fixed issue with special chars und added new folder structure

Author: ByteSnipers

CHANGELOG.md

@@ -1,5 +1,9 @@
 # ChangeLog
 
+### 0.7.34
+- BUGFIX: 	fixed issue with special chars in apk filename 
+- ADDED: 	new pentest folder structure
+
 ### 0.7.33
 - CHANGE: 	Minor changes
 

mpt/console.py

@@ -15,11 +15,17 @@
 
 from mpt import functions
 
-__version__ = '0.7.33'
+__version__ = '0.7.34'
 
 from mpt import settings, logger
 from mpt.config import Config
 
+def create_default_pentest_folder_structure(pentest_dir):
+    os.makedirs(os.path.join(pentest_dir, settings.APP_FOLDER))
+    os.makedirs(os.path.join(pentest_dir, settings.BACKUP_FOLDER))
+    os.makedirs(os.path.join(pentest_dir, settings.SCREENSHOT_FOLDER))
+    os.makedirs(os.path.join(pentest_dir, settings.SOURCE_FOLDER))
+    os.makedirs(os.path.join(pentest_dir, settings.BURP_FOLDER))
 
 def create_pentest_folder_with_absolute_path():
     pentest_path = input("Please put absolute path to pentest project folder: ")
@@ -30,8 +36,7 @@ def create_pentest_folder_with_absolute_path():
 
     use_tool_dir = functions.yes_no('Would you like to use this directory \"{}\" ? '.format(pentest_path))
     if use_tool_dir:
-        os.makedirs(os.path.join(pentest_path, settings.APP_FOLDER))
-        os.makedirs(os.path.join(pentest_path, settings.BACKUP_FOLDER))
+        create_default_pentest_folder_structure(pentest_path)
         return pentest_path
     else:
         log.warn("Setup canceled")
@@ -47,19 +52,6 @@ def setup_pentest(apk):
             log.error('File does not have required extension: apk')
             sys.exit()
 
-        aapt_bin = settings.ANDROID_TOOLS['aapt']['bin']
-
-        # get package name and application label
-        # aapt dump badging <path-to-apk> | grep package
-        # aapt dump badging <path-to-apk> | grep -w "application-label:"
-        output = functions.run_command(f"{aapt_bin} dump badging {apk_file}")
-        output = "".join(output)
-
-        package_match = re.search(r"package: name='(.*?)'", output)
-        application_label_match = re.search(r"application-label:'(.*?)'", output)
-
-        package = package_match.group(1) if package_match else None
-        application_label = application_label_match.group(1) if application_label_match else None
         pentest_path = os.path.join(os.getcwd(), settings.PENTEST_FOLDER)
 
         # remove pentest folder, if exists
@@ -73,8 +65,7 @@ def setup_pentest(apk):
             if menu_entry_index == 0:
                 shutil.rmtree(pentest_path)
                 log.debug(f"Folder {pentest_path} recreated")
-                os.makedirs(os.path.join(pentest_path, settings.APP_FOLDER))
-                os.makedirs(os.path.join(pentest_path, settings.BACKUP_FOLDER))
+                create_default_pentest_folder_structure(pentest_path)
             if menu_entry_index == 1:
                 pentest_path = create_pentest_folder_with_absolute_path()
             if menu_entry_index == 2:
@@ -90,8 +81,8 @@ def setup_pentest(apk):
             menu_entry_index = terminal_menu.show()
 
             if menu_entry_index == 0:
-                os.makedirs(os.path.join(pentest_path, settings.APP_FOLDER))
-                os.makedirs(os.path.join(pentest_path, settings.BACKUP_FOLDER))
+                # create default folder structure
+                create_default_pentest_folder_structure(pentest_path)
             if menu_entry_index == 1:
                 pentest_path = create_pentest_folder_with_absolute_path()
             # Skip setup
@@ -102,16 +93,36 @@ def setup_pentest(apk):
         if not os.path.isdir(pentest_path):
             log.error("Error: folder {} could not be created".format(pentest_path))
             sys.exit()
-        # TODO print message before overwriting the folder
+
         log.info("Folder for security assessment {} created".format(Fore.CYAN + settings.PENTEST_FOLDER + Style.RESET_ALL))
 
-        app_name = os.path.join(settings.APP_FOLDER, os.path.basename(apk_file))
-        shutil.copy(apk_file, os.path.join(pentest_path, app_name))
+        # Replace masked characters with "_", fix errors with special chars in shell
+        new_apk_filename = re.sub(r'[^\w.-]', '_', apk_file)
+        if apk_file != new_apk_filename:
+            log.warn(f"APK file renamed to {new_apk_filename}")
+        app_pentest_file_location = os.path.join(settings.APP_FOLDER, os.path.basename(new_apk_filename))
+        app_pentest_file = os.path.join(pentest_path, app_pentest_file_location)
+        shutil.copy(apk_file, app_pentest_file)
+
+        # update apk information
+
+        # get package name and application label
+        # aapt dump badging <path-to-apk> | grep package
+        # aapt dump badging <path-to-apk> | grep -w "application-label:"
+        aapt_bin = settings.ANDROID_TOOLS['aapt']['bin']
+        output = functions.run_command(f"{aapt_bin} dump badging {app_pentest_file}")
+        output = "".join(output)
+
+        package_match = re.search(r"package: name='(.*?)'", output)
+        application_label_match = re.search(r"application-label:'(.*?)'", output)
+
+        package = package_match.group(1) if package_match else None
+        application_label = application_label_match.group(1) if application_label_match else None
 
         # update configuration
         conf = Config()
         conf.update('pentest-dir', pentest_path)
-        conf.update('app', app_name)
+        conf.update('app', app_pentest_file_location)
         conf.update('package-name', package)
         conf.update('application-label', application_label)
         conf.print()

mpt/settings.py

@@ -10,7 +10,8 @@
 APP_FOLDER = "app"
 BACKUP_FOLDER = "backup"
 SCREENSHOT_FOLDER = "screenshots"
-SOURCE_FOLDER = os.path.join(APP_FOLDER, "source")
+SOURCE_FOLDER = "source"
+BURP_FOLDER = "burp"
 FRIDA_BIN = "frida-server"
 TEMP_DIR = "/tmp/local-mpt/"
 BROWSER = 'chromium'