Merge pull request #1 from themalwarenews/V2.0

anonsharzzk · web-flow · commit 9177990fb767 · 2023-09-10T12:11:28.000+05:30
Grauda V2.0
diff --git a/README.md b/README.md
@@ -1,25 +1,22 @@
-# GARUDA
 
-![image](https://user-images.githubusercontent.com/100226024/155191796-04b494f7-90c1-4e10-b9c0-1f8f01c9dd65.png)
+# GARUDA
 
+Garuda is a python script designed to streamline the installation process of Android penetration testing tools in a single execution.
 
+![image](https://github.com/themalwarenews/Garuda/assets/31186224/84b0efdb-8f27-4d03-bfaf-32263d8deaae)
 
 
-### Garuda is a simple automated script, that installs and configures the android penetration testing setup.
----
-### NOTE: If you are using Virtual machines as an attacking device, then connect the android emulator via ADB.
----
 
-### PRESEQUITES
-1. Linux
-2. Genymotion/Android emulator/Rooted device
+## PRESEQUITES 
+- Any Linux OS
+- Genymotion/Android Emulator/Rooted device
+- Go and npm to install DAST packages.
 
 
----
 
 ## Tools Installed:
 
-### APK Packages:
+### APK Packages
 
 * [Xposed](http://repo.xposed.info/module/de.robv.android.xposed.installer)
 * [Inspeckage](https://github.com/ac-pm/Inspeckage)
@@ -29,47 +26,50 @@
 * [SSL Unpin](https://github.com/ac-pm/SSLUnpinning_Xposed)
 * [RootCloak](http://repo.xposed.info/module/com.devadvance.rootcloak2)
 
----
 
 ### Utilities
 
 * [Frida-server](https://frida.re/)
 * [tcpdump](https://www.androidtcpdump.com/)
 
----
-
 ### Flash file
 
 * [Xposed-framework](https://repo.xposed.info/)
 
----
-
 ### System Tools
 
 * [Drozer](https://labs.mwrinfosecurity.com/tools/drozer/)
 * [Frida-tools](https://frida.re/)
-* APKtool
-* Objection
-
----
+* [APKtool](https://apktool.org/)
+* [Objection](https://github.com/sensepost/objection)
+* [apkleaks](https://github.com/dwisiswant0/apkleaks)
+* [andriller](https://github.com/den4uk/andriller)
+* [quark-engine](https://github.com/quark-engine/quark-engine)
 
-## How to use
-1. Make sure you have connected the android virtual device to your attacking machine.
-2. Download or Clone the Garuda Repo.
-3. From the terminal, move into Garuda Directory
-4. Run ```python garuda.py```
 
-![image](https://user-images.githubusercontent.com/100226024/155191673-6ab5cf70-6ec1-432b-b0bc-e379088462ef.png)
+### DAST Tools
 
+* [RMS](https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security)
+* [dexcalibur](https://github.com/FrenchYeti/dexcalibur)
 
-## Installation Video
 
+## Installation
 
+ Make sure you have connected the android virtual device to your attacking machine.
 
-https://user-images.githubusercontent.com/100226024/155308712-de2fb7b3-45ef-46cc-bb56-341f01e6dd31.mp4
+```bash
+  git clone https://github.com/themalwarenews/Garuda
+  cd Garuda
+  python3 garuda.py
+```
+![image](https://github.com/themalwarenews/Garuda/assets/31186224/35c783c7-aa57-47e3-a1d8-6d8b05883f12)
 
 
+ Feel free to notify us for any errors :slightly_smiling_face:
+  
+  Follow us on :
 
-### Inspiration Droxes tool.
+[<img src='https://user-images.githubusercontent.com/100226024/229274315-c12a320c-cf5b-44da-ae6d-f3811957663d.svg' alt='linkedin' height='40'>](https://www.linkedin.com/in/anonsharan/) 	 [<img src='https://user-images.githubusercontent.com/100226024/229274268-453d1eec-4d98-4dad-80c8-885b4c6d0854.svg' alt='instagram' height='40'>](https://www.instagram.com/hackwithsharan/)  [<img src='https://user-images.githubusercontent.com/100226024/229274348-8af09e55-c563-4e0c-9118-59af0fda9df9.svg' alt='twitter' height='40'>](https://twitter.com/anon_sharzzk)  [<img src='https://user-images.githubusercontent.com/100226024/229274377-07f7c7d2-2cf9-4bfc-8727-0eba0eb4cfe4.svg' alt='YouTube' height='40'>](https://www.youtube.com/channel/ByteTheories)
 
 
+    
diff --git a/garuda.py b/garuda.py
@@ -1,101 +1,109 @@
-# !/usr/bin/env python
-
 import os
-import configparser
 import subprocess
-import threading
 import colorama
 from colorama import Fore
-from time import sleep
-from ppadb.client import Client as AdbClient
-
 
-__author__ = 'themalwarenews ( @themalwarenews) '
-__inspired_by__ = ' DROXES '
+# Define constants for directories and file paths
+APK_DIR = os.path.join(os.getcwd(), "apk")
+XPOSED_DIR = os.path.join(os.getcwd(), "xposed")
+BIN_DIR = os.path.join(os.getcwd(), "bin")
+SYSTEM_DIR = os.path.join(os.getcwd(), "system")
 
 class Garuda:
-
     def __init__(self):
         self.apk_list = ['xposed.apk', 'drozer.apk', 'term.apk', 'busybox.apk', 'rootcloak.apk', 'inspeckage.apk', 'SSLunpin.apk']
-        self.test_list = ['drozer.apk']
-        self.server_list = ['tcpdump', 'frida_server']
         self.flashfile = ['xposed_flash.zip']
+        self.server_list = ['tcpdump', 'frida_server']
         self.tools_list = ['apktool','python-pip','python3-pip', 'python-dev', 'python-twisted']
-        self.py_dependencies = ['frida','frida-tools','objection']
+        self.py_dependencies = ['frida','frida-tools','objection','apkleaks','andriller','quark-engine']
         self.sys_tools = ['drozer.deb']
+        self.DAST_tool = ['rms-runtime-mobile-security','dexcalibur']
 
     def welcome(self):
-        __banner__='''\t ██████╗  █████╗ ██████╗ ██╗   ██╗██████╗  █████╗ 
-\t██╔════╝ ██╔══██╗██╔══██╗██║   ██║██╔══██╗██╔══██╗
-\t██║  ███╗███████║██████╔╝██║   ██║██║  ██║███████║
-\t██║   ██║██╔══██║██╔══██╗██║   ██║██║  ██║██╔══██║
-\t╚██████╔╝██║  ██║██║  ██║╚██████╔╝██████╔╝██║  ██║
-\t ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝ ╚═════╝ ╚═════╝ ╚═╝  ╚═╝
-                                                  '''
-        
-        print("\n")
-        print(Fore.RED+" \t WELCOME TO ALL IN ONE ANDROID PENTESTING SETUP TOOL\n")
-        print(Fore.GREEN+__banner__)
-       
-        print ("      ------------------------------------------------------------------")
-        print ("\n\t| TOOL    :  Android Pentesting setup \t\t|")
-        print ("\t| AUTHOR  :  " + __author__ + " |")      
-        print ("\t| Inspiration  :  " + __inspired_by__ + "\t\t\t|")
+        banner = '''
+            ██████╗  █████╗ ██████╗ ██╗   ██╗██████╗  █████╗ 
+            ██╔════╝ ██╔══██╗██╔══██╗██║   ██║██╔══██╗██╔══██╗
+            ██║  ███╗███████║██████╔╝██║   ██║██║  ██║███████║
+            ██║   ██║██╔══██║██╔══██╗██║   ██║██║  ██║██╔══██║
+            ╚██████╔╝██║  ██║██║  ██║╚██████╔╝██████╔╝██║  ██║
+             ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝ ╚═════╝ ╚═════╝ ╚═╝  ╚═╝
+        '''
+        print(f"\n{Fore.RED}\t WELCOME TO ALL IN ONE ANDROID PENTESTING SETUP TOOL\n")
+        print(f"{Fore.GREEN}{banner}\n")
+        print("      ------------------------------------------------------------------")
+        print("\n\t| TOOL    :  Android Pentesting setup \t\t|")
+        print("\t| AUTHOR  :  themalwarenews ( @themalwarenews)  |")      
+        print("\t| VERSION :  2.0  \t\t\t\t|\n")
+        print("      ------------------------------------------------------------------\n\n")
+        print(f"{Fore.RED}\t NOTE: MAKE SURE YOU HAVE TURNED ON YOUR ANDROID VIRTUAL DEVICE / REAL DEVICE AND CONNECTED VIA ADB")
 
-        print ("\t| VERSION :  1.0  \t\t\t\t|\n")
-        print ("      ------------------------------------------------------------------")
+    def install_sys_tools(self):
+        print(f"{Fore.BLUE}\n[+] Setting up the system")
+        for tool in self.tools_list:
+            subprocess.call(['sudo', 'apt-get', '-f', 'install', tool], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+            print(f"{Fore.WHITE}\t[+] Installed {tool}")
 
-        print("\n\n")
-        print(Fore.RED+"\t NOTE: MAKE SURE YOU HAVE TURNED ON YOUR ANDROID VIRTUAL DEVICE / REAL DEVICE AND CONNECTED VIA ADB")
+        for dependency in self.py_dependencies:
+            subprocess.call(['sudo', '-H', 'pip3', 'install', dependency], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+            print(f"\t[+] Installed {dependency}")
 
+        for dependency in self.DAST_tool:
+            try:
+                subprocess.check_output(['npm', '--version'])
+                subprocess.call(['sudo', 'npm', 'install', '-g', dependency], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+                print(f"\t[+] Installed {dependency}")  
+            except subprocess.CalledProcessError:
+                print(f"\t[+] install npm first")
 
-    def install_sys_tools(self):
-        print (Fore.BLUE+"\n[+] Setting up the system")
-        for i in self.tools_list:
-            subprocess.call(['sudo', 'apt-get', '-f', 'install', i], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-            print (Fore.WHITE+"\t[+] Installed " + i)
 
-        for j in self.py_dependencies:
-            subprocess.call(['sudo', '-H', 'pip', 'install', j], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-            print ("\t[+] Installed " + j)
-
-        for k in self.sys_tools:
-            subprocess.call(['sudo', 'dpkg', '-i', os.getcwd() + "/system/" + k], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-            print ("\t[+] Installed " + k)
+        for sys_tool in self.sys_tools:
+            subprocess.call(['sudo', 'dpkg', '-i', os.path.join(SYSTEM_DIR, sys_tool)], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+            print(f"\t[+] Installed {sys_tool}")
 
     def install_apks(self):
-        print (Fore.BLUE+"\n[+] Installing APK Tools")
-        for i in self.apk_list:
-            subprocess.Popen(['adb', 'install', '-r', os.getcwd() + "/apk/" + i],stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-            print (Fore.WHITE+"\n \t[+] Installed " + i)
-            
+        print(f"{Fore.BLUE}\n[+] Installing APK Tools")
+        for apk in self.apk_list:
+            subprocess.Popen(['adb', 'install', '-r', os.path.join(APK_DIR, apk)], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+            print(f"{Fore.WHITE}\n \t[+] Installed {apk}")
+
     def install_xposed(self):
-        print (Fore.BLUE+"\n[+] Installing xposedframework")
-        for i in self.flashfile:
-            subprocess.Popen(['adb', 'push', os.getcwd() + '/xposed/' + i, '/sdcard/Download'],stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-            print (Fore.WHITE+"\n \t[+] Installed " + i) 
+        print(f"{Fore.BLUE}\n[+] Installing xposedframework")
+        for flashfile in self.flashfile:
+            subprocess.Popen(['adb', 'push', os.path.join(XPOSED_DIR, flashfile), '/sdcard/Download'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+            print(f"{Fore.WHITE}\n \t[+] Installed {flashfile}")
 
     def install_server_files(self):
-        print (Fore.BLUE+"\n[+] Installing Binary Tools")
-        for i in self.server_list:
-            subprocess.Popen(['adb', 'push', os.getcwd() + '/bin/' + i, '/data/local/tmp'],stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-            print (Fore.WHITE+"\n \t[+] Installed " + i)   
+        print(f"{Fore.BLUE}\n[+] Installing Binary Tools")
+        for server in self.server_list:
+            subprocess.Popen(['adb', 'push', os.path.join(BIN_DIR, server), '/data/local/tmp'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+            print(f"{Fore.WHITE}\n \t[+] Installed {server}")
         os.system('adb shell "chmod 777 /data/local/tmp/frida_server"')
         os.system('adb shell "chmod 777 /data/local/tmp/tcpdump"')
-        print(Fore.RED+"\n All the tools have been installed, Please goahead and configure the Xposed Framework.")
-        print(Fore.RED+"\n watch this video to setup Xposed-framework link : https://youtu.be/Sy09edb57hg .")
-                  
+        print(f"{Fore.RED}\n All the tools have been installed, Please go ahead and configure the Xposed Framework.")
+        print(f"{Fore.RED}\n Watch this video to set up Xposed-framework link: https://youtu.be/Sy09edb57hg.")
+
+    def install_go_based_tools(self):
+        subprocess.check_call(['sudo','go', 'install', 'github.com/andpalmier/apkingo/cmd/apkingo@latest'])
+        print("apkingo has been installed successfully.")
+    
+    def is_go_installed(self):
+        try:
+            subprocess.check_output(['go', 'version'])
+            return True
+        except (subprocess.CalledProcessError, FileNotFoundError):
+            return False
+
 
 def main():
     ga = Garuda()
     ga.welcome()
-    ga.install_sys_tools()   
+    ga.install_sys_tools() 
+    if ga.is_go_installed():
+        ga.install_go_based_tools()  
     ga.install_apks()
     ga.install_xposed()
     ga.install_server_files()
-   
+    
 
 if __name__ == '__main__':
     main()
-
-
