idb 1.3.1

data/lib/lib/device_ca_interface.rb

@@ -0,0 +1,36 @@
+require_relative 'ca_interface'
+
+module Idb
+  class DeviceCAInterface < CAInterface
+
+    def initialize device
+      @device = device
+      @device_store_path = "/private/var/Keychains/TrustStore.sqlite3"
+      base_path = "#{$tmp_path}/device"
+      FileUtils.mkdir_p base_path
+      @db_path = "#{base_path}/TrustStore.sqlite3"
+
+
+    end
+
+
+    def get_certs
+      @device.ops.download @device_store_path, @db_path
+      super
+    end
+
+    def remove_cert cert
+      FileUtils.copy_file @db_path, "#{@db_path}-#{Time.now.to_s}"
+      super cert
+      @device.ops.upload @db_path, @device_store_path
+    end
+
+    def add_cert cert_file
+      FileUtils.copy_file @db_path, "#{@db_path}-#{Time.now.to_s}"
+      super cert_file
+      @device.ops.upload @db_path, @device_store_path
+    end
+
+
+  end
+end

data/lib/lib/host_file_wrapper.rb

@@ -0,0 +1,27 @@
+module Idb
+  class HostFileWrapper
+
+    def initialize
+      @cache_path = "#{$tmp_path}/device/hosts"
+    end
+
+    def content
+      FileUtils.mkpath "#{$tmp_path}/device" unless File.directory? "#{$tmp_path}/device"
+      $device.ops.download "/etc/hosts", @cache_path
+      begin
+        File.open(@cache_path,"r").read
+      rescue
+
+      end
+    end
+
+    def save text
+      # upload
+      File.open(@cache_path,"w") { |f|
+        f.puts text
+      }
+      $device.ops.upload(@cache_path, "/etc/hosts")
+
+    end
+  end
+end

data/lib/lib/i_device_diagnostics_wrapper.rb

@@ -0,0 +1,90 @@
+require 'ffi'
+
+module IMobileDevice
+  extend FFI::Library
+
+  ffi_lib 'libimobiledevice'
+  IDeviceEventType = enum(
+      :idevice_device_added, 1,
+      :idevice_device_remove
+  )
+
+  class IDeviceEventT < FFI::Struct
+    layout :event, IDeviceEventType,
+           :udid, :string,
+           :conn_type, :int
+  end
+
+  ConnectionType = enum(
+      :connection_usbmuxd,  1
+  )
+
+  class IDevicePrivate < FFI::Struct
+    layout :udid, :string,
+           :conn_type, ConnectionType,
+           :conn_data, :pointer
+  end
+
+
+
+  attach_function :idevice_get_device_list, [:pointer, :pointer], :int
+  attach_function :idevice_event_subscribe, [:pointer, :pointer], :int
+  attach_function :idevice_new, [:pointer, :string], :int
+#  attach_function :syslog_relay_client_start_service, [IDevicePrivate, :pointer, :string], :int
+#  attach_function :syslog_relay_start_capture, [:pointer, :pointer, :pointer],  :int
+#  attach_function :syslog_relay_client_free, [:pointer], :int
+
+  def self.startLogging
+    ret = idevice_new(IDevicePrivate, @udid)
+    if ret != 0
+      puts "ERROR"
+    end
+
+
+
+
+  end
+  def self.stopLogging
+    puts "stopstopstop"
+
+  end
+
+#  DeviceEvn :device, [:pointer, :long, :uint8], :void
+
+  DeviceEventCB = FFI::Function.new(:void, [:pointer, :pointer]) do |event, userdata|
+    # cast event to struct
+    event_t = IDeviceEventT.new event
+    if event_t[:event] == :idevice_device_added
+      if @syslog.nil? or @syslog == false
+        if @udid.nil? or @udid == false
+          @udid = event_t[:udid]
+        end
+
+        if @udid == event_t[:udid]
+          #TODO error checking
+          puts "[*] Start Logging"
+          IMobileDevice.startLogging
+        end
+      end
+    elsif avent_t[:event] == :idevice_device_remove
+      if not @syslog.nil? and @udid == event_t[:udid]
+        puts "[*] Disconnected"
+      end
+    end
+  end
+end
+
+devices = FFI::MemoryPointer.new :pointer
+num = FFI::MemoryPointer.new :int
+x = IMobileDevice.idevice_get_device_list(devices, num)
+device =  devices.read_pointer.get_array_of_string(0,num.read_int).first
+puts "Device #{device}"
+IMobileDevice.idevice_event_subscribe(IMobileDevice::DeviceEventCB, nil)
+
+
+
+while true
+
+end
+
+

data/lib/lib/keychain_plist_parser.rb

@@ -0,0 +1,15 @@
+# encoding: utf-8
+require 'nokogiri'
+require 'plist4r'
+require 'awesome_print'
+
+module Idb
+  class KeychainPlistParser
+    attr_accessor :entries
+
+    def initialize plist_path
+      $log.info 'Parsing keychain plist file..'
+      @entries = Plist4r.open(plist_path)["Array"]
+    end
+  end
+end

data/lib/lib/local_operations.rb

@@ -0,0 +1,67 @@
+module Idb
+  class LocalOperations
+
+
+    def file? path
+      File.file? path
+    end
+
+
+    def download a, b
+      FileUtils.copy_file(a,b)
+      return true
+    end
+
+
+    def directory? path
+     File.directory? path
+    end
+
+    def mtime path
+      File.mtime path
+    end
+
+    def open path
+      begin
+        Launchy.open path
+        return true
+      rescue Exception => e
+        $log.error "Could not open file #{path}: #{e.message}"
+        $log.error e.backtrace
+        return false
+      end
+    end
+
+    def list_dir path
+      Dir.entries path
+    end
+
+    def list_dir_full path
+      Dir.entries path
+    end
+
+    def dir_glob path, pattern
+      full_path = "#{path}/#{pattern}"
+      Dir.glob(full_path)
+    end
+
+    def file_exists? file
+      File.exists? file
+    end
+
+    def execute cmd
+      `#{cmd}`
+    end
+
+    def execute_fork cmd
+      (pid = fork) ? Process.detach(pid) : exec(cmd)
+    end
+
+    def launch_app command, app
+      $log.info "Executing #{command} #{app}"
+      self.execute_fork("#{command} \"#{app}\"")
+    end
+
+
+  end
+end

data/lib/lib/otool_wrapper.rb

@@ -0,0 +1,116 @@
+require 'awesome_print'
+
+module Idb
+  class OtoolWrapper
+    attr_accessor :load_commands, :shared_libraries, :pie, :arc, :canaries
+
+    def initialize binary
+      @otool_path = "/usr/bin/otool"
+      unless File.exist? @otool_path.to_s
+        $log.error "otool not available. Some functions will not work properly."
+        error = Qt::MessageBox.new
+        error.setInformativeText("This feature requires  otool to be installed on the host running idb. This is the default on OS X but it may not be available for other platforms.")
+        error.setIcon(Qt::MessageBox::Critical)
+        error.exec
+        @otool_path = nil
+
+        return
+      end
+
+      @binary = binary
+      parse_load_commands
+      parse_shared_libraries
+      parse_header
+      process_symbol_table
+    end
+
+
+    private
+    def parse_shared_libraries
+      if @otool_path.nil?
+        @shared_libraries = Array.new
+        @shared_libraries << "Error; otool not available"
+        return
+      end
+      @raw_shared_libraries_output = `#{@otool_path} -L '#{@binary}'`
+      lines = @raw_shared_libraries_output.split("\n")
+      @shared_libraries = lines[1,lines.size].map{ |x| x.strip} unless lines.nil?
+    end
+
+    def process_symbol_table
+      if @otool_path.nil?
+        @canaries = "Error"
+        @arc = "Error"
+        return
+      end
+      symbols = `#{@otool_path} -I -v '#{@binary}'`
+      if symbols.include? "stack_chk_fail" or symbols.include? "stack_chk_guard"
+        @canaries = true
+      else
+        @canaries = false
+      end
+
+      if symbols.include? "_objc_release"
+        @arc = true
+      else
+        @arc = false
+      end
+    end
+
+
+
+
+    def parse_header
+      if @otool_path.nil?
+        @pie = "Error"
+        return
+      end
+      pie_flag = 0x00200000
+      @raw_load_output = `#{@otool_path} -h '#{@binary}'`
+
+      # fourth row contains values. then split them up.
+      vals = @raw_load_output.split("\n")[3].split(" ")
+
+      #7th field contains the flags
+      flags = vals[7].to_i(16)
+
+      if flags & pie_flag == pie_flag
+        @pie = true
+      else
+        @pie = false
+      end
+
+
+    end
+
+    def parse_load_commands
+      if @otool_path.nil?
+        @load_commands = nil
+        return
+      end
+      @raw_load_output = `#{@otool_path} -l '#{@binary}'`
+      delim = "Load command"
+      regex_cmd = /Load command (\d+)/
+      regex_parse_key_vals = /\s*(cmd|cryptid)\s(.+)/
+
+      @load_commands = Hash.new
+
+      @raw_load_output.split("\n").each {|line|
+
+        if match = regex_cmd.match(line)
+          @load_commands[@cmd] = @command unless @cmd.nil?
+          @cmd = match[1]
+          @command = Hash.new
+        end
+
+        if match = regex_parse_key_vals.match(line)
+          @command[match[1]] = match[2]
+        end
+      }
+    end
+
+
+
+
+  end
+end

data/lib/lib/plist_util.rb

@@ -0,0 +1,72 @@
+require 'plist4r'
+require 'rbconfig'
+require 'nokogiri'
+require 'coderay'
+
+module Idb
+  class PlistUtil
+
+    attr_accessor :schemas, :binary_name, :bundle_identifier, :plist_data, :plist_file
+
+    def initialize(plist_file)
+      @plist_file = plist_file
+
+      @plutil = Pathname.new("/usr/bin/plutil")
+      if(!@plutil.exist?)
+        raise "plutil not found at #{@plutil}. aborting."
+      end
+
+      parse_plist_file
+    end
+
+    def parse_info_plist
+      extract_binary_name
+      extract_url_handlers
+    end
+
+    def dump
+      doc = Nokogiri::XML(File.open(@plist_file)) do |config|
+        config.nonet.noblanks
+      end
+        puts CodeRay.scan(doc.to_xml(:indent => 2), :xml).terminal
+    end
+
+    private
+    def parse_plist_file
+      $log.info 'Parsing plist file..'
+
+      # Make sure plist file is in xml and not binary
+      if RbConfig::CONFIG['host_os'] =~ /linux/
+        `#{@plutil.realpath}  -i "#{@plist_file}" -o "#{@plist_file}"`
+      else
+        `#{@plutil.realpath} -convert xml1 "#{@plist_file}"`
+      end
+
+  #    @plist_data = Plist::parse_xml(@plist_file)
+      @plist_data = Plist4r.open @plist_file
+    end
+
+    def extract_url_handlers
+      @schemas = Array.new
+
+      if @plist_data['CFBundleURLTypes'] != nil
+        for type in @plist_data['CFBundleURLTypes']
+          if !type.nil? and !type['CFBundleURLSchemes'].nil?
+            @schemas += type['CFBundleURLSchemes']
+          else
+            @schemas += ['None']
+          end
+        end
+      end
+    end
+
+    def extract_binary_name
+      @binary_name = @plist_data['CFBundleExecutable']
+      @bundle_identifier =  @plist_data['CFBundleIdentifier']
+    end
+
+
+
+
+  end
+end

data/lib/lib/qt_thread_fix.rb

@@ -0,0 +1,29 @@
+require 'thread'
+
+module Idb
+  class QtThreadFix < Qt::Object
+      slots 'ruby_thread_timeout()'
+      @@ruby_thread_queue  = Queue.new
+
+      def initialize
+        super()
+        # Enable threading
+        @ruby_thread_sleep_period = 0.01
+        @ruby_thread_timer = Qt::Timer.new(self)
+        connect(@ruby_thread_timer, SIGNAL('timeout()'), SLOT('ruby_thread_timeout()'))
+        @ruby_thread_timer.method_missing(:start, 0)
+      end
+
+      def ruby_thread_timeout
+        unless @@ruby_thread_queue.empty?
+          proc_to_call = @@ruby_thread_queue.pop
+          proc_to_call.call
+        end
+        sleep(@ruby_thread_sleep_period)
+      end
+
+      def self.ruby_thread_queue
+        @@ruby_thread_queue
+      end
+  end
+end