-
Notifications
You must be signed in to change notification settings - Fork 57
/
Copy pathGuasApp_Forensic.py
678 lines (632 loc) · 25.4 KB
/
GuasApp_Forensic.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
#!/usr/bin/env python
#-*- coding:utf-8 -*-
'''
Copyright (C) 2018 QuantiKa14 Servicios Integrales S.L
'''
#********************************************
#TEAM QUANTIKA14
#AUTHOR: JORGE CORONADO A.K.A @JORGEWEBSEC
#AUTHOR: RAMON BAJONA
#DESCRIPTION: APP FOR WHATSAPP FORENSIC
#DATE: 10-05-2018
#VERSION: 1.1
#********************************************
import parser_db, whatsapp_log_forensic, modules.functions, whatsapp_db, check_root, hashdeep, modules.config, modules.dependencies
from Tkinter import *
import os, time, socket, requests
from time import sleep
from distutils.version import LooseVersion
licencia=""
rute= ""
inten=False
menu=True
report=False
list_dbs=list()
info_root=list()
whatsapp_log=list()
label_root=False
root_posibility=None
popup_a=False
debugging=False
first_add=True
if os.name == 'nt':
modules.config.adb_comm=modules.config.adb_w
width_w = 72
width_e = 63
else:
modules.config.adb_comm=modules.config.adb_l
width_w = 61
width_e = 53
def enviar_licencia(licenci, root):
global licencia
global inten
inten = True
licencia = "true"
root.destroy()
print "[INFO][>] Licencia GNU V.3. Recuerde que siempre podrá contribuir con la causa aportando mejoras a la aplicación desde el repositorio de GITHUB."
print "[INFO][>] ----------------------------------> WWWW.QUANTIKA14.COM/GUASAP-FORENSIC"
def info_root_f(root, pop_wait):
global info_root
global label_root
global root_posibility
global popup_a
mensaje_deb = Label(pop_wait, text="Comprobando dispositivo...")
mensaje_deb.place(x=20,y=60)
pop_wait.update()
info_root,roote=check_root.check_root(pop_wait)
root_posibility=roote
popup_a=True
reloadd(root)
def popup():
global info_root
global label_root
global root_posibility
pop_root = Toplevel()
imgicon = PhotoImage(file=os.path.join("images",'ico.gif'))
pop_root.tk.call('wm', 'iconphoto', pop_root._w, imgicon)
pop_root.title("Comprobar root")
pop_root.configure(width=450, height=450)
pop_root.resizable(width=False, height=False)
if info_root[0]=="Root Device":
imagen = PhotoImage(file="images/SI-ROOT.PPM")
widget = Label(pop_root, image=imagen)
widget.image = imagen
widget.place(x=20,y=20)
elif info_root[0]=="No root device":
imagen = PhotoImage(file="images/NO-ROOT.PPM")
widget = Label(pop_root, image=imagen)
widget.image = imagen
widget.place(x=20,y=20)
elif info_root[0]=="No adb installed":
mensaje = Label(pop_root, text="No se ha detectado adb por favor reintente despues de instalar")
mensaje.place(x=40,y=40)
mensaje.configure(foreground="red")
elif info_root[0]=="No debugging actve":
mensaje = Label(pop_root, text="No se han detectado permisos de depuración usb,\n por favor revise el telefono")
mensaje.place(x=40,y=40)
mensaje.configure(foreground="red")
else:
mensaje = Label(pop_root, text="Ningún dispositivo conectado")
mensaje.place(x=40,y=40)
mensaje.configure(foreground="red")
label_root = True
add_report(info_root, 0)
def whatsapp_deb(root, option):
if option != 2:
pop_wait = Toplevel()
icon = PhotoImage(file=os.path.join("images",'ico.gif'))
pop_wait.tk.call('wm', 'iconphoto', pop_wait._w, icon)
pop_wait.title("Información WhatsApp Forensic")
pop_wait.configure(width=500, height=220)
pop_wait.resizable(width=False, height=False)
mensaje = Label(pop_wait, text="Espere mientras se realiza el proceso")
mensaje.place(x=20,y=40)
pop_wait.update()
en,out,err=os.popen3(modules.config.adb_comm+" shell ls data")
err = err.read()
#WIN LIN
if "device unauthorized" in err:
os.popen(modules.config.adb_comm+" kill-server")
os.popen(modules.config.adb_comm+" start-server")
print "Please connect your Android device with USB Debugging enabled:"
mensaje_deb = Label(pop_wait, text="Por favor, conecte el modo depuración en la pantalla de su dispositivo")
mensaje_deb.place(x=20,y=60)
pop_wait.update()
os.popen(modules.config.adb_comm+" wait-for-device")
mensaje_deb.destroy()
#WIN LIN
elif "error: device" in err:
print "No such device, please check the conection and restart app"
mensaje_deb = Label(pop_wait, text="No se encuentra ningun dispositivo, por favor,")
mensaje_deb.place(x=20,y=60)
mensaje_deb2 = Label(pop_wait, text="compruebe la conexion y prueba de nuevo")
mensaje_deb2.place(x=20,y=80)
pop_wait.update()
time.sleep(1)
option = 0
#LIN WIN
elif "sh: 1: adb:" in err or "no se reconoce como un comando" in err:
print "adb not installed, please install and restart app "
mensaje_deb = Label(pop_wait, text="Adb no se encuentra en el ordenador, por favor,")
mensaje_deb.place(x=20,y=60)
mensaje_deb2 = Label(pop_wait, text="instala adb y prueba de nuevo")
mensaje_deb2.place(x=20,y=80)
pop_wait.update()
time.sleep(1)
option = 0
if option == 1:
info_root_f(root, pop_wait)
elif option == 2:
whatsapp_root(root)
elif option == 3:
whatsapp_mm(root, pop_wait)
elif option == 4:
whatsapp_db_f(root, pop_wait)
elif option == 5:
whatsapp_db_root(root, pop_wait)
elif option == 6:
whatsapp_log_f(root, pop_wait)
elif option == 0:
reloadd(root)
def whatsapp_root(root):
option , version, marca = check_data()
pop_roote = Toplevel()
pop_roote.title("Information to Root device")
pop_roote.configure(width=445, height=220)
imgicon = PhotoImage(file=os.path.join("images",'ico.gif'))
pop_roote.tk.call('wm', 'iconphoto', pop_roote._w, imgicon)
pop_roote.resizable(width=False, height=False)
mensaje = Label(pop_roote, text="Version: "+version)
mensaje.place(x=20,y=40)
mensaje.configure(foreground="green")
mensaje_2 = Label(pop_roote, text="Mobile brand: "+marca)
mensaje_2.place(x=20,y=60)
mensaje_2.configure(foreground="blue")
mensaje_3 = Label(pop_roote, text="App recommended to root: "+option["app"])
mensaje_3.place(x=20,y=80)
mensaje_3.configure(foreground="brown")
if len(option["observaciones"]) > 60 and len(option["observaciones"]) < 150:
mensaje_4 = Label(pop_roote, text="OBSERVATIONS:\n"+option["observaciones"][:65])
mensaje_4.place(x=20,y=100)
mensaje_4.configure(foreground="red")
mensaje_5 = Label(pop_roote, text=option["observaciones"][65:130])
mensaje_5.place(x=20,y=140)
mensaje_5.configure(foreground="red")
mensaje_6 = Label(pop_roote, text=option["observaciones"][130:])
mensaje_6.place(x=20,y=140)
mensaje_6.configure(foreground="red")
elif len(option["observaciones"]) > 150 and len(option["observaciones"]) < 200:
mensaje_4 = Label(pop_roote, text="OBSERVATIONS:\n"+option["observaciones"][:65])
mensaje_4.place(x=20,y=100)
mensaje_4.configure(foreground="red")
mensaje_5 = Label(pop_roote, text=option["observaciones"][65:130])
mensaje_5.place(x=20,y=140)
mensaje_5.configure(foreground="red")
mensaje_6 = Label(pop_roote, text=option["observaciones"][130:195])
mensaje_6.place(x=20,y=160)
mensaje_6.configure(foreground="red")
mensaje_6 = Label(pop_roote, text=option["observaciones"][195:])
mensaje_6.place(x=20,y=160)
mensaje_6.configure(foreground="red")
else:
mensaje_4 = Label(pop_roote, text="OBSERVATIONS:\n"+option["observaciones"])
mensaje_4.place(x=20,y=100)
mensaje_4.configure(foreground="red")
def check_how_root(android_v, marca):
perfect_option="none"
other_option="none"
pvm = LooseVersion(android_v)
for dicts in modules.config.dicts_root:
try:
if dicts["version"]=="all":
pvd = LooseVersion("20.20.20")
else:
pvd = LooseVersion(dicts["version"])
except:
pvd = LooseVersion("20.20.20")
if dicts["marca"]==marca and (pvd==pvm or pvd<pvm):
perfect_option=dicts
if dicts["marca"]=="all" and (pvd==pvm or pvd<pvm):
other_option=dicts
if perfect_option != "none":
return perfect_option
elif other_option != "none":
return other_option
def check_data():
command=modules.config.adb_comm+" shell getprop ro.build.version.release"
command2=modules.config.adb_comm+" shell getprop ro.product.manufacturer"
en,android_v,err = os.popen3(command)
android_v=android_v.read()
en,marca,err = os.popen3(command2)
marca=marca.read()
if android_v!="" and android_v!="\r\n":
option = check_how_root(android_v, marca)
return option , android_v, marca
else:
print "Version not found on device"
def whatsapp_mm(root, pop_wait):
mensaje_deb = Label(pop_wait, text="Extrayendo archivos multimedia...")
mensaje_deb.place(x=20,y=60)
pop_wait.update()
md5_cloned,md5_original=hashdeep.extract_mm(pop_wait)
add_report((md5_cloned,md5_original),6)
label_root=True
reloadd(root)
def whatsapp_log_f(root, pop_wait):
global whatsapp_log
global label_root
mensaje_deb = Label(pop_wait, text="Extrayendo/analizando logs...")
mensaje_deb.place(x=20,y=60)
pop_wait.update()
whatsapp_log=whatsapp_log_forensic.extract_log(pop_wait)
add_report(info_root, 1)
label_root = True
reloadd(root)
def whatsapp_db_f(root, pop_wait):
global list_dbs
global label_root
mensaje_deb = Label(pop_wait, text="Extrayendo base de datos cifrada...")
mensaje_deb.place(x=20,y=60)
pop_wait.update()
list_dbs=whatsapp_db.extract_db(pop_wait)
add_report(list_dbs, 2)
label_root = True
reloadd(root)
def whatsapp_db_root(root, pop_wait):
global list_dbs
global label_root
# Begin comments for offline development (using db files from another device (require one for root checker)):
mensaje_deb = Label(pop_wait, text="Extrayendo base de datos descifrada...")
mensaje_deb.place(x=20,y=60)
pop_wait.update()
list_dbs,rows=whatsapp_db.extract_db_root(pop_wait)
# end "for offline development"
# Adding last Trello tasks
mensaje_num = Label(pop_wait, text="Obteniendo estadísticas de mensajes...")
mensaje_num.place(x=20,y=100)
pop_wait.update()
total_messages, byConversation_messages, groups_members = whatsapp_db.count_messages(pop_wait)
removed_id = whatsapp_db.detect_breakID(total_messages)
msg_analytics = []
# Appending the msg analytics of each extraction for in a future will be able
# to do a comparison among Whatsapp backup DBs and create knowledge from the
# differences between these
msg_analytics.append([[total_messages], [byConversation_messages], [removed_id], [groups_members]])
add_report(msg_analytics, 5)
# end Trello tasks
# Begin comments for message analytics report while the final workflow is under construction:
# add_report(rows, 5)
# end "for message analytics"
label_root = True
reloadd(root)
def add_report(data, option):
global info_root
global list_dbs
global whatsapp_log
global rute
global first_add
text_final=""
if first_add:
text_final+= modules.config.css
text_final+="<h1>Guasap Forensic Report</h1><h2>QK14</h2>"
first_add=False
#Extrae la version de Android
command = modules.config.adb_comm+" shell getprop ro.build.version.release"
command2=modules.config.adb_comm+" shell getprop ro.product.manufacturer"
#Ejecuta los comandos para extraer version
en,android_v,err = os.popen3(command)
en,marca,err = os.popen3(command2)
android_v=android_v.read()
marca=marca.read()
if android_v!="" and android_v!="\r\n":
if option == 0:
text_final+="<p class='cabecera'><b>Root check</b></p>"
elif option == 1:
text_final+="<p class='cabecera'><b>Log information</b></p>"
elif option == 2:
text_final+="<p class='cabecera'><b>Encrypt DB check</b></p>"
elif option == 5:
text_final+="<p class='cabecera'><b>Decrypt DB check</b></p>"
elif option == 6:
text_final+="<p class='cabecera'><b>Extracted media</b></p>"
t = time.strftime('%A %B, %d %Y %H:%M:%S')
#Crea en el informe fecha y hora de Android
text_final+="<h3> Date of system: "+ str(t)+"</h3>"
#Obtiene la fecha y hora
command = modules.config.adb_comm+" shell date"
en,time_device,err = os.popen3(command)
time_device=time_device.read()
if ":" not in time_device:
text_final+="Device Not found \n\n"
else:
text_final+="<h3> Date of device: "+ str(time_device)+"</h3>"
text_final+="<p class='aversion'><b>Android version</b>: "+android_v+"</p>"
text_final+="<p><b>Mobile brand</b>: "+marca+"</p>"
else:
text_final+="<p class='cabecera'>Device Information</p><br>"
text_final+="<p class='aversion'>Android version: Not found</p>"
if option == 0:
text_final+="""<p class='rootinfo'>"""
divo=True
for i in range(len(info_root)):
if i == 0:
if info_root[i]=="Root Device":
text_final+= "<b>Root Device</b>: Yes</p><br>"
else:
text_final+= "<b>Root Device</b>: No</p><br>"
else:
if divo:
text_final+="<div>"+"Root files: "+info_root[i]["file"]+", "+"Directory: "+info_root[i]["directory"]+", App used to root:"+info_root[i]["App"]+"<br>"
divo=False
else:
text_final+= "Root files: "+info_root[i]["file"]+", "+"Directory: "+info_root[i]["directory"]+", App used to root:"+info_root[i]["App"]+"<br>"
text_final+="</div>"
commandd = modules.config.adb_comm+" shell pm list packages -f"
en,packages,err = os.popen3(commandd)
packages=packages.read()
packages = packages.split("\n")
text_final+="</p>"
text_final+="<p class='subcabecera'>Installed packages:</p>"
text_final+="<p>"+packages[0]+"</p>"
text_final+="<p>"+packages[1]+"</p>"
text_final+="<p>"+packages[2]+"</p>"
text_final+="<div id='list'>"
for i in range(3,len(packages)):
text_final+="<p>"+packages[i]+"</p>"
text_final+="</div>"
text_final+='<a id="boton_" href="#" onclick="javascript:listar();return false">Show all</a>'
elif option == 1:
clase_list=0
if whatsapp_log!=None:
for log in whatsapp_log:
text_final += "<p class='hash'><br>------------------------"+"<br>"
text_final += "------- <b>Cloned</b> ------"+"<br>"
text_final+="MD5 [>] "+str(log["hash_clonado"].split(" ")[0])+"<br>"
text_final+="Path [>] "+str(log["hash_clonado"].split(" ")[2])+"<br>"
text_final+="--------<b>Original</b>-------"+"<br>"
text_final+="MD5 [>] "+str(log["hash_origen"].split(" ")[0])+"<br>"
text_final+="Path [>] "+str(log["hash_origen"].split(" ")[2])+"<br>"
text_final+="NAME LOG [>] "+log["log"]+"</p><br>"
text_final+='<a id="boton_log_info_'+str(clase_list)+'" class="botonlog" href="#" onclick="javascript:listar_log_'+str(clase_list)+'();return false">Show analytics</a>'
text_final+="<div id='log_info_"+str(clase_list)+"' style='display:none'>"
if log.has_key('deleted_msg'):
msg_deleted=log["deleted_msg"]
text_final+="<p>Deleted messages on log:<br>"
for msg in msg_deleted:
text_final+=msg+"<br>"
text_final+="</p>"
if log.has_key('dates_backup'):
dates_backup=log["dates_backup"]
text_final+="<p>Dates of backups:<br>"
for date in dates_backup:
text_final+="DB backup on date: "+date+"<br>"
text_final+="</p>"
if log.has_key('cons'):
cons=log["cons"]
text_final+="<p>Dates of connect: <br>"
for con in cons:
first=con["first_change"]
sec=con["second_change"]
text_final+="Date: "+con["time"]+"<br>"
text_final+="Action: "+first["state"]+" | Name: "+first["name"]+"<br>"
text_final+="Action: "+sec["state"]+" | Name: "+sec["name"]+"<br>"
text_final+="</p>"
if log.has_key("group_w"):
groups = log["group_w"]
text_final+="<p>Groups: \n"
for group in groups:
text_final+="Name: "+group["subject"]+", Owner: "+group["subject_owner"]+", Subject time: "+group["subject_time"]+"<br>"
text_final+="Num creator: "+group["creator"]+", Date creation: "+group["date_creation"]+", Subject time: "+group["subject_time"]+"<br>"
for user in group["users"]:
text_final+="Num de usuario del grupo: "+user+"<br>"
text_final+="</p>"
text_final+="</div>"
text_final+="""<script>
function listar_log_"""+str(clase_list)+"""(){
if ($('#log_info_"""+str(clase_list)+"""').css("display")=="none"){
$('#log_info_"""+str(clase_list)+"""').show();
$(boton_log_info_"""+str(clase_list)+""").text('Hide analytics');
}
else{
$('#log_info_"""+str(clase_list)+"""').hide();
$(boton_log_info_"""+str(clase_list)+""").text('Show analytics');
}
};</script>"""
clase_list+=1
else:
text_final+= "WhatsApp Forensic doesn´t found WhatsApp"
elif option == 2:
i=0
divo=False
for dbs in list_dbs:
if dbs["name"]!=None and dbs["name"]!="None" and "open ls" not in dbs["name"]:
if i == 3:
text_final+="<div id='list_dbs'>"
divo=True
db_v = dbs["name"].split(".")
db_v = db_v[len(db_v)-1]
text_final += "<p class='aversion'><b> Encrypt DB version</b>: "+db_v+"</p>"
text_final += "<p class='hash'>------------------------"+"<br>"
text_final += "------- <b>Cloned</b> ------"+"<br>"
text_final+="MD5 [>] "+str(dbs["hash_d"].split(" ")[0])+"<br>"
text_final+="Path [>] "+str(dbs["hash_d"].split(" ")[2])+"<br>"
text_final+="--------<b>Original</b>-------"+"<br>"
text_final+="MD5 [>] "+str(dbs["hash_o"].split(" ")[0])+"<br>"
text_final+="Path [>] "+str(dbs["hash_o"].split(" ")[2])+"<br>"
i+=1
else:
text_final += "<p> DataBase don´t found </p>"
if divo:
text_final+="</div>"
text_final+='<a id="boton_dbs" href="#" onclick="javascript:listar_dbs();return false">Show all</a>'
elif option == 5:
i=0
divo=False
for dbs in list_dbs:
if dbs["name"]!=None and dbs["name"]!="None" and "open ls" not in dbs["name"]:
if i == 2:
text_final+="<div id='list_dbs_root'>"
divo=True
db_v = dbs["name"].split(".")
db_v = db_v[len(db_v)-1]
text_final += "<p class='aversion'><b>Type DataBase</b>: "+db_v+"\n"
text_final += "<p class='hash'>------------------------"+"<br>"
text_final += "------- <b>Cloned</b> ------"+"<br>"
text_final+="MD5 [>] "+str(dbs["hash_d"].split(" ")[0])+"<br>"
text_final+="Path [>] "+str(dbs["hash_d"].split(" ")[2])+"<br>"
text_final+="--------<b>Original</b>-------"+"<br>"
text_final+="MD5 [>] "+str(dbs["hash_o"].split(" ")[0])+"<br>"
text_final+="Path [>] "+str(dbs["hash_o"].split(" ")[2])+"<br>"
i+=1
else:
text_final += "<p>DataBase don´t found</p>"
if divo:
text_final+="</div>"
text_final+='<a id="boton_dbs_root" href="#" onclick="javascript:listar_dbs_root();return false">Show all</a>'
#text_final += "<p class='subcabecera'>Deleted Messages</p>"
# for row in data:
# text_final += """<p class='messages'>"""+row.replace("Numero de telefono de whatsapp borrado", "WhatsApp phone number deleted").replace("\nTimestamp","; Timestamp")+"<br>"
# text_final+="</p>"
# Adding message analytics:
# TODO: Create a new window that can offer interaction to select or order messages by
# groups, users, dates, etc. and show message analysis customized by users.
text_final += "<p class='subcabecera'>Messages Analytics</p>"
for elem in data:
text_final+="<b>Total messages: </b>"+str(elem[0][0])+"<br>"
text_final+="<b>Messages by conversations: </b>"+"<br>"
for conv, msg_num in elem[1][0].items():
text_final+=conv+": "+str(msg_num)+"<br>"
text_final+="<b>Groups members: </b><br>"
for group, members in elem[3][0].items():
text_final+=group+" Members: "
for member in members:
text_final+=" "+member+"<br>"
text_final+="<b>Deleted messages: </b>"+str(elem[2][0])+"<br>"
elif option == 6:
md5_cloned=data[0]
md5_original=data[1]
text_final+= "<p class='aversion'><b>Number of Media files</b> [>] "+str(len(md5_original))+"</p>"
text_final+= "<p class='hash'><br>"
for i in range(len(md5_cloned)):
for has in md5_original:
if has[1] == md5_cloned[i][1]:
text_final+="------------------------"+"<br>"
text_final+="------- <b>Cloned</b> ------"+"<br>"
text_final+="MD5 [>] "+str(md5_cloned[i][1])+"<br>"
text_final+="Path [>] "+str(md5_cloned[i][0])+"<br>"
text_final+="--------<b>Original</b>-------"+"<br>"
text_final+="MD5 [>] "+str(has[1])+"<br>"
text_final+="Path [>] "+str(has[0])+"<br>"
if i == 2:
text_final+="<div id='list_media'><p class='hash'>"
out=i
if out>2:
text_final+="</p></div>"
text_final+='<a id="boton_media" href="#" onclick="javascript:listar_media();return false">Show all</a>'
f = open (rute,'a')
f.write(text_final)
f.close()
def create_report_f(t):
global rute
t = t.split(",")[1].replace(" ","_").replace(":","_")
rute = 'Reports_Guasap_Forensic/Report_guasap_forensic'+t+'.html'
f = open (rute,'w')
f.write("\n")
f.close()
return t
def reloadd(root):
root.destroy()
# root.update()
def on_closing(root):
d = Dialog_exit(root)
def Dialog_exit(parent):
top = Toplevel(parent)
parent = parent
imgicon = PhotoImage(file=os.path.join("images",'ico.gif'))
top.tk.call('wm', 'iconphoto', top._w, imgicon)
top.title("Salir")
Label(top, text="¿Está seguro?").grid(row=0, column=0, columnspan=2)
button1 = Button(top, text="Si, salir de la app", command= lambda: out(top,parent))
button2 = Button(top, text="No.", command= lambda: icon(top, parent))
button1.grid(row=1, column=0, padx=5, pady=5)
button2.grid(row=1, column=1, padx=5, pady=5)
def out(top,parent):
global menu
menu=False
top.destroy()
parent.destroy()
def icon(top,parent):
top.destroy()
if __name__ == '__main__':
print modules.config.banner
print "*********************************************************************************"
print "/////////////////////////////////////////////////////////////////////////////////"
print "*********************************************************************************"
print "-- APP NAME: GUASAP FORENSIC --"
print "-- Description: WhatsApp Forensic App --"
print "-- Created by QuantiKa14 Team --"
print "-- Licencia GNU V.3 Quantika14 Servicios Integrales S.L. --"
print "-- Authors: Jorge Coronado A.K.A @JorgeWebsec / Ramon Bajona --"
print "-- Date: 10-05-2018 | 19/12/2018 --"
print "-- Email contact: info@quantika14.com --"
print "*********************************************************************************"
print "|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||"
print "*********************************************************************************"
t=time.strftime('%A %B, %d %Y %H:%M:%S')
create_report_f(t)
#Comprobamos que las dependencias están instaladas
modules.dependencies.check_dependencies()
while(menu):
root = Tk()
root.configure(width=600, height=550)
root.resizable(width=False, height=False)
imgicon = PhotoImage(file=os.path.join("images",'ico.gif'))
root.tk.call('wm', 'iconphoto', root._w, imgicon)
imagen = PhotoImage(file="images/logika14-2.PPM")
widget = Label(root, image=imagen)
widget.image = imagen
widget.place(x=40,y=10)
imagen2 = PhotoImage(file="images/logika14-1.PPM")
widget2 = Label(root, image=imagen2)
widget2.image = imagen2
widget2.place(x=40,y=500)
root.title("Guasap Forensic version GNU V.3")
w = Label(root, text="Introduzca número de licencia:")
w.place(x=40,y=80)
e = Entry(root, width=width_e, state=NORMAL)
e.place(x=40,y=95)
button = Button(root, text='Enviar', command= lambda: enviar_licencia(e.get(), root), height=1)
button.place(x=495, y=90)
if root_posibility == None:
button_root = Button(root, text="CHECK indicios de ROOT", width=width_w, state=DISABLED, command=lambda: whatsapp_deb(root, 1))
button_root.place(x=40, y=150)
if licencia:
button_root.config(state = NORMAL)
button_roote = Button(root, text="Rootear dispositivo", width=width_w, state=DISABLED, command=lambda: whatsapp_deb(root, 2))
button_roote.place(x=40, y=200)
button_mm = Button(root, text="Extracción de Whatsapp multimedia", width=width_w, state=DISABLED, command=lambda: whatsapp_deb(root, 3))
button_mm.place(x=40, y=250)
button_dbc = Button(root, text="Extracción de Data Base cifrada", width=width_w, state=DISABLED, command=lambda: whatsapp_deb(root, 4))
button_dbc.place(x=40, y=300)
button_db = Button(root, text="Extracción/Análisis de DB (root)", width=width_w, state=DISABLED, command=lambda: whatsapp_deb(root, 5))
button_db.place(x=40, y=350)
button_log = Button(root, text="Extracción/Análisis de Whatsapp Log (root)", width=width_w, state=DISABLED, command=lambda: whatsapp_deb(root, 6))
button_log.place(x=40, y=400)
info = Label(root, text="Informe:")
info.place(x=35,y=450)
rute_la = Label(root, text=rute)
rute_la.place(x=90,y=450)
if root_posibility == True:
button_root = Button(root, text="Comprobar rooteo en el dispositivo (Dispositivo rooteado)", width=width_w, command=lambda: whatsapp_deb(root, 1))
button_root.place(x=40, y=150)
button_root.config(foreground="green")
button_log.config(state = NORMAL)
button_db.config(state = NORMAL)
elif root_posibility == False:
button_root = Button(root, text="Comprobar rooteo en el dispositivo (Dispositivo no rooteado)", width=width_w, command=lambda: whatsapp_deb(root, 1))
button_root.place(x=40, y=150)
button_root.config(foreground="red")
button_log.config(state = DISABLED)
button_db.config(state = DISABLED)
if inten:
if licencia:
button_roote.config(state = NORMAL)
button_mm.config(state = NORMAL)
button_dbc.config(state = NORMAL)
e.config(state = DISABLED)
a = Label(root, text="Licencia validada correctamente")
a.config(foreground="#75507b")
a.place(x=40,y=115)
else:
a = Label(root, text="Licencia no valida")
a.place(x=40,y=115)
if popup_a:
popup()
popup_a=False
if label_root==True:
label_Root = Label(root, text="Trabajo finalizado.")
label_Root.config(foreground="red")
label_Root.place(x=250,y=430)
label_root==False
root.protocol("WM_DELETE_WINDOW", lambda:on_closing(root))
root.mainloop()