              <i class="nav-icon fas fa-running"></i>
+              <i class="nav-icon fas fa-sticky-note"></i>
               <p>
                 App Logs
               </p>
@@ -106,7 +106,7 @@
           </li>
           <li class="nav-item">
             <a href="#textinput" class="nav-link">
-              <i class="nav-icon fas fa-running"></i>
+              <i class="nav-icon far fa-keyboard"></i>
               <p>
                 Text Inputs
               </p>
@@ -114,7 +114,7 @@
           </li>
           <li class="nav-item">
             <a href="#pasteboard" class="nav-link">
-              <i class="nav-icon fas fa-images"></i>
+              <i class="nav-icon fas fa-clipboard-list"></i>
               <p>
                 Pasteboard
               </p>
@@ -123,7 +123,7 @@
 
           <li class="nav-item">
             <a href="#cookies" class="nav-link">
-              <i class="nav-icon fas fa-running"></i>
+              <i class="nav-icon fas fa-cookie"></i>
               <p>
                 App Cookies
               </p>
@@ -131,7 +131,7 @@
           </li>
           <li class="nav-item">
             <a href="#crypto" class="nav-link">
-              <i class="nav-icon fas fa-running"></i>
+              <i class="nav-icon fas fa-lock"></i>
               <p>
                 Crypto Operations
               </p>
@@ -139,7 +139,7 @@
           </li>
           <li class="nav-item">
             <a href="#credentials" class="nav-link">
-              <i class="nav-icon fas fa-running"></i>
+              <i class="nav-icon fas fa-asterisk"></i>
               <p>
                 Credential Storage
               </p>
@@ -147,7 +147,7 @@
           </li>
           <li class="nav-item">
             <a href="#sql" class="nav-link">
-              <i class="nav-icon fas fa-running"></i>
+              <i class="nav-icon fas fa-database"></i>
               <p>
                 SQLite Queries
               </p>
@@ -155,7 +155,7 @@
           </li>
           <li class="nav-item">
             <a href="#screenshots" class="nav-link">
-              <i class="nav-icon fas fa-running"></i>
+              <i class="nav-icon fas fa-images"></i>
               <p>
                 Screenshots
               </p>
@@ -315,7 +315,7 @@ <h5 class="card-title"></h5>
         <div class="card">
           <div class="card-body">
              <p>
-             <strong><i class="fas fa-user-secret"></i> USERDEFAULTS DATA</strong>
+             <strong><i class="fas fa-shapes"></i> USERDEFAULTS DATA</strong>
              </p>
               <div class="table-responsive">
               {% if userdefaults %}
@@ -333,7 +333,7 @@ <h5 class="card-title"></h5>
                     {{k}}
                   </td>
                   <td>
-                    {{v}}
+                    {{v | base64_decode }}
                   </td>
                 </tr>
                 {% endfor %}
@@ -358,7 +358,7 @@ <h5 class="card-title"></h5>
          <div class="card">
            <div class="card-body">
               <p>
-              <strong><i class="fas fa-user-secret"></i> KEYCHAIN DATA</strong>
+              <strong><i class="fas fa-key"></i> KEYCHAIN DATA</strong>
               </p>
                <div class="table-responsive">
                {% if keychain %}
@@ -428,7 +428,7 @@ <h5 class="card-title"></h5>
         <div class="card">
           <div class="card-body">
              <p>
-             <strong><i class="fas fa-user-secret"></i> FILE ACCESS</strong>
+             <strong><i class="fas fa-file-signature"></i> FILE ACCESS</strong>
              </p>
               <div class="table-responsive">
               {% if files %}
@@ -468,7 +468,7 @@ <h5 class="card-title"></h5>
         <div class="card">
           <div class="card-body">
              <p>
-             <strong><i class="fas fa-user-secret"></i> APP DATA DIRECTORY</strong>
+             <strong><i class="fas fa-folder-open"></i> APP DATA DIRECTORY</strong>
              </p>
               <div class="table-responsive">
               {% if datadir %}
@@ -511,7 +511,7 @@ <h5 class="card-title"></h5>
          <div class="card">
            <div class="card-body">
               <p>
-              <strong><i class="fas fa-user-secret"></i> URLS INVOKED</strong>
+              <strong><i class="fas fa-project-diagram"></i> URLS INVOKED</strong>
               </p>
                <div class="table-responsive">
                {% if network %}
@@ -554,7 +554,7 @@ <h5 class="card-title"></h5>
         <div class="card">
           <div class="card-body">
              <p>
-             <strong><i class="fas fa-user-secret"></i> APP LOGS</strong>
+             <strong><i class="fas fa-sticky-note"></i> APP LOGS</strong>
              </p>
               <div class="table-responsive">
               {% if logs %}
@@ -592,7 +592,7 @@ <h5 class="card-title"></h5>
         <div class="card">
           <div class="card-body">
              <p>
-             <strong><i class="fas fa-user-secret"></i> TEXT INPUTS</strong>
+             <strong><i class="far fa-keyboard"></i> TEXT INPUTS</strong>
              </p>
               <div class="table-responsive">
               {% if textinputs %}
@@ -631,7 +631,7 @@ <h5 class="card-title"></h5>
         <div class="card">
           <div class="card-body">
              <p>
-             <strong><i class="fas fa-user-secret"></i> PASTEBOARD</strong>
+             <strong><i class="fas fa-clipboard-list"></i> PASTEBOARD</strong>
              </p>
               <div class="table-responsive">
               {% if pasteboard %}
@@ -670,7 +670,7 @@ <h5 class="card-title"></h5>
          <div class="card">
            <div class="card-body">
               <p>
-              <strong><i class="fas fa-user-secret"></i> APP COOKIES</strong>
+              <strong><i class="fas fa-cookie"></i> APP COOKIES</strong>
               </p>
                <div class="table-responsive">
                {% if cookies %}
@@ -738,7 +738,7 @@ <h5 class="card-title"></h5>
         <div class="card">
           <div class="card-body">
              <p>
-             <strong><i class="fas fa-user-secret"></i> CRYPTO OPERATIONS</strong>
+             <strong><i class="fas fa-lock"></i> CRYPTO OPERATIONS</strong>
              </p>
               <div class="table-responsive">
               {% if crypto %}
@@ -781,7 +781,7 @@ <h5 class="card-title"></h5>
           <div class="card">
             <div class="card-body">
                <p>
-               <strong><i class="fas fa-user-secret"></i> CREDENTIAL STORAGE</strong>
+               <strong><i class="fas fa-asterisk"></i> CREDENTIAL STORAGE</strong>
                </p>
                 <div class="table-responsive">
                 {% if credentials %}
@@ -840,7 +840,7 @@ <h5 class="card-title"></h5>
         <div class="card">
           <div class="card-body">
              <p>
-             <strong><i class="fas fa-user-secret"></i> SQLITE QUERIES</strong>
+             <strong><i class="fas fa-database"></i> SQLITE QUERIES</strong>
              </p>
               <div class="table-responsive">
               {% if sql %}
diff --git a/mobsf/templates/general/recent.html b/mobsf/templates/general/recent.html
index b48e34e8e3..c85900e6b8 100644
--- a/mobsf/templates/general/recent.html
+++ b/mobsf/templates/general/recent.html
@@ -70,6 +70,8 @@ <h3 class="box-title"><i class="fa fa-rocket"></i> Recent Scans</h3>
                                   <p><a class="btn btn-primary btn-sm" href="../{{ e.ANALYZER }}/{{e.MD5}}/"><i class="fas fa-eye"></i> Static Report</a>
                                   {% if '.apk' == e.FILE_NAME|slice:"-4:" or '.xapk' == e.FILE_NAME|slice:"-5:" or '.apks' == e.FILE_NAME|slice:"-5:"%}
                                     <a  class="btn btn-success btn-sm {% if not e.DYNAMIC_REPORT_EXISTS %}disabled{% endif %}" href="{% url "dynamic_report" checksum=e.MD5 %}"><i class="fa fa-mobile"></i> Dynamic Report</a>
+                                  {% elif '.ipa' == e.FILE_NAME|slice:"-4:" %}
+                                    <a  class="btn btn-success btn-sm {% if not e.DYNAMIC_REPORT_EXISTS %}disabled{% endif %}" href="{% url "ios_view_report" checksum=e.BUNDLE_HASH %}"><i class="fa fa-mobile"></i> Dynamic Report</a>
                                   {% endif %}
                                   </p>
                                 {% else %}