Exodus is meant to:
- download a bunch of APK files from Google Play
- find trackers signature in unzipped APK
- retreive application information like version, handle, ...
- manage Android VirtualBox VM
- install and run Android applications
- analyze the network traffic generated by the application
- retreive DNS queries and responses
- retreive HTTP posted data
- generate JSON report
sudo apt install git virtualenv postgresql-9.6 rabbitmq-server aapt build-essential libssl-dev libffi-dev python3-dev openjdk-8-jre
git clone -b v1 ssh://<username>@62.210.131.96:19100/data/depots/exodus/exodus.git Exodus
sudo su - postgres
psql
CREATE USER exodus WITH PASSWORD 'a big password';
CREATE DATABASE exodus WITH OWNER exodus;
Set the password in the file Exodus/exodus/exodus/settings.py
line 97.
cd Exodus
virtualenv ./venv -p python3
source venv/bin/activate
pip3 install -r requirements.txt
cd exodus/exodus
python manage.py migrate --fake-initial
python manage.py migrate
python manage.py createsuperuser
Download the ISO of Android 7.1 x86_64 :
torify wget https://osdn.net/frs/redir.php?m=rwthaachen&f=%2Fandroid-x86%2F67834%2Fandroid-x86_64-7.1-rc1.iso
Create a new VM and set:
Pointer device : PS/2
Set bridge
network mode.
Specify the shitty GMail account.
Install the FakeGPS application.
Create a snapshot
See https://www.osboxes.org/android-x86/
Set bridge
network mode.
Specify the shitty GMail account.
Install the FakeGPS application.
Create a snapshot
In Android terminal emulator
su
setprop service.adb.tcp.port 5555
stop adbd
start adbd
ifconfig
sudo brctl addbr proute
sudo ip link set proute up
sudo iptables -t nat -A POSTROUTING -s 192.168.30.0/24 -j MASQUERADE
sudo iptables -A FORWARD -i proute -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o proute -j ACCEPT
sudo iptables -t nat -A PREROUTING -i proute -p tcp --dport 80 -j REDIRECT --to-port 8080
sudo iptables -t nat -A PREROUTING -i proute -p tcp --dport 443 -j REDIRECT --to-port 8080
In /etc/network/interfaces
, add:
auto proute
iface proute inet static
address 192.168.30.1
netmask 255.255.255.0
In /etc/default/isc-dhcp-server
, set:
INTERFACES="proute"
In /etc/dhcp/dhcpd.conf
, declare:
option domain-name "exodus.lan";
option domain-name-servers 80.67.169.12,80.67.169.40;
option routers 192.168.30.1;
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.30.0 netmask 255.255.255.0 {
range 192.168.30.3 192.168.30.224;
}
authoritative;
- add geo-tagged pictures in Android custom build
sudo visudo
and append the following line before the include ...
one at the bottom of the file
<usename> ALL=(ALL) NOPASSWD: /usr/sbin/tcpdump
chmod g+s net