droidbot

Release 1.0.0a2

A smart Android app exerciser.

Homepage PyPI Python

Keywords
testing, monkey, exerciser
License
MIT
Install
pip install droidbot==1.0.0a2

Documentation

DroidBot

About

A robot which automatically interacts with Android app.

DroidBot sends keyevent, gestures and simulates system events in order to exploit more app states automatically. droidbot decides which actions to take based on static analysis result of app and dynamic device information (view hierarchy).

For more details, refer to my blog posts.

Introduction

DroidBot mainly does following two things:

  1. Setting up device environments, include the contacts, SMS logs, call logs, GPS mocking, etc. The target app may have access to these resources, thus we prepare them before starting the app.

    Multiple env policies can be used for setting up environments. We support:

    • none policy which does not set up any environment;
    • dummy policy which just mocks same basic environment for all apps;
    • static policy which set up environment according to static information of app, for example permissions and files which the app have access to;
    • file policy which read environment configurations from a json file.

  2. Sending events during the app is running. Events includes touch, drag gestures on screen, keyevents, and simulated broadcasts, etc.

    Similarly, we have several policies to produce events:

    • none policy which does not send any event;
    • monkey policy which make use of adb monkey tool, to produce randomized events;
    • random policy which sends randomized events to device
    • static policy produces a list of events based on static information of app. Eg. the intent-filters of each app.
    • dynamic policy. It is actually the real human-like policy. It monitors the device states, including the running activities, the foreground window, and the hierarchy of current window and sends events according to these information. It avoids going to same state too many times by comparing the window hierarchies, and it sends activity-specific intents based on static analysis of app.
    • file policy which generates events from a json file.

Prerequisite

  1. Python version 2.7
  2. Android SDK, make sure that platform_tools and tools added to PATH
  3. androidviewclient, install with sudo easy_install --upgrade androidviewclient, or refer to its wiki
  4. (Optional) DroidBox version 4.1.1, download from here

Installation

Clone this repo and use pip install:

git clone https://github.com/ylimit/droidbot.git
pip install -e droidbot

Usage

Basic Usage

  1. Start an emulator or connect to a device using adb.
  2. Start droidbot: droidbot -h

Usage with DroidBox (without docker)

DroidBox print sensitive behaviours at runtime, which is useful in malware analysis. DroidBot can be used with DroidBox and is able to capture DroidBox logs.

Step 1. Start droidbox emulator:

1.1 Download DroidBox image

wget https://droidbox.googlecode.com/files/DroidBox411RC.tar.gz
tar xfz DroidBox411RC.tar.gz

1.2 Create an avd named droidbox

You can either use android avd manager or use android create avd command.

1.3 Start the avd with droidbox image

cd DroidBox411RC
sh startemu.sh droidbox

Step 2. Start droidbot:

droidbot -a <sample.apk> -event dynamic -duration 100 -o droidbot_out

Usage with Docker

Prepare the environment on your host by creating a folder to be shared with the DroidBot Docker container. The folder will be used to load samples to be analyzed in DroidBot, and also to store output results from DroidBot analysis.

mkdir -p ~/mobileSamples/out

Now pull the ready-made Docker container (about 1.8 GB after extraction) from Honeynet Project's hub:

docker pull honeynet/droidbot

or, if you prefer, build your own from the GitHub repo:

git clone https://github.com/ylimit/droidbot.git
docker build -t honeynet/droidbot droidbot

To run the analysis, copy your sample to the folder you created above, then start the container; you will find results in the "out" subfolder.

cp mySample.apk ~/mobileSamples/
docker run -it --rm -v ~/mobileSamples:/samples:ro -v ~/mobileSamples/out:/samples/out honeynet/droidbot /samples/mySample.apk
ls ~/mobileSamples/out

Evaluation

Droidbot is evaluated by comparing with droidbox default mode (which does nothing) and adb monkey tool. The results are in result.

Or see my visualized evaluation reports at DroidBot Posts.

Acknowledgement

  1. AndroidViewClient is an amazing tool simplifies test script creation providing higher level operations and the ability of obtaining the tree of Views present at any given moment on the device or emulator screen.
  2. Androguard is well-known for reverse-engineering of Android Apks.

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
0
Total releases
2
Latest release
First release
Stars
488
Forks
140
Watchers
37
Contributors
4
Repository size
56.9 MB
SourceRank
10

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

1.0.0a2
1.0.0a1

Contributors

Yuanchun Li hannoL Ziyue Yang Andrea De Pasquale


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-12-15 16:37:26 UTC

Login to resync this project