AndroBugs_Framework是怎么检测?
方法:直接获取AndroidManifest文件中allowBackup的属性,是否为true。(若没有,安卓系统是默认为true的)
def is_adb_backup_enabled(self):
"""
Return true if the APK can be backed up
:rtype: boolean
"""
adb_backup = self.get_element("application", "allowBackup")
if adb_backup is None:
#If the default value is not set, the default is True.
return True
else:
if adb_backup.lower() == 'true':
return True
else:
return False
QARK:
class ManifestBackupAllowed(ManifestPlugin):
def __init__(self):
super(ManifestBackupAllowed, self).__init__(category="manifest", name="Backup is allowed in manifest",
description=(
"Backups enabled: Potential for data theft via local attacks via adb "
"backup, if the device has USB debugging enabled (not common). "
"More info: "
"http://developer.android.com/reference/android/R.attr.html#allowBackup"))
self.severity = Severity.WARNING
def run(self):
application_sections = self.manifest_xml.getElementsByTagName("application")
for application in application_sections:
if "android:allowBackup" in application.attributes.keys():
self.issues.append(Issue(category=self.category, severity=self.severity,
name=self.name, description=self.description,
file_object=self.manifest_path))
plugin = ManifestBackupAllowed()
其他的框架或工具还有360显危镜,腾讯金刚,mafia等,都是基于manifest对allowBackup属性做判断,来确定风险。