-
-
Notifications
You must be signed in to change notification settings - Fork 563
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: Extract Android backups, yield devices instead of just echoing #80
Conversation
mirobo/extract_tokens.py
Outdated
|
||
for dev in devices: | ||
if dev.ip or dump_all: | ||
click.echo("%s\n\tModel: %s\n\tIP address: %s\n\tToken: %s\n\tMAC: %s" % (dev.name, dev.model, dev.ip, dev.token, dev.mac)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line too long (135 > 79 characters)
mirobo/extract_tokens.py
Outdated
try: | ||
db = tar.extractfile(DBFILE) | ||
except KeyError as ex: | ||
click.echo("Unable to extract the device database file %s: %s" % (DBFILE, ex)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line too long (94 > 79 characters)
mirobo/extract_tokens.py
Outdated
else: | ||
click.echo("Error, unknown database type!") | ||
|
||
|
||
@click.command() | ||
@click.argument('backup') | ||
@click.option('--write-to-disk', type=click.File('wb'), help='writes sqlite3 db to a file for debugging') | ||
@click.option('--password', type=str, help='password if the android database is encrypted') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line too long (91 > 79 characters)
mirobo/extract_tokens.py
Outdated
self.db.seek(0) # go to the beginning | ||
click.echo("Saving db to %s" % fp) | ||
fp.write(self.db.read()) | ||
config = DeviceConfig(name=name, ip=ip, mac=mac, model=model, token=token) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line too long (86 > 79 characters)
if ip or self.dump_all: | ||
click.echo("%s\n\tModel: %s\n\tIP address: %s\n\tToken: %s\n\tMAC: %s" % (name, model, ip, token, mac)) | ||
|
||
config = DeviceConfig(name=name, mac=mac, ip=ip, model=model, token=token) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line too long (86 > 79 characters)
mirobo/extract_tokens.py
Outdated
@@ -4,11 +4,19 @@ | |||
import sqlite3 | |||
from Crypto.Cipher import AES | |||
from pprint import pformat as pf | |||
import attr | |||
|
|||
@attr.s |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
expected 2 blank lines, found 1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is one of the lint errors I would like to see fixed.
mirobo/extract_tokens.py
Outdated
@@ -4,11 +4,19 @@ | |||
import sqlite3 | |||
from Crypto.Cipher import AES | |||
from pprint import pformat as pf | |||
import attr | |||
|
|||
@attr.s |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is one of the lint errors I would like to see fixed.
mirobo/extract_tokens.py
Outdated
|
||
def read_tokens(self, db): | ||
self.db = db | ||
print("reading database from %s" % db) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
print vs. click.echo
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changed to use logger.
mirobo/extract_tokens.py
Outdated
"""Reads device information out from an sqlite3 DB. | ||
If the given file is a .tar file, the file will be extracted | ||
and the database automatically located (out of Android backups). | ||
If the given file is an .ab file, it will be extracted |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the given file is an Android backup (*.ab) the database will be extracted automatically.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, I also added a note about iOS DBs, but I hope this extraction part will be just a temporary solution and that the DB code can be used for configuration handling for the unified cli tool.
try: | ||
db = tar.extractfile(DBFILE) | ||
except KeyError as ex: | ||
click.echo("Unable to extract the database file %s: %s" % (DBFILE, ex)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line too long (87 > 79 characters)
I think this is safe to be merged. Hound being hound and all with its too narrow line length limits, still waiting to see if the android-backup-tools author will give it a go, or if there is a need to find another solution/make a fork :-) |
|
||
if self.encryption == EncryptionType.AES256: | ||
if password is None: | ||
raise Exception("Password need to be provided to extract encrypted archives") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line too long (93 > 79 characters)
binascii.b2a_hex(master_salt).upper() + b"\n" + \ | ||
str(rounds).encode() + b"\n" + \ | ||
binascii.b2a_hex(user_iv).upper() + b"\n" + \ | ||
binascii.b2a_hex(master_enc).upper() + b"\n" + enc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
continuation line over-indented for visual indent
enc = binascii.b2a_hex(user_salt).upper() + b"\n" + \ | ||
binascii.b2a_hex(master_salt).upper() + b"\n" + \ | ||
str(rounds).encode() + b"\n" + \ | ||
binascii.b2a_hex(user_iv).upper() + b"\n" + \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
continuation line over-indented for visual indent
|
||
enc = binascii.b2a_hex(user_salt).upper() + b"\n" + \ | ||
binascii.b2a_hex(master_salt).upper() + b"\n" + \ | ||
str(rounds).encode() + b"\n" + \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
continuation line over-indented for visual indent
master_enc = cipher.encrypt(master_dec) | ||
|
||
enc = binascii.b2a_hex(user_salt).upper() + b"\n" + \ | ||
binascii.b2a_hex(master_salt).upper() + b"\n" + \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
continuation line over-indented for visual indent
user_key = PBKDF2(password, | ||
user_salt, dkLen=256//8, count=rounds) | ||
|
||
master_dec = b"\x10" + master_iv + b"\x20" + master_key + b"\x20" + master_ck |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line too long (85 > 79 characters)
This moves the functionality towards automatic config generation out of backups. The extraction depends on code which is not available in pypi, and requires some changes to be useful for us: bluec0re/android-backup-tools#1
…ll changes based on code review
9574fcf
to
341e709
Compare
Forked the modified version from the android-backup-tools, ignoring the style problems for now. |
Instead of requiring using Android backup extractor tool, this PR makes it possible to pass an Android backup (and a password if used) for the token extraction.
This moves the functionality towards automatic config generation out of backups.
The extraction depends on code which is not available in pypi, and requires some
changes to be useful for us: bluec0re/android-backup-tools#1
This is a WIP PR, let's hope the author of android-backup-tools agrees with the changes & inclusion to the pypi.
To test it out: