Exodus is meant to:
- download a bunch of APK files from Google Play
- find trackers signature in unzipped APK
- retrieve application information like version, handle, ...
- manage Android VirtualBox VM
- install and run Android applications
- analyze the network traffic generated by the application
- retrieve DNS queries and responses
- retrieve HTTP posted data
- generate JSON report
sudo apt install git virtualenv postgresql-9.6 rabbitmq-server tshark aapt build-essential libssl-dev aapt libffi-dev python3-dev openjdk-8-jre libxml2-dev libxslt1-dev
git clone https://github.com/Exodus-Privacy/exodus.git
sudo su - postgres
psql
CREATE USER exodus WITH PASSWORD 'exodus';
CREATE DATABASE exodus WITH OWNER exodus;
cd exodus
virtualenv ./venv -p python3
source venv/bin/activate
pip3 install -r requirements.txt
pip install git+https://github.com/androguard/androguard.git
cd exodus
python manage.py migrate --fake-initial --settings=exodus.settings.dev
python manage.py makemigrations --settings=exodus.settings.dev
python manage.py migrate --settings=exodus.settings.dev
You have to activate the virtual venv and cd into the same directory as manage.py file.
source venv/bin/activate
cd exodus
python manage.py createsuperuser --settings=exodus.settings.dev
Minio is in charge to store files like APK, icons, flow and pcap files.
wget https://dl.minio.io/server/minio/release/linux-amd64/minio -O $HOME/minio
chmod +x $HOME/minio
mkdir -p $HOME/.minio
cat > $HOME/.minio/config.json << EOL
{
"version": "20",
"credential": {
"accessKey": "exodusexodus",
"secretKey": "exodusexodus"
},
"region": "",
"browser": "on",
"logger": {
"console": {
"enable": true
},
"file": {
"enable": false,
"filename": ""
}
},
"notify": {}
}
EOL
mkdir -p /tmp/exodus-storage
$HOME/minio server /tmp/exodus-storage
Minio is now listening on 9000 port and the browser interface is available
at http://127.0.0.1:9000. Use exodusexodus as both login
and password.
The εxodus handle asynchronous tasks submitted by the front-end.
You have to activate the virtual venv and cd into the same directory as manage.py file.
source venv/bin/activate
cd exodus
export DJANGO_SETTINGS_MODULE=exodus.settings.dev; python manage.py celery worker -A exodus.core -l info
Now, the εxodus worker is waiting for tasks.
You have to activate the virtual venv and cd into the same directory as manage.py file.
source venv/bin/activate
mkdir -p $HOME/.config/gplaycli/
cp venv/lib/python3.5/site-packages/$HOME/.config/gplaycli/gplaycli.conf $HOME/.config/gplaycli/gplaycli.conf
cd exodus
python manage.py runserver --settings=exodus.settings.dev
Now browse http://127.0.0.1:8000
Browse http://127.0.0.1:8000/admin/ and enter your login and password. Then, browse http://127.0.0.1:8000/analysis/submit/, specify an application handle and click on submit.
It is probably a configuration issue. First of all, check the file $HOME/.config/gplaycli/gplaycli.conf, it
should contains:
android_ID=3d716411bf8bc802
If the issue remains, fill:
gmail_addressgmail_password
with a real Google Account :-(
If the file $HOME/.config/gplaycli/gplaycli.conf does not exist, create it and put that into:
[Credentials]
gmail_address=
gmail_password=
#keyring_service=gplaycli
android_ID=3d716411bf8bc802
language=en_US
token=True
token_url=https://matlink.fr/token/email/gsfid
[Cache]
token=~/.cache/gplaycli/token
We periodically export trackers definitions from the poduction instance. This export is a JSON file you can easily import using Django admin.
To do so, get trackers definition from production by clicking on Raw text and copying the content into a json file, for example in /tmp/trackers.json.
Once saved, activate the εxodus virtual venv, cd into the same directory as manage.py file and execute the following command:
python manage.py loaddata /tmp/trackers.json --settings=exodus.settings.devDjango should say something like
Installed 71 object(s) from 1 fixture(s)
Now, browse your tracker list.
chmod g+s net