Add dependency graph functionality

.gitignore

@@ -21,3 +21,4 @@ TAGS
 *.log
 *.bin
 core
+.DS_STORE

LICENSE

@@ -0,0 +1,30 @@
+BSD 3-Clause License
+
+Copyright (c) 2016, North Carolina State University and University POLITEHNICA
+of Bucharest.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -10,6 +10,8 @@ The reverser (in the `reverse-sandbox/` folder) runs on any Python running platf
 
 SandBlaster may be installed and run standalone, though we recommend installing and running it from within [iExtractor](https://github.com/malus-security/iExtractor). Check the [iExtractor documentation](https://github.com/malus-security/iExtractor/blob/master/README.md) for information.
 
+iExtractor is open source software released under the 3-clause BSD license.
+
 ## Installation
 
 SandBlaster requires Python for the reverser (in `reverse-sandbox/`), Bash for helper scripts (in `helpers/`) and tools from the [sandbox_toolkit](https://github.com/sektioneins/sandbox_toolkit) (in `tools/`).

reverse-sandbox/filters.py

@@ -1,12 +1,13 @@
+from os import path
 import json
 
 def read_filters():
     temp = {}
     filters = {}
-    with open('filters.json') as data:
+    with open(path.join(path.dirname(__file__), "filters.json")) as data:
         temp = json.load(data)
 
-        for key, value in temp.iteritems():
+        for key, value in temp.items():
             filters[int(str(key), 16)] = value
 
     return filters

reverse-sandbox/operation_node.py

@@ -1,12 +1,14 @@
-#!/usr/bin/python
+#!/usr/bin/python3
 
+import copy
 import sys
 import struct
 import re
+from os import path
 import logging
 import logging.config
 
-logging.config.fileConfig("logger.config")
+logging.config.fileConfig(path.join(path.dirname(__file__), "logger.config"))
 logger = logging.getLogger(__name__)
 
 class TerminalNode():
@@ -384,7 +386,7 @@ def convert_filter(self, convert_fn, f, regex_list, ios10_release, keep_builtin_
             self.non_terminal.convert_filter(convert_fn, f, regex_list, ios10_release, keep_builtin_filters, global_vars)
 
     def str_debug(self):
-        ret = "(%02x) " % (self.offset)
+        ret = "(%02x) " % (int)(self.offset)
         if self.is_terminal():
             ret += "terminal: "
             ret += str(self.terminal)
@@ -419,7 +421,7 @@ def __eq__(self, other):
         return self.raw == other.raw
 
     def __hash__(self):
-        return self.offset
+        return (int)(self.offset)
 
 
 # Operation nodes processed so far.
@@ -589,9 +591,9 @@ def print_operation_node_graph(g):
         return
     message = ""
     for node_iter in g.keys():
-        message += "0x%x (%s) (%s) (decision: %s): [ " % (node_iter.offset, str(node_iter), g[node_iter]["type"], g[node_iter]["decision"])
+        message += "0x%x (%s) (%s) (decision: %s): [ " % ((int)(node_iter.offset), str(node_iter), g[node_iter]["type"], g[node_iter]["decision"])
         for edge in g[node_iter]["list"]:
-            message += "0x%x (%s) " % (edge.offset, str(edge))
+            message += "0x%x (%s) " % ((int)(edge.offset), str(edge))
         message += "]\n"
     logger.debug(message)
 
@@ -966,6 +968,63 @@ def recursive_xml_str(self, level, recursive_is_not):
             result_str += level*"\t" + "</require>\n"
         return result_str
 
+    def _add_ent_to_paths(self, ent, path, paths):
+        to_add = f'require-not({ent})' if self.is_not else ent
+        path.append(to_add)
+        paths.append(copy.deepcopy(path))
+        path.pop()
+
+    def _is_node_ent_val(self):
+        return 'entitlement-value' in self.str_simple() or\
+            self.is_type_require_all() or self.is_type_require_any()
+
+    def _get_simple_filter(self):
+        name, arg = self.value.values()
+        filt = f'{name}({arg})' if arg else name
+        return f'require-not({filt})' if self.is_not else filt
+
+    def _visit_next_nodes(self, next_vertices, rg, paths, path, state):
+        for n in next_vertices:
+            n._get_paths(rg, paths, path, state)
+
+    def _handle_state(self, rg, next_vertices, paths, crt_path, state):
+        crt_path.append(self._get_simple_filter())
+        if state == 'req-any' or not next_vertices:
+            paths.append(copy.deepcopy(crt_path))
+        self._visit_next_nodes(next_vertices, rg, paths, crt_path, state)
+        crt_path.pop()
+
+    def _get_paths(self, rg, paths, crt_path, state):
+        next_vertices = rg.get_next_vertices(self)
+        if self.is_type_start():
+            self._visit_next_nodes(next_vertices, rg, paths, crt_path, 'req-any')
+        elif self.is_type_require_entitlement():
+            name, arg = self.value.values()
+            if next_vertices:
+                for n in next_vertices:
+                    if n._is_node_ent_val():
+                        ent_vals = []
+                        n._get_paths(rg, ent_vals, [], 'req-any')
+                        for val in ent_vals:
+                            ent = f'{name}({arg}, [{val[0]}])'
+                            self._add_ent_to_paths(ent, crt_path, paths)
+                    else:
+                        crt_path.append(self._get_simple_filter())
+                        if state == 'req-any':
+                            paths.append(copy.deepcopy(crt_path))
+                            crt_path.pop()
+                        n._get_paths(rg, paths, crt_path, state)
+                        if state == 'req-all':
+                            crt_path.pop()                        
+            else:
+                self._add_ent_to_paths(f'{name}({arg})', crt_path, paths)
+        elif self.is_type_single():
+            self._handle_state(rg, next_vertices, paths, crt_path, state)
+        elif self.is_type_require_all():
+            next_vertices[0]._get_paths(rg, paths, crt_path, 'req-all')
+        elif self.is_type_require_any():
+            self._visit_next_nodes(next_vertices, rg, paths, crt_path, 'req-any')
+
     def __str__(self):
         return self.recursive_str(1, False)
 
@@ -1648,6 +1707,13 @@ def dump_xml(self, operation, out_f):
             out_f.write("\t\t</filters>\n")
             out_f.write("\t</operation>\n")
 
+    def get_dependency_graph(self, default_node):
+        paths = []
+        start_vertices = filter(lambda v: v.type != default_node.type,
+                self.get_start_vertices())
+        for v in start_vertices:
+            v._get_paths(self, paths, [], 'req-any')
+        return paths
 
 def reduce_operation_node_graph(g):
     # Create reduced graph.
@@ -1675,7 +1741,7 @@ def reduce_operation_node_graph(g):
             c_idx += 1
             if c_idx >= l:
                 break
-            rn = rg.get_vertice_by_value(g.keys()[c_idx])
+            rn = rg.get_vertice_by_value(list(g.keys())[c_idx])
             if not re.search("entitlement-value", str(rn)):
                 break
             prevs_rv = rg.get_prev_vertices(rv)
@@ -1715,11 +1781,11 @@ def main():
 
     # Extract node for 'default' operation (index 0).
     default_node = find_operation_node_by_offset(operation_nodes, sb_ops_offsets[0])
-    print "(%s default)" % (default_node.terminal)
+    print("(%s default)" % (default_node.terminal))
 
     # For each operation expand operation node.
-    #for idx in range(1, len(sb_ops_offsets)):
-    for idx in range(10, 11):
+    for idx in range(1, len(sb_ops_offsets)):
+    # for idx in range(10, 11):
         offset = sb_ops_offsets[idx]
         operation = sb_ops[idx]
         node = find_operation_node_by_offset(operation_nodes, offset)
@@ -1736,7 +1802,7 @@ def main():
         else:
             if node.terminal:
                 if node.terminal.type != default_node.terminal.type:
-                    print "(%s %s)" % (node.terminal, operation)
+                    print("(%s %s)" % (node.terminal, operation))
 
 
 if __name__ == "__main__":

reverse-sandbox/regex_parser.py

@@ -1,6 +1,7 @@
+from os import path
 import logging
 
-logging.config.fileConfig("logger.config")
+logging.config.fileConfig(path.join(path.dirname(__file__), "logger.config"))
 logger = logging.getLogger(__name__)
 
 def parse_character(re, i, regex_list):