Skip to content

Commit

Permalink
Merge pull request #84 from Fuzion24/feature/zip_assets
Browse files Browse the repository at this point in the history 
Extract media assets from a Zip
  • Loading branch information
@Fuzion24
Fuzion24 committed Nov 25, 2015
2 parents ebd008a + 8e3d24c commit 8e9576d
Show file tree
Hide file tree
Showing 13 changed files with 51 additions and 13 deletions.
Binary file added app/src/main/assets/stagefright/stagefright_media_files.zip
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/CVE-2015-1538-1.mp4
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/CVE-2015-1538-2.mp4
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/CVE-2015-1538-3.mp4
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/CVE-2015-1538-4.mp4
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/CVE-2015-1539.mp4
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/CVE-2015-3824.mp4
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/CVE-2015-3828.mp4
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/CVE-2015-3829.mp4
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/CVE-2015-3864.mp4
View file
Binary file not shown.
Binary file removed app/src/main/assets/stagefright/stagefright_media_files/sf-itunes-poc.mp4
View file
Binary file not shown.
25 changes: 13 additions & 12 deletions .../main/java/fuzion24/device/vulnerability/vulnerabilities/framework/media/StageFright.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
import fuzion24.device.vulnerability.vulnerabilities.helper.TestResult;

import static fuzion24.device.vulnerability.vulnerabilities.helper.BinaryAssets.extractAsset;
import static fuzion24.device.vulnerability.vulnerabilities.helper.BinaryAssets.extractZipAsset;
import static fuzion24.device.vulnerability.vulnerabilities.helper.CrashCheck.execute;

/**
Expand All @@ -39,9 +40,13 @@ public static List<VulnerabilityTest> getTests(Context context) {
try {
File dataDir = context.getFilesDir();

AssetManager assetManager = context.getAssets();
final String stageFrightAssetPath = "stagefright/stagefright_media_files";
String[] stagefrightMediaFiles = assetManager.list(stageFrightAssetPath);

final String stageFrightAssetPath = "stagefright/stagefright_media_files.zip";
final String extractionDir = dataDir.getAbsolutePath() + File.separator + "stagefright_media" + File.separator;

extractZipAsset(context, stageFrightAssetPath, extractionDir);

File stagefrightMediaFilesFolder = new File(extractionDir);

List<VulnerabilityTest> tests = new ArrayList<VulnerabilityTest>();

Expand All @@ -50,18 +55,14 @@ public static List<VulnerabilityTest> getTests(Context context) {
extractedBinaryTester);
exec("chmod 700 " + extractedBinaryTester);

for (final String mediaFile : stagefrightMediaFiles) {

final String extractedAssetPath = dataDir.getAbsolutePath() + File.separator + mediaFile;

extractAsset(context,
stageFrightAssetPath + File.separator + mediaFile,
extractedAssetPath);
Log.d(TAG, "Is directory: " + stagefrightMediaFilesFolder.isDirectory());
File[] mediaFiles = stagefrightMediaFilesFolder.listFiles();

for (final File mediaFile : stagefrightMediaFilesFolder.listFiles()) {
tests.add(new VulnerabilityTest() {
@Override
public String getCVEorID() {
return FilenameUtils.removeExtension(mediaFile);
return FilenameUtils.removeExtension(mediaFile.getName());
}

@Override
Expand All @@ -75,7 +76,7 @@ public List<CPUArch> getSupportedArchitectures() {

@Override
public boolean isVulnerable(Context context) throws Exception {
TestResult result = execute(context, 5, extractedBinaryTester, extractedAssetPath);
TestResult result = execute(context, 5, extractedBinaryTester, mediaFile.getAbsolutePath());
Log.d(TAG, "Test result: " + result.toString());
if (result.isOk()) {
return false;
Expand Down
39 changes: 38 additions & 1 deletion app/src/main/java/fuzion24/device/vulnerability/vulnerabilities/helper/BinaryAssets.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;

public class BinaryAssets {

Expand All @@ -23,7 +25,7 @@ public static String extractAsset(Context ctx, String name) throws IOException {
AssetManager assetManager = ctx.getAssets();
InputStream asset = assetManager.open(name);
ByteArrayOutputStream fos = new ByteArrayOutputStream();
copy(asset,fos);
copy(asset, fos);
return fos.toString();
}

Expand All @@ -36,6 +38,7 @@ public static void extractAsset(Context ctx, String name, String destination, bo
f.delete();
}
}

catch(Exception e) {e.printStackTrace();}

AssetManager assetManager = ctx.getAssets();
Expand All @@ -44,6 +47,40 @@ public static void extractAsset(Context ctx, String name, String destination, bo
copy(asset,fos);
}

public static void extractZipAsset(Context ctx, String zipAsset, String destination) throws IOException {
AssetManager assetManager = ctx.getAssets();
InputStream asset = assetManager.open(zipAsset);
ZipInputStream zis = new ZipInputStream(asset);

File extractionDir = new File(destination);

boolean directionCreationSucceeded = extractionDir.mkdirs();

ZipEntry ze = null;
byte[] buffer = new byte[8192];
while ((ze = zis.getNextEntry()) != null) {

if(ze.isDirectory()){
continue;
}

//Strip everything from the last '/'
String zeName = ze.getName();
String fileName = zeName;
if(zeName.lastIndexOf('/') != -1){
fileName = zeName.substring(zeName.lastIndexOf('/'), zeName.length());
}

String fileExtractionPath = destination + fileName;
FileOutputStream fos = new FileOutputStream(fileExtractionPath);
int len;
while ((len = zis.read(buffer)) != -1) {
fos.write(buffer, 0, len);
}
fos.close();
}
}

private static final int BUFFER_SIZE = 2 * 1024 * 1024;
public static void copy(InputStream input, OutputStream output) throws IOException {
try {
Expand Down

0 comments on commit 8e9576d

Please sign in to comment.