通过对Log信息及代码的进一步分析,可以获知X-Ray扫描逻辑如下:
1、联网获取漏洞信息,漏洞信息包含客户端处理检测漏洞的方式
[html] view plaincopy
D/xray (28458): *********** BOOTSTRAP RESPONSE ***********
D/xray (28458): latest_probes: 10
D/xray (28458): latest_app_version: 3
D/xray (28458): latest_app_uri: /xray/static/XRAY-1.0.apk
D/xray (28458): **************************************
D/xray (28458): probeupdate: trying request 1 of 3
D/dalvikvm(28458): GC_CONCURRENT freed 257K, 48% free 3259K/6151K, external 481K/993K, paused 2ms+2ms
D/xray (28458): *********** UPDATE PROBE RESPONSE ***********
D/xray (28458): id: zimperlich
D/xray (28458): type: static
D/xray (28458): name: Zimperlich
D/xray (28458): query_url: /xray/zimperlich/query
D/xray (28458): probe_url: /xray/zimperlich/probe
D/xray (28458): result_url:
D/xray (28458): static_payload: /system/lib/libdvm.so
D/xray (28458): dynamic_slot:
D/xray (28458): dynamic_payload:
D/xray (28458): dynamic_signature:
D/xray (28458): ********************************************
D/xray (28458): id: gingerbreak
D/xray (28458): type: static
D/xray (28458): name: Gingerbreak
D/xray (28458): query_url: /xray/gingerbreak/query
D/xray (28458): probe_url: /xray/gingerbreak/probe
D/xray (28458): result_url:
D/xray (28458): static_payload: /system/bin/vold
D/xray (28458): dynamic_slot:
D/xray (28458): dynamic_payload:
D/xray (28458): dynamic_signature:
D/xray (28458): ********************************************
D/xray (28458): id: zergrush
D/xray (28458): type: static
D/xray (28458): name: ZergRush
D/xray (28458): query_url: /xray/zergrush/query
D/xray (28458): probe_url: /xray/zergrush/probe
D/xray (28458): result_url:
D/xray (28458): static_payload: /system/lib/libsysutils.so
D/xray (28458): dynamic_slot:
D/xray (28458): dynamic_payload:
D/xray (28458): dynamic_signature:
D/xray (28458): ********************************************
D/xray (28458): id: ashmem
D/xray (28458): type: dynamic
D/xray (28458): name: ASHMEM
D/xray (28458): query_url:
D/xray (28458): probe_url:
D/xray (28458): result_url: /xray/ashmem/result
D/xray (28458): static_payload:
D/xray (28458): dynamic_slot: 01
D/xray (28458): dynamic_payload: /xray/static/libashmem_v1.so
D/xray (28458): dynamic_signature: H+4S6nSomTdUnqUfDKZltq2Mm51VbQ2jnhbzstZ7bzt2dSQU7H6+BefWgCId1b
8gKYdDJrQk5FJ/6OWASVhS7FhNpH6HTN3ieeFbDIX9XYqFmBCzTj5ObFf2yIcQt9JAB3sP/wm7oqzktuX4N2/n+4jmaUOj7HUOgQ
imDPB9qK4m866+ScIVXiwZHmR6oaLgr8eJVm9uiOLem/DOhcGMsxSEuFY/6mZPrqMKfXPVP2gUsMPbjY1JAHnCD7yUXlCU2Jby18
HvOH15fo6hkcEhIg1/FvTj+tvHmY64ckKhQdEOOYaBv/Nv2AABMglPQoj/89ntsc7nN1V0qg64u6JJtg==
D/xray (28458): ********************************************
D/xray (28458): id: mempodroid
D/xray (28458): type: dynamic
D/xray (28458): name: Mempodroid
D/xray (28458): query_url:
D/xray (28458): probe_url:
D/xray (28458): result_url: /xray/mempodroid/result
D/xray (28458): static_payload:
D/xray (28458): dynamic_slot: 02
D/xray (28458): dynamic_payload: /xray/static/libmempodroid_v1.so
D/xray (28458): dynamic_signature: P9VL0j2UbuB94WA6gF9XuAmtEUQmPDOWyxDJDQR9wmIbGq1ixThNSl7bnG1rgV
pj9M/AgAzxon4umr3FMQV3fLjmZG2QTbNFF7O622G2ssLxeBsCAH/9YC4b9RxVRBQP8cV5B078d+4DHmeOv6ey23omsIwMFoKhXn
RHnyU4FhtWpA9rT1Bu2d5RCOkuu8HM+qu2w+ZqWlJlnVIMQUbdfDS4YjVpjjS84hloES/wFPGOh/K2NZe1VhKGLhoIDWt6ROQCcG
8bZ3hTYTq91JlCp+wqdV/D9XufKbBZVuZ5S7LcwZg/nYtLeXY6On4CcGji4Uu0B8E7ymP+u7e+mUgCWQ==
D/xray (28458): ********************************************
D/xray (28458): id: levitator
D/xray (28458): type: dynamic
D/xray (28458): name: Levitator
D/xray (28458): query_url:
D/xray (28458): probe_url:
D/xray (28458): result_url: /xray/levitator/result
D/xray (28458): static_payload:
D/xray (28458): dynamic_slot: 03
D/xray (28458): dynamic_payload: /xray/static/liblevitator_v1.so
D/xray (28458): dynamic_signature: NNAPZiBOcZ6O1lPRVcjNzNpeLMvoVUnP1j9PFr/1cG00fju7lqJEKBcGtqgiz+
4/hF8w0xKndvJ4NSq1ResiukET7vt6tuY/n1nT6FxrE+e/+06JhFMkX5S+BrOV5hMMqsXzzWc9oE+DFhOFxkcDt6R9HeZQePaa5w
YnpMSsQHD7EZ6qzCen6PrHm+0q5F0xelmiahx3njSGP2eg8TbKl6zhvzhW4SIaz8h9ZxRqBZHH43aWiXbc/nnttjABfvyvLle3fO
JxFaYFp84bOW36bXF33fkDoLegmlSQv3sWnaugefcPsWIzgvH3O3/iLxJtrzXdGf4zZbzekV2sFY028w==
D/xray (28458): ********************************************
D/xray (28458): id: exploid
D/xray (28458): type: dynamic
D/xray (28458): name: Exploid
D/xray (28458): query_url:
D/xray (28458): probe_url:
D/xray (28458): result_url: /xray/exploid/result
D/xray (28458): static_payload:
D/xray (28458): dynamic_slot: 04
D/xray (28458): dynamic_payload: /xray/static/libexploid_v1.so
D/xray (28458): dynamic_signature: nBNyRJ0n3y6LSFM7SysnaYl58LKL0PYvgsukRWa+Q2QSr+0IWDgSidUSlMtG8p
KnsTTuEKcCxw4xmTGAyZVH/do5/hCwa2hWnJ+4IwLtc5hwZDVTCjPYypOeXV287gq79cbM/zIthy0VAkoBW6bYTYfGgqvNBOq/cE
u0HgWkgSeCnD6ML9svZUhXGmva8z71mTucvoMBkPs3Ft8eLmxumZjuB+kni01jhQD9N7u6jfPLbQmZUqxT47a9bSoFYJlVNQKL0U
/xPGWuXHGhnZs/K55s2A3r2aB6vNHXCV3C16tDm5KL0aSS+zU3TuBFTUQzRoVjZwDjJpdd4KRzPGOGpg==
D/xray (28458): ********************************************
D/xray (28458): id: wunderbar
D/xray (28458): type: dynamic
D/xray (28458): name: Wunderbar
D/xray (28458): query_url:
D/xray (28458): probe_url:
D/xray (28458): result_url: /xray/wunderbar/result
D/xray (28458): static_payload:
D/xray (28458): dynamic_slot: 05
D/xray (28458): dynamic_payload: /xray/static/libwunderbar_v1.so
D/xray (28458): dynamic_signature: wqSKs7FCjCaFWqBixxV5IMW/qMBN+zSUpxix52Jw1mmjdbLOc0o6gevlRBuGN8
txKdrCD7dBUkGkMuaAd8VpHxcWBSlmiYB8kh3j9gEluVwz3HK8i+bdOGfSnlswHdDg/aQlu+DezhyS7ajfiDELJ2xaBPapzgCRCU
dGcu7RyJ2tUCWdvmBgvEyIsMhGrIUuVVklc8puJYLD3+2MVWy+BgFhGPDEpxujl/NNl0kVPVpQHngY1/hkrA3svDnpUyzeqAKqEZ
r7IF0e8B+I8LAS9P/ZejwM4vde/cLFs6ttfvtcYqFX+H0dqarDmDf11f6gaGnjxFMEXOAlBhqMJqN1vQ==
D/xray (28458): ********************************************
D/xray (28458): *********************************************