iotsploit-exploits 0.0.6__tar.gz

iotsploit_exploits-0.0.6/PKG-INFO

@@ -0,0 +1,65 @@
+Metadata-Version: 2.3
+Name: iotsploit-exploits
+Version: 0.0.6
+Summary: Official IoTSploit exploit plugin package
+License: GPL-3.0-or-later
+Author: IoTSploit Team
+Author-email: support@iotsploit.org
+Requires-Python: >=3.10,<4.0
+Classifier: License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Requires-Dist: facedancer (>=3.0.6,<4.0)
+Requires-Dist: iotsploit-core (>=0.0.6,<0.0.7)
+Requires-Dist: iotsploit-django (>=0.0.6,<0.0.7)
+Requires-Dist: pwntools (>=4.12)
+Requires-Dist: pyserial (>=3.5)
+Requires-Dist: scapy (>=2.5)
+Description-Content-Type: text/markdown
+
+# iotsploit-exploits
+
+Official IoTSploit exploit plugin package. Contains all built-in exploit/security testing plugins.
+
+## Included Plugins
+
+| Plugin | Module | Description |
+|--------|--------|-------------|
+| Flood Attack | `iotsploit_exploits.flood_attack` | Network flood attack |
+| SYN Flood | `iotsploit_exploits.flood_attack` | TCP SYN flood attack |
+| WiFi Scan | `iotsploit_exploits.wifi_scan` | WiFi network scanner |
+| IP Scan | `iotsploit_exploits.ip_scan` | IP network scanner |
+| Nmap Scan | `iotsploit_exploits.nmap_scan` | Nmap-based scanner |
+| ADB Check | `iotsploit_exploits.adb_check` | Android Debug Bridge security check |
+| Hydra SSH | `iotsploit_exploits.hydra_ssh_attack` | Hydra SSH attack |
+| SSH Plugin | `iotsploit_exploits.plugin_ssh` | SSH connection plugin |
+| Serial Reader | `iotsploit_exploits.serial` | Picocom serial reader |
+| GreatFET Echo | `iotsploit_exploits.greatfet_echo` | FTDI echo emulation |
+| Rubber Duck | `iotsploit_exploits.greatfet_rubber_duck` | USB rubber duck attack |
+| Simple Rubber Duck | `iotsploit_exploits.simple_rubber_duck` | Simplified rubber duck |
+| Async Sleep | `iotsploit_exploits.demo` | Demo async plugin |
+| Stream Data | `iotsploit_exploits.demo` | Demo streaming plugin |
+
+## System Tool Dependencies
+
+Some plugins require system-level tools (not installable via pip):
+
+- **nmap_scan**: Requires `nmap` (`apt install nmap`)
+- **hydra_ssh_attack**: Requires `hydra` (`apt install hydra`)
+- **adb_check**: Requires `adb` (`apt install android-tools-adb`)
+
+## Installation
+
+```bash
+pip install iotsploit-exploits
+```
+
+For development:
+
+```bash
+pip install -e ./iotsploit-exploits
+```
+

iotsploit_exploits-0.0.6/README.md

@@ -0,0 +1,42 @@
+# iotsploit-exploits
+
+Official IoTSploit exploit plugin package. Contains all built-in exploit/security testing plugins.
+
+## Included Plugins
+
+| Plugin | Module | Description |
+|--------|--------|-------------|
+| Flood Attack | `iotsploit_exploits.flood_attack` | Network flood attack |
+| SYN Flood | `iotsploit_exploits.flood_attack` | TCP SYN flood attack |
+| WiFi Scan | `iotsploit_exploits.wifi_scan` | WiFi network scanner |
+| IP Scan | `iotsploit_exploits.ip_scan` | IP network scanner |
+| Nmap Scan | `iotsploit_exploits.nmap_scan` | Nmap-based scanner |
+| ADB Check | `iotsploit_exploits.adb_check` | Android Debug Bridge security check |
+| Hydra SSH | `iotsploit_exploits.hydra_ssh_attack` | Hydra SSH attack |
+| SSH Plugin | `iotsploit_exploits.plugin_ssh` | SSH connection plugin |
+| Serial Reader | `iotsploit_exploits.serial` | Picocom serial reader |
+| GreatFET Echo | `iotsploit_exploits.greatfet_echo` | FTDI echo emulation |
+| Rubber Duck | `iotsploit_exploits.greatfet_rubber_duck` | USB rubber duck attack |
+| Simple Rubber Duck | `iotsploit_exploits.simple_rubber_duck` | Simplified rubber duck |
+| Async Sleep | `iotsploit_exploits.demo` | Demo async plugin |
+| Stream Data | `iotsploit_exploits.demo` | Demo streaming plugin |
+
+## System Tool Dependencies
+
+Some plugins require system-level tools (not installable via pip):
+
+- **nmap_scan**: Requires `nmap` (`apt install nmap`)
+- **hydra_ssh_attack**: Requires `hydra` (`apt install hydra`)
+- **adb_check**: Requires `adb` (`apt install android-tools-adb`)
+
+## Installation
+
+```bash
+pip install iotsploit-exploits
+```
+
+For development:
+
+```bash
+pip install -e ./iotsploit-exploits
+```

iotsploit_exploits-0.0.6/pyproject.toml

@@ -0,0 +1,43 @@
+[tool.poetry]
+name = "iotsploit-exploits"
+version = "0.0.6"
+description = "Official IoTSploit exploit plugin package"
+authors = ["IoTSploit Team <support@iotsploit.org>"]
+license = "GPL-3.0-or-later"
+readme = "README.md"
+packages = [{ include = "iotsploit_exploits", from = "src" }]
+include = [
+    { path = "src/iotsploit_exploits/rubber_duck_scripts/*.txt", format = ["sdist", "wheel"] },
+    { path = "src/iotsploit_exploits/hydra_cracker/*.txt", format = ["sdist", "wheel"] },
+]
+
+[tool.poetry.dependencies]
+python = ">=3.10,<4.0"
+iotsploit-core = "^0.0.6"
+iotsploit-django = "^0.0.6"
+scapy = ">=2.5"
+pwntools = ">=4.12"
+pyserial = ">=3.5"
+# Bare ">=3.0" also matches legacy FaceDancer 2019.x releases under PEP 440.
+# Keep this on the 3.x line so the exploit imports resolve to the expected API.
+facedancer = ">=3.0.6,<4.0"
+
+[tool.poetry.plugins."iotsploit.exploit_plugins"]
+flood_attack = "iotsploit_exploits.flood_attack.flood_attack:FloodAttackPlugin"
+syn_flood_attack = "iotsploit_exploits.flood_attack.syn_flood_attack:SynFloodAttackPlugin"
+wifi_scan = "iotsploit_exploits.wifi_scan.wifi_scan:WifiScanPlugin"
+ip_scan = "iotsploit_exploits.ip_scan.ip_scan:IPScanPlugin"
+nmap_scan = "iotsploit_exploits.nmap_scan.nmap_scan:NmapScanPlugin"
+adb_check = "iotsploit_exploits.adb_check.adb_check:AdbSecurityCheckPlugin"
+hydra_ssh_attack = "iotsploit_exploits.hydra_ssh_attack:HydraSSHAttackPlugin"
+plugin_ssh = "iotsploit_exploits.plugin_ssh:SSHPlugin"
+picocom_serial_reader = "iotsploit_exploits.serial.picocom_serial_reader:PicocomSerialReaderPlugin"
+greatfet_echo = "iotsploit_exploits.greatfet_echo:FTDIEchoPlugin"
+greatfet_rubber_duck = "iotsploit_exploits.greatfet_rubber_duck:RubberDuckPlugin"
+simple_rubber_duck = "iotsploit_exploits.simple_rubber_duck:SimpleRubberDuckPlugin"
+async_sleep_attack = "iotsploit_exploits.demo.async_sleep_attack:AsyncSleepAttackPlugin"
+stream_data_attack = "iotsploit_exploits.demo.stream_data_attack:StreamDataAttackPlugin"
+
+[build-system]
+requires = ["poetry-core>=1.8.0"]
+build-backend = "poetry.core.masonry.api"

iotsploit_exploits-0.0.6/src/iotsploit_exploits/__init__.py

@@ -0,0 +1 @@
+"""Official IoTSploit exploit plugin package."""

iotsploit_exploits-0.0.6/src/iotsploit_exploits/adb_check/adb_check.py

@@ -0,0 +1,493 @@
+#!/usr/bin/python3
+
+import os
+# Disable pwntools terminal mode before importing to prevent fileno() errors in non-TTY environments
+os.environ.setdefault("PWNLIB_NOTERM", "1")
+
+import logging
+import traceback
+import pluggy
+from iotsploit_django.tools.adb_mgr import ADB_Mgr
+from iotsploit_django.tools.doip_mgr import DoIP_Mgr
+from iotsploit_core.core.exploit_spec import ExploitResult
+from iotsploit_core.core.base_plugin import BasePlugin
+from iotsploit_core.utils import iots_logger
+from typing import Optional, List, Dict, Any
+
+logger = iots_logger.get_logger("adb_check")
+hookimpl = pluggy.HookimplMarker("exploit_mgr")
+
+class AdbSecurityCheckPlugin(BasePlugin):
+    def __init__(self):
+        super().__init__({
+            'Name': 'ADB Security Check',
+            'Description': 'Performs security checks on an Android device via ADB',
+            'License': 'GPL',
+            'Author': ['iotsploit'],
+            'Parameters': {
+                'device_serial': {
+                    'type': 'string',
+                    'required': False,
+                    'description': 'ADB device serial number (if not using a target)',
+                    'default': '2fd1f89'
+                },
+                'device_name': {
+                    'type': 'string',
+                    'required': False,
+                    'description': 'Device name from target (e.g., "DHU", "TCAM")',
+                    'default': 'Android Debug Bridge'
+                },
+                'try_root': {
+                    'type': 'bool',
+                    'required': False,
+                    'description': 'Attempt to gain root access (may fail on production builds)',
+                    'default': False
+                },
+                'check_suid': {
+                    'type': 'bool',
+                    'required': False,
+                    'description': 'Check for SUID binaries',
+                    'default': True
+                },
+                'check_writable': {
+                    'type': 'bool',
+                    'required': False,
+                    'description': 'Check for writable directories',
+                    'default': True
+                },
+                'skip_interactive': {
+                    'type': 'bool',
+                    'required': False,
+                    'description': 'Skip interactive prompts',
+                    'default': True
+                }
+            }
+        })
+        self._has_root = None
+        self._device_connected = False
+
+    @hookimpl
+    def initialize(self, device_plugin=None):
+        logger.info("Initializing ADB Security Check Plugin")
+
+    @hookimpl
+    def execute(self, target: Optional[dict] = None, parameters: Optional[dict] = None) -> ExploitResult:
+        """Main execution method"""
+        logger.info("Executing ADB Security Check Plugin")
+        
+        # Log target information if provided
+        if target:
+            self._log_target_info(target)
+        else:
+            logger.info("No target provided, using default parameters")
+        
+        # Get parameters or use defaults
+        params = parameters if parameters else {}
+        device_serial = params.get('device_serial', '2fd1f89')
+        device_name = params.get('device_name', 'Android Debug Bridge')
+        try_root = params.get('try_root', False)
+        check_suid = params.get('check_suid', True)
+        check_writable = params.get('check_writable', True)
+        skip_interactive = params.get('skip_interactive', True)
+        
+        # If target is provided, try to get the device from it
+        if target:
+            target_device_serial = self.get_device_serial_from_target(target, device_name)
+            if target_device_serial:
+                device_serial = target_device_serial
+                logger.info(f"Using device serial '{device_serial}' from target")
+            else:
+                logger.warning(f"Could not find any ADB device in target, falling back to parameter device_serial: {device_serial}")
+                # Don't return error, just use the provided device_serial parameter
+        
+        try:
+            # First check if device is available
+            is_connected = self.check_device_available(device_serial)
+            if not is_connected:
+                return ExploitResult(
+                    False, 
+                    f"ADB device {device_serial} not available",
+                    {"adb_connection": {"connected": False, "message": "Device not connected"}}
+                )
+            
+            self._device_connected = True
+            
+            # Try to determine root status once
+            if try_root:
+                self._has_root = self.try_get_root_access(device_serial)
+            else:
+                self._has_root = False
+                logger.info("Root access attempt disabled by parameters")
+            
+            # Collect results
+            results = {
+                "adb_connection": {"connected": True, "message": "ADB device available"},
+                "adb_root": {
+                    "root_access": self._has_root, 
+                    "message": "ADB has root access" if self._has_root else "ADB does not have root access (not attempted or failed)"
+                }
+            }
+            
+            # Execute checks that don't require interaction
+            try:
+                results["selinux_status"] = self.check_selinux(device_serial)
+            except Exception as e:
+                logger.error(f"Error checking SELinux: {str(e)}")
+                results["selinux_status"] = {"error": str(e), "message": "Failed to check SELinux status"}
+            
+            # Only try these checks if we have root access or they're specifically requested
+            if check_suid:
+                if not self._has_root and try_root:
+                    results["suid_binaries"] = {"error": "No root access", "message": "SUID binaries check requires root access"}
+                else:
+                    try:
+                        results["suid_binaries"] = self.check_suid_binaries(device_serial)
+                    except Exception as e:
+                        logger.error(f"Error checking SUID binaries: {str(e)}")
+                        results["suid_binaries"] = {"error": str(e), "message": "Failed to check SUID binaries"}
+            
+            if check_writable:
+                if not self._has_root and try_root:
+                    results["writable_dirs"] = {"error": "No root access", "message": "Writable directories check requires root access"}
+                else:
+                    try:
+                        results["writable_dirs"] = self.check_writable_dirs(device_serial)
+                    except Exception as e:
+                        logger.error(f"Error checking writable directories: {str(e)}")
+                        results["writable_dirs"] = {"error": str(e), "message": "Failed to check writable directories"}
+                
+            return ExploitResult(True, "ADB security checks completed", results)
+        except Exception as e:
+            logger.error(f"Error during ADB security checks: {str(e)}")
+            logger.debug(traceback.format_exc())
+            return ExploitResult(False, f"ADB security checks failed: {str(e)}", {})
+
+    def _log_target_info(self, target: Optional[dict]) -> None:
+        """Log comprehensive target information (expects dict from exploit_manager normalization)"""
+        if not isinstance(target, dict):
+            logger.warning(f"Target is not a dict: {type(target).__name__}")
+            return
+            
+        try:
+            logger.info("=" * 50)
+            logger.info("TARGET INFORMATION")
+            logger.info("=" * 50)
+            
+            logger.info(f"Target Type: {target.get('type', 'Unknown')}")
+            logger.info(f"Target ID: {target.get('target_id', 'Unknown')}")
+            logger.info(f"Target Name: {target.get('name', 'Unknown')}")
+            logger.info(f"Target Status: {target.get('status', 'Unknown')}")
+            
+            if target.get('ip_address'):
+                logger.info(f"IP Address: {target['ip_address']}")
+            if target.get('location'):
+                logger.info(f"Location: {target['location']}")
+            
+            # Log properties
+            if target.get('properties'):
+                logger.info("Target Properties:")
+                for key, value in target['properties'].items():
+                    logger.info(f"  {key}: {value}")
+            
+            # Log components from dictionary
+            if target.get('components'):
+                logger.info(f"Components ({len(target['components'])}):")
+                for i, comp in enumerate(target['components']):
+                    logger.info(f"  [{i+1}] {comp.get('name', 'Unknown')} ({comp.get('type', 'Unknown')})")
+                    logger.info(f"      ID: {comp.get('component_id', 'Unknown')}")
+                    logger.info(f"      Status: {comp.get('status', 'Unknown')}")
+                    if comp.get('adb_serial_id'):
+                        logger.info(f"      ADB Serial: {comp['adb_serial_id']}")
+                    if comp.get('usb_vendor_id'):
+                        logger.info(f"      USB Vendor ID: {comp['usb_vendor_id']}")
+                    if comp.get('usb_product_id'):
+                        logger.info(f"      USB Product ID: {comp['usb_product_id']}")
+            
+            # Log interfaces
+            if target.get('interfaces'):
+                logger.info(f"Interfaces ({len(target['interfaces'])}):")
+                for i, intf in enumerate(target['interfaces']):
+                    logger.info(f"  [{i+1}] {intf.get('name', 'Unknown')} ({intf.get('type', 'Unknown')})")
+                    logger.info(f"      ID: {intf.get('interface_id', 'Unknown')}")
+                    logger.info(f"      Status: {intf.get('status', 'Unknown')}")
+            
+            logger.info("=" * 50)
+            
+        except Exception as e:
+            logger.error(f"Error logging target info: {str(e)}")
+            logger.debug(f"Target object: {target}")
+
+    def get_device_serial_from_target(self, target: Optional[dict], device_name: str) -> Optional[str]:
+        """Extract the ADB device serial from the target dict (normalized by exploit_manager)"""
+        if not isinstance(target, dict):
+            return None
+            
+        try:
+            found_adb_devices: List[Dict[str, Any]] = []
+            
+            # If target has the components key, check them
+            if 'components' in target:
+                for component in target['components']:
+                    if component.get('type') == 'adb_device':
+                        found_adb_devices.append(component)
+                        # First try exact name match
+                        if component.get('name') == device_name:
+                            logger.info(f"Found ADB device '{device_name}' in target with serial: {component.get('adb_serial_id')}")
+                            return component.get('adb_serial_id')
+            
+            # If no exact match found but we have ADB devices, use the first one
+            if found_adb_devices:
+                first_device = found_adb_devices[0]
+                logger.info(f"Device '{device_name}' not found, using first available ADB device '{first_device.get('name')}' with serial: {first_device.get('adb_serial_id')}")
+                return first_device.get('adb_serial_id')
+            
+            # If target itself is an ADB device
+            if target.get('type') == 'adb_device' and target.get('name') == device_name:
+                logger.info(f"Target itself is the ADB device '{device_name}' with serial: {target.get('adb_serial_id')}")
+                return target.get('adb_serial_id')
+            
+            return None
+        except Exception as e:
+            logger.error(f"Error getting device serial from target: {str(e)}")
+            return None
+
+    def check_device_available(self, device_serial):
+        """Simple check if device is in ADB device list"""
+        try:
+            adb_devices = ADB_Mgr.Instance().list_devices()
+            for dev in adb_devices:
+                if dev.serial == device_serial:
+                    logger.info(f"Device {device_serial} found in ADB device list")
+                    return True
+            logger.info(f"Device {device_serial} not found in ADB device list")
+            return False
+        except Exception as e:
+            logger.error(f"Error checking device availability: {str(e)}")
+            return False
+    
+    def try_get_root_access(self, device_serial):
+        """Try to get root access once and remember the result"""
+        try:
+            # Try to execute a simple command with root
+            logger.info("Checking if device has root access")
+            cmd_result = self.execute_shell_command(device_serial, "id", require_root=True)
+            
+            if cmd_result and "uid=0" in cmd_result:
+                logger.info("Device has root access")
+                return True
+            else:
+                logger.info("Device does not have root access")
+                return False
+        except Exception as e:
+            logger.error(f"Error checking root access: {str(e)}")
+            return False
+
+    def execute_shell_command(self, device_serial, command, require_root=False):
+        """Execute a shell command with better error handling"""
+        try:
+            # First check if the device is available
+            if not self._device_connected:
+                is_connected = self.check_device_available(device_serial)
+                if not is_connected:
+                    logger.error(f"Device {device_serial} not available")
+                    return None
+                self._device_connected = True
+            
+            # If root is required but we know we don't have it, don't even try
+            if require_root and self._has_root is False:
+                logger.debug(f"Root access required for command but device is not rooted")
+                return None
+                
+            # Execute the command
+            result = ADB_Mgr.Instance().shell_cmd(device_serial, command, require_root)
+            return result
+        except Exception as e:
+            logger.error(f"Error executing shell command '{command}': {str(e)}")
+            # If root failed, remember that for future attempts
+            if require_root and "Cannot run as root" in str(e):
+                self._has_root = False
+            return None
+
+    def check_adb_connection(self, device_serial, should_close=False):
+        """Check if ADB is connected and handle enable/disable"""
+        isOpenADB = False
+        try:
+            isOpenADB = ADB_Mgr.Instance().check_connect_status(device_serial)
+        except Exception as e:
+            logger.error(f"ADB connection check failed: {str(e)}")
+            return {"connected": False, "message": f"ADB connection check failed: {str(e)}"}
+
+        if should_close:
+            if isOpenADB:
+                try:
+                    DoIP_Mgr.Instance().closedebug("dhu")
+                    try:
+                        isOpenADB = ADB_Mgr.Instance().check_connect_status(device_serial)
+                    except Exception:
+                        isOpenADB = False
+                    return {"connected": not isOpenADB, "message": "ADB connection closed successfully"}
+                except Exception as e:
+                    logger.error(f"Error closing debug mode: {str(e)}")
+                    return {"connected": isOpenADB, "message": f"Failed to close debug mode: {str(e)}"}
+            return {"connected": True, "message": "ADB already disconnected"}
+        else:
+            return {"connected": isOpenADB, "message": "ADB connection established" if isOpenADB else "Failed to connect to ADB"}
+
+    def check_selinux(self, device_serial):
+        """Check SELinux status"""
+        try:
+            status = ADB_Mgr.Instance().query_android_selinux_status(device_serial)
+            if status is None:
+                return {
+                    "enforcing": False,
+                    "message": "Unable to determine SELinux status",
+                    "security_level": "unknown"
+                }
+            return {
+                "enforcing": status, 
+                "message": "SELinux is enforcing" if status else "SELinux is permissive or disabled",
+                "security_level": "high" if status else "low"
+            }
+        except Exception as e:
+            logger.error(f"Error checking SELinux: {str(e)}")
+            raise
+
+    def check_suid_binaries(self, device_serial):
+        """Check for SUID binaries"""
+        try:
+            # Use our execute_shell_command to avoid root attempts if we know they'll fail
+            if self._has_root is False:
+                # Try without requiring root
+                cmd_result = self.execute_shell_command(
+                    device_serial, 
+                    'find / -perm -4000 -type f -print 2>/dev/null | wc -l',
+                    require_root=False
+                )
+                if cmd_result:
+                    count = int(cmd_result.strip()) if cmd_result.strip().isdigit() else 0
+                    return {
+                        "secure": count == 0,
+                        "count": count,
+                        "files": [],
+                        "message": f"Found {count} SUID binary files (no details available without root)"
+                    }
+                
+                return {
+                    "secure": False,
+                    "count": 0,
+                    "files": [],
+                    "message": "Cannot check SUID binaries without root access"
+                }
+            
+            # Use the standard method if we have root
+            result = ADB_Mgr.Instance().query_files_permission_suid(device_serial)
+            
+            # Handle None result
+            if result is None:
+                return {
+                    "secure": False,
+                    "count": 0,
+                    "files": [],
+                    "message": "Failed to check SUID binaries"
+                }
+            
+            # Process results for better reporting
+            suid_files = []
+            if result and isinstance(result, list):
+                for item in result:
+                    suid_files.append({
+                        "path": item.get("filepath", ""),
+                        "permissions": item.get("rwx", ""),
+                        "owner": item.get("owner", ""),
+                        "group": item.get("group", ""),
+                        "selinux": item.get("sid", "")
+                    })
+            
+            return {
+                "secure": len(suid_files) == 0,
+                "count": len(suid_files),
+                "files": suid_files,
+                "message": f"Found {len(suid_files)} SUID binary files"
+            }
+        except Exception as e:
+            logger.error(f"Error checking SUID binaries: {str(e)}")
+            raise
+
+    def check_writable_dirs(self, device_serial):
+        """Check for world-writable directories"""
+        try:
+            # Use our execute_shell_command to avoid root attempts if we know they'll fail
+            if self._has_root is False:
+                # Try without requiring root
+                cmd_result = self.execute_shell_command(
+                    device_serial, 
+                    'find / -perm -2 -type d -print 2>/dev/null | grep -v "^/proc\|^/sys\|^/dev" | wc -l',
+                    require_root=False
+                )
+                if cmd_result:
+                    count = int(cmd_result.strip()) if cmd_result.strip().isdigit() else 0
+                    return {
+                        "secure": count == 0,
+                        "count": count,
+                        "directories": [],
+                        "message": f"Found {count} world-writable directories (no details available without root)"
+                    }
+                
+                return {
+                    "secure": False,
+                    "count": 0,
+                    "directories": [],
+                    "message": "Cannot check writable directories without root access"
+                }
+            
+            # Use the standard method if we have root
+            passselinuxs = ["unlabeled", "vendor_data_file", "vendor_secure_element_vendor_data_file", "device_data_file"]
+            dirs = ADB_Mgr.Instance().query_dirs_permission_writable_by_any_user(
+                device_serial,
+                "/",
+                "",
+                ["/dev/", "/sys/", "/proc/"],
+                passselinuxs
+            )
+            
+            # Handle None result
+            if dirs is None:
+                return {
+                    "secure": False,
+                    "count": 0,
+                    "directories": [],
+                    "message": "Failed to check writable directories"
+                }
+            
+            # Process results for better reporting
+            writable_dirs = []
+            if dirs and isinstance(dirs, list):
+                for item in dirs:
+                    writable_dirs.append({
+                        "path": item.get("dirpath", ""),
+                        "permissions": item.get("rwx", ""),
+                        "owner": item.get("owner", ""),
+                        "group": item.get("group", ""),
+                        "selinux": item.get("sid", "")
+                    })
+            
+            return {
+                "secure": len(writable_dirs) == 0,
+                "count": len(writable_dirs),
+                "directories": writable_dirs,
+                "message": f"Found {len(writable_dirs)} world-writable directories"
+            }
+        except Exception as e:
+            logger.error(f"Error checking writable directories: {str(e)}")
+            raise
+
+    @hookimpl
+    def cleanup(self):
+        """Cleanup resources"""
+        logger.info("Cleaning up ADB Security Check Plugin")
+        try:
+            # Reset state variables
+            self._has_root = None
+            self._device_connected = False
+        except Exception as e:
+            logger.error(f"Error during cleanup: {str(e)}")