trueseeing 2.2.4__tar.gz → 2.2.6__tar.gz

trueseeing-2.2.6/.github/FUNDING.yml

@@ -0,0 +1,14 @@
+# These are supported funding model platforms
+
+github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+polar: # Replace with a single Polar username
+buy_me_a_coffee: alterakey
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

{trueseeing-2.2.4 → trueseeing-2.2.6}/.github/workflows/deploy.yaml

@@ -16,7 +16,7 @@ jobs:
       - name: Setup environment
         uses: actions/setup-python@v3
         with:
-          python-version: 3.11
+          python-version: 3.13
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3

{trueseeing-2.2.4 → trueseeing-2.2.6}/.github/workflows/lint.yaml

@@ -12,7 +12,7 @@ jobs:
       - name: Setup environment
         uses: actions/setup-python@v3
         with:
-          python-version: 3.11
+          python-version: 3.13
 
       - name: Install dependencies
         run: |

{trueseeing-2.2.4 → trueseeing-2.2.6}/.github/workflows/publish.yaml

@@ -17,7 +17,7 @@ jobs:
       - name: Setup environment
         uses: actions/setup-python@v3
         with:
-          python-version: 3.11
+          python-version: 3.13
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3

trueseeing-2.2.6/Dockerfile

@@ -0,0 +1,18 @@
+from python:3.13-slim
+run pip install flit
+copy . /tmp/build/
+run (cd /tmp/build && flit build)
+
+from python:3.13-slim
+run apt-get update -y && apt-get install -y openjdk-17-jre-headless zip adb
+run install -d -m 777 /data /ext /cache /out && ln -sfn /cache /root/.local
+copy --from=0 /tmp/build/dist/*.whl /tmp/dist/
+run pip install /tmp/dist/*.whl && rm -rf /tmp/dist /tmp/ext
+env PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+env TS2_IN_DOCKER=1
+env TS2_CACHEDIR=/cache
+env TS2_HOME=/data
+env TS2_EXTDIR=/ext
+env TS2_SWIFT_DEMANGLER_URL=http://ts2-swift-demangle
+workdir /out
+entrypoint ["trueseeing"]

{trueseeing-2.2.4 → trueseeing-2.2.6}/PKG-INFO

@@ -1,8 +1,8 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.3
 Name: trueseeing
-Version: 2.2.4
-Summary: Trueseeing is a non-decompiling Android application vulnerability scanner.
-Keywords: android,security,pentest,hacking
+Version: 2.2.6
+Summary: Trueseeing is a non-decompiling iOS/Android application vulnerability scanner.
+Keywords: ios,android,security,pentest,hacking
 Author-email: Takahiro Yoshimura <alterakey@protonmail.com>
 Requires-Python: >=3.9
 Description-Content-Type: text/markdown
@@ -21,14 +21,15 @@ Requires-Dist: termcolor~=2.4
 Requires-Dist: progressbar2~=4.3
 Requires-Dist: importlib_metadata~=7.0
 Requires-Dist: asn1crypto~=1.5
-Requires-Dist: zstandard~=0.22
+Requires-Dist: pyzstd~=0.16
 Requires-Dist: aiohttp~=3.9
 Requires-Dist: lief~=0.14
 Requires-Dist: pyaxmlparser~=0.3
 Requires-Dist: prompt-toolkit~=3.0
-Requires-Dist: mypy~=1.7 ; extra == "dev"
-Requires-Dist: pyproject-flake8~=6.1 ; extra == "dev"
-Requires-Dist: typing_extensions~=4.1 ; extra == "dev"
+Requires-Dist: frida-tools~=13.6
+Requires-Dist: mypy~=1.13 ; extra == "dev"
+Requires-Dist: pyproject-flake8~=7.0 ; extra == "dev"
+Requires-Dist: typing_extensions~=4.12 ; extra == "dev"
 Project-URL: Source, https://github.com/alterakey/trueseeing
 Provides-Extra: dev
 
@@ -39,7 +40,7 @@ Provides-Extra: dev
 ![Main branch deploy status](https://github.com/alterakey/trueseeing/workflows/deploy/badge.svg)
 ![Main branch last commit](https://img.shields.io/github/last-commit/alterakey/trueseeing/main)
 
-trueseeing is a fast, accurate and resillient vulnerability scanner for Android apps.  We operate on the Dalvik VM level -- i.e. we don't care if the target app is obfuscated or not.
+trueseeing is a fast, accurate and resillient vulnerability scanner for iOS/Android apps.  We operate on the Dalvik VM level for Android -- i.e. we don't care if the target app is obfuscated or not.
 
 ## Capability
 
@@ -51,6 +52,11 @@ Currently we can:
 * Copy in/out app data through debug interface
 * Search for certain calls/consts/sput/iput
 * Deduce constants/typesets for args of op
+* Scan API/private calls for native codes (NB: you need [ts2-disasm-ghidra](https://github.com/alterakey/ts2-disasm-ghidra))
+* Scan iOS apps for basic vulnerabilities (NB: you need [ts2-disasm-ghidra](https://github.com/alterakey/ts2-disasm-ghidra))
+* Attach frida scripts
+* Provide frida interative session
+* Tracing calls
 * etc.
 
 ## Installation
@@ -84,7 +90,7 @@ Alternatively, you can install our package with pip as follows. This form of ins
 You can interactively scan/analyze/patch/etc. apps -- making it the ideal choice for manual analysis:
 
     $ trueseeing target.apk
-    [+] trueseeing 2.2.4
+    [+] trueseeing 2.2.6
     ts[target.apk]> ?
     ...
     ts[target.apk]> i                      # show generic information

{trueseeing-2.2.4 → trueseeing-2.2.6}/README.md

@@ -5,7 +5,7 @@
 ![Main branch deploy status](https://github.com/alterakey/trueseeing/workflows/deploy/badge.svg)
 ![Main branch last commit](https://img.shields.io/github/last-commit/alterakey/trueseeing/main)
 
-trueseeing is a fast, accurate and resillient vulnerability scanner for Android apps.  We operate on the Dalvik VM level -- i.e. we don't care if the target app is obfuscated or not.
+trueseeing is a fast, accurate and resillient vulnerability scanner for iOS/Android apps.  We operate on the Dalvik VM level for Android -- i.e. we don't care if the target app is obfuscated or not.
 
 ## Capability
 
@@ -17,6 +17,11 @@ Currently we can:
 * Copy in/out app data through debug interface
 * Search for certain calls/consts/sput/iput
 * Deduce constants/typesets for args of op
+* Scan API/private calls for native codes (NB: you need [ts2-disasm-ghidra](https://github.com/alterakey/ts2-disasm-ghidra))
+* Scan iOS apps for basic vulnerabilities (NB: you need [ts2-disasm-ghidra](https://github.com/alterakey/ts2-disasm-ghidra))
+* Attach frida scripts
+* Provide frida interative session
+* Tracing calls
 * etc.
 
 ## Installation
@@ -50,7 +55,7 @@ Alternatively, you can install our package with pip as follows. This form of ins
 You can interactively scan/analyze/patch/etc. apps -- making it the ideal choice for manual analysis:
 
     $ trueseeing target.apk
-    [+] trueseeing 2.2.4
+    [+] trueseeing 2.2.6
     ts[target.apk]> ?
     ...
     ts[target.apk]> i                      # show generic information

{trueseeing-2.2.4 → trueseeing-2.2.6}/pyproject.toml

@@ -17,7 +17,7 @@ classifiers = [
     "License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)",
 ]
 readme = "README.md"
-keywords = ['android', 'security', 'pentest', 'hacking']
+keywords = ['ios', 'android', 'security', 'pentest', 'hacking']
 dependencies = [
     "lxml~=5.0",
     "pyyaml~=6.0",
@@ -27,20 +27,21 @@ dependencies = [
     "progressbar2~=4.3",
     "importlib_metadata~=7.0",
     "asn1crypto~=1.5",
-    "zstandard~=0.22",
+    "pyzstd~=0.16",
     "aiohttp~=3.9",
     "lief~=0.14",
     "pyaxmlparser~=0.3",
     "prompt-toolkit~=3.0",
+    'frida-tools~=13.6',
 ]
 requires-python = ">=3.9"
 dynamic = ['version', 'description']
 
 [project.optional-dependencies]
 dev = [
-  "mypy~=1.7",
-  "pyproject-flake8~=6.1",
-  "typing_extensions~=4.1",
+  "mypy~=1.13",
+  "pyproject-flake8~=7.0",
+  "typing_extensions~=4.12",
 ]
 
 [project.urls]

trueseeing-2.2.6/trueseeing/__init__.py

@@ -0,0 +1,2 @@
+"""Trueseeing is a non-decompiling iOS/Android application vulnerability scanner."""
+__version__ = '2.2.6'

{trueseeing-2.2.4 → trueseeing-2.2.6}/trueseeing/api.py

@@ -4,7 +4,7 @@ from abc import ABC, abstractmethod
 
 if TYPE_CHECKING:
   from collections import deque
-  from typing import Any, TypedDict, Protocol, Optional, Callable, Coroutine, Union, List, Mapping, overload, Literal
+  from typing import Any, TypedDict, Protocol, Optional, Callable, Coroutine, Union, List, Mapping, overload, Literal, Set
   from typing_extensions import deprecated
   from trueseeing.core.context import Context, ContextType
   from trueseeing.core.android.context import APKContext
@@ -25,6 +25,7 @@ if TYPE_CHECKING:
     e: CommandEntrypoint
     n: str
     d: str
+    t: Set[str]
 
   class CommandEntry(Entry):
     pass
@@ -65,6 +66,7 @@ if TYPE_CHECKING:
   class CommandHelper(Protocol):
     def get_target(self) -> Optional[str]: ...
     def require_target(self, msg: Optional[str] = None) -> str: ...
+    def get_context_type(self) -> Optional[Set[ContextType]]: ...
     @overload
     def get_context(self) -> Context: ...
     @overload

{trueseeing-2.2.4 → trueseeing-2.2.6}/trueseeing/app/cmd/__init__.py

@@ -1,10 +1,12 @@
 from __future__ import annotations
 from typing import TYPE_CHECKING
+from functools import cache
 
 if TYPE_CHECKING:
   from typing import Type, Iterator
   from trueseeing.api import Command
 
+@cache
 def discover() -> Iterator[Type[Command]]:
   from trueseeing.api import Command
   from importlib import import_module

{trueseeing-2.2.4 → trueseeing-2.2.6}/trueseeing/app/cmd/android/asm.py

@@ -23,19 +23,21 @@ class AssembleCommand(CommandMixin):
 
   def get_commands(self) -> CommandMap:
     return {
-      'ca':dict(e=self._assemble, n='ca[!] /path', d='assemble as target from path'),
-      'ca!':dict(e=self._assemble),
-      'cd':dict(e=self._disassemble, n='cd[s][!] /path', d='disassemble target into path'),
-      'cd!':dict(e=self._disassemble),
-      'cds':dict(e=self._disassemble_nodex),
-      'cds!':dict(e=self._disassemble_nodex),
-      'co':dict(e=self._export_context, n='co[!] /path [pat]', d='export codebase'),
-      'co!':dict(e=self._export_context),
+      'ca':dict(e=self._assemble, n='ca[!] /path', d='assemble as target from path', t={'apk'}),
+      'ca!':dict(e=self._assemble, t={'apk'}),
+      'cd':dict(e=self._disassemble, n='cd[s][!] /path', d='disassemble target into path', t={'apk'}),
+      'cd!':dict(e=self._disassemble, t={'apk'}),
+      'cds':dict(e=self._disassemble_nodex, t={'apk'}),
+      'cds!':dict(e=self._disassemble_nodex, t={'apk'}),
+      'cm':dict(e=self._merge, n='cm[!] [output.apk]', d='merge slices into a plain apk', t={'xapk'}),
+      'cm!':dict(e=self._merge, t={'xapk'}),
+      'co':dict(e=self._export_context, n='co[!] /path [pat]', d='export codebase', t={'apk'}),
+      'co!':dict(e=self._export_context, t={'apk'}),
     }
 
   def get_options(self) -> OptionMap:
     return {
-      'nocache':dict(n='nocache', d='do not replicate content before build [ca]')
+      'nocache':dict(n='nocache', d='do not replicate content before build [ca]', t={'apk'}),
     }
 
   async def _assemble(self, args: deque[str]) -> None:
@@ -58,7 +60,6 @@ class AssembleCommand(CommandMixin):
 
     stem = re.sub(r'\.x?apk$', '', apk)
     for typ in ['apk', 'xapk']:
-      print(origapk, f'{stem}.{typ}.orig')
       if os.path.exists(f'{stem}.{typ}.orig') and not cmd.endswith('!'):
         ui.fatal('backup file exists; force (!) to overwrite')
 
@@ -214,7 +215,7 @@ class AssembleCommand(CommandMixin):
       if subformat in ['gz']:
         kwargs.update(dict(compresslevel=3))
 
-      with tarfile.open(root, 'w:{}'.format(subformat), **kwargs) as tf:  # type: ignore[arg-type]
+      with tarfile.open(root, 'w:{}'.format(subformat), **kwargs) as tf:  # type: ignore[call-overload]
         now = int(time.time())
         for path,blob in q.file_enum(pat=pat, regex=True):
           target = os.path.join('files', *path.split('/'))
@@ -223,6 +224,7 @@ class AssembleCommand(CommandMixin):
 
           bf = BytesIO(blob)
           ti = tarfile.TarInfo(name=target)
+          ti.size = len(blob)
           ti.uname = 'root'
           ti.gname = 'root'
           ti.mode = 0o600
@@ -239,3 +241,38 @@ class AssembleCommand(CommandMixin):
       return 'tar:gz'
     else:
       return None
+
+  async def _merge(self, args: deque[str]) -> None:
+    target = self._helper.require_target('need target')
+
+    cmd = args.popleft()
+
+    import os
+    import time
+    from tempfile import TemporaryDirectory
+    from trueseeing.core.android.asm import APKAssembler
+    from trueseeing.core.android.tools import move_apk
+
+    if args:
+      outfn = args.popleft()
+    else:
+      outfn = target.replace('.xapk', '.apk')
+
+    origfn = outfn.replace('.apk', '.apk.orig')
+
+    if os.path.exists(origfn) and not cmd.endswith('!'):
+      ui.fatal('backup file exists; force (!) to overwrite')
+
+    ui.info('merging slices {target} -> {outfn}'.format(target=target, outfn=outfn))
+
+    at = time.time()
+
+    with TemporaryDirectory() as td:
+      apk, sig = await APKAssembler.merge_slices(target, td)
+
+      if os.path.exists(outfn):
+        move_apk(outfn, origfn)
+
+      move_apk(apk, outfn)
+
+    ui.success('done ({t:.02f} sec.)'.format(t=(time.time() - at)))