Fix Handing of Multi-word Application Names

[Yogehi]

fixed an issue where if the "bundle executable" name is more than one word, needle inserts random single quotes and double quotes between ".app" and "/Info.plist"

example, before this fix, when i try to pull the meta data for all app called "my app", needle uses the following command locally:

sshpass -p "alpine" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 2222 root@127.0.0.1:"'/private/var/containers/Bundle/Application//my app.app'"'"'"'"'"'"'"'"'/Info.plist'" /root/.needle/tmp/plist

after this fix, the local command looks like the following:

sshpass -p "alpine" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 2222 root@127.0.0.1:"'/private/var/containers/Bundle/Application//my app.app/Info.plist'" /root/.needle/tmp/plist

[HenryHoggard]

Renaming issue to Fix Handing of Multi-word Application Names. What iOS versions was this tested on?

[HenryHoggard]

Doesn't work for me:

test = '/private/var/containers/Bundle/Application//my app.app'"'"'"'"'"'"'"'"'/Info.plist'
print test
/private/var/containers/Bundle/Application//my app.app'"'"'/Info.plist
test = test.strip(''''"''')
>>> print test
/private/var/containers/Bundle/Application//my app.app'"'"'/Info.plist

[Yogehi]

Tested it on iOS 10.2.1

What version did this fix fail for you on? If it's iOS 9 I can try it myself today and see what's up.

[HenryHoggard]

Tested the excerpt in a python shell, not via Needle.

[Yogehi]

not sure why it wouldn't work in a python shell, but here it is working in needle.

app tested: "Game Center" package name: "com.apple.gamecenter" application location: "/Applications/Game Center.app" OS tested on: ios 9 (ios10 was used when i originally submitted this pull request)

full needle output WITHOUT the fix i proposed:

[needle] > set debug true
DEBUG => true
[needle] > set app com.apple.gamecenter
APP => com.apple.gamecenter
[needle] > use binary/info/metadata
[needle][metadata] > run
[D] Setup local output folder: /root/.needle/output
[D] Setting up issues database...
[D] [DB] QUERY: CREATE TABLE IF NOT EXISTS issues (app TEXT, module TEXT, name TEXT, content TEXT, confidence TEXT, outfile TEXT)
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[D] Setting up USB port forwarding on port 2222
[D] [LOCAL CMD] Local Subprocess Command: /root/Programs/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2222
[D] [AGENT] Setting up port forwarding on port 4444
[V] [AGENT] Connecting to agent (127.0.0.1:4444)...
[+] [AGENT] Successfully connected to agent (127.0.0.1:4444)...
[D] [AGENT] Executing command: os_version
[V] [SSH] Connecting (127.0.0.1:2222)...
[+] [SSH] Connected (127.0.0.1:2222)
[D] Creating temp folder: /var/root/needle/
[D] [REMOTE CMD] Remote Command: if [ -d /var/root/needle/ ]; then echo "yes"; else echo "no" ; fi
[D] [REMOTE CMD] Remote Command: mkdir /var/root/needle/
[D] [AGENT] Executing command: os_version
[+] Target app: com.apple.gamecenter
[*] Retrieving app's metadata...
[D] [AGENT] Executing command: list_apps
[D] Copying the plist to temp: '/Applications/Game Center.app'"'"'/Info.plist' -> /root/.needle/tmp/plist
[*] Pulling: '/Applications/Game Center.app'"'"'/Info.plist' -> /root/.needle/tmp/plist
[D] Downloading: "'/Applications/Game Center.app'"'"'"'"'"'"'"'"'/Info.plist'" -> /root/.needle/tmp/plist
[D] [LOCAL CMD] Local Command: sshpass -p "<password>" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 2222 root@127.0.0.1:"'/Applications/Game Center.app'"'"'"'"'"'"'"'"'/Info.plist'" /root/.needle/tmp/plist
------------------------------------------------------------
Traceback (most recent call last):
  File "/root/Programs/needle/needle/core/framework/module.py", line 111, in do_run
    pre = self.module_pre()
  File "/root/Programs/needle/needle/core/framework/module.py", line 147, in module_pre
    if self.app_check() is None: return None
  File "/root/Programs/needle/needle/core/framework/framework.py", line 693, in app_check
    self.APP_METADATA = Framework.APP_METADATA = self.device.app.get_metadata(app)
  File "/root/Programs/needle/needle/core/device/app.py", line 17, in get_metadata
    return self._retrieve_metadata()
  File "/root/Programs/needle/needle/core/device/app.py", line 26, in _retrieve_metadata
    plist_info = self._device.remote_op.parse_plist(plist_info_path)
  File "/root/Programs/needle/needle/core/device/remote_operations.py", line 219, in parse_plist
    content = Utils.plist_read_from_file(plist_copy)
  File "/root/Programs/needle/needle/core/utils/utils.py", line 162, in plist_read_from_file
    plist = biplist.readPlist(path)
  File "/usr/local/lib/python2.7/dist-packages/biplist/__init__.py", line 122, in readPlist
    pathOrFile = open(pathOrFile, 'rb')
IOError: [Errno 2] No such file or directory: '/root/.needle/tmp/plist'
------------------------------------------------------------
[!] IOError: [Errno 2] No such file or directory: '/root/.needle/tmp/plist'

full needle output WITH the fix i proposed:

[needle] > set debug true
DEBUG => true
[needle] > set app com.apple.gamecenter
APP => com.apple.gamecenter
[needle] > use binary/info/metadata
[needle][metadata] > run
[D] Setup local output folder: /root/.needle/output
[D] Setting up issues database...
[D] [DB] QUERY: CREATE TABLE IF NOT EXISTS issues (app TEXT, module TEXT, name TEXT, content TEXT, confidence TEXT, outfile TEXT)
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[D] Setting up USB port forwarding on port 2222
[D] [LOCAL CMD] Local Subprocess Command: /root/Programs/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2222
[D] [AGENT] Setting up port forwarding on port 4444
[V] [AGENT] Connecting to agent (127.0.0.1:4444)...
[+] [AGENT] Successfully connected to agent (127.0.0.1:4444)...
[D] [AGENT] Executing command: os_version
[V] [SSH] Connecting (127.0.0.1:2222)...
[+] [SSH] Connected (127.0.0.1:2222)
[D] Creating temp folder: /var/root/needle/
[D] [REMOTE CMD] Remote Command: if [ -d /var/root/needle/ ]; then echo "yes"; else echo "no" ; fi
[D] [REMOTE CMD] Remote Command: mkdir /var/root/needle/
[D] [AGENT] Executing command: os_version
[+] Target app: com.apple.gamecenter
[*] Retrieving app's metadata...
[D] [AGENT] Executing command: list_apps
[D] Copying the plist to temp: '/Applications/Game Center.app/Info.plist' -> /root/.needle/tmp/plist
[*] Pulling: '/Applications/Game Center.app/Info.plist' -> /root/.needle/tmp/plist
[D] Downloading: "'/Applications/Game Center.app/Info.plist'" -> /root/.needle/tmp/plist
[D] [LOCAL CMD] Local Command: sshpass -p "<password>" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 2222 root@127.0.0.1:"'/Applications/Game Center.app/Info.plist'" /root/.needle/tmp/plist
[D] [REMOTE CMD] Remote Command: lipo -info '/Applications/Game Center.app/Game Center'
[D] [REMOTE CMD] Remote Command: if [ -d '/Applications/Game Center.app/PlugIns' ]; then echo "yes"; else echo "no" ; fi
[D] [REMOTE CMD] Remote Command: if [ -d '/Applications/Game Center.app/PlugIns' ]; then echo "yes"; else echo "no" ; fi
[D] [REMOTE CMD] Remote Command: ls  '/Applications/Game Center.app/PlugIns'
[D] Copying the plist to temp: /Applications/Game Center.app/PlugIns/TTRGameCenter.appex/Info.plist -> /root/.needle/tmp/plist
[*] Pulling: /Applications/Game Center.app/PlugIns/TTRGameCenter.appex/Info.plist -> /root/.needle/tmp/plist
[D] Downloading: "'/Applications/Game Center.app/PlugIns/TTRGameCenter.appex/Info.plist'" -> /root/.needle/tmp/plist
[D] [LOCAL CMD] Local Command: sshpass -p "<password>" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 2222 root@127.0.0.1:"'/Applications/Game Center.app/PlugIns/TTRGameCenter.appex/Info.plist'" /root/.needle/tmp/plist
[+] Name                : Game Center                   
[+] Binary Name         : Game Center                   
[+] Bundle Executable   : Game Center                   
[+] Bundle ID           : com.apple.gamecenter          
[+] Bundle Type         : System                        
[+] UUID                :                               
[+] Team ID             : 0000000000                    
[+] Signer Identity     :                               
[+] Bundle Directory    :                               
[+] Binary Directory    : /Applications/Game Center.app 
[+] Binary Path         : '/Applications/Game Center.app/Game Center'
[+] Data Directory      : /private/var/mobile/Containers/Data/Application/E1210825-0079-4982-A545-8FC079F76018
[+] Bundle Package Type : APPL                          
[+] App Version         : 363.4                         
[+] Architectures       : arm64                         
[+] Platform Version    : 9.0                           
[+] SDK Version         : 9.0                           
[+] Minimum OS          : 9.0                           
[+] URL Handlers        
[+]         ['gamecenter', 'itms-gc', 'itms-gcs']
[*] Apple Transport Security Settings not found
[+] Entitlements        
[+]          com.apple.backboardd.launchapplications : 1                   
[+]          com.apple.private.hsa-authentication-processing: 1                   
[+]          com.apple.authkit.client.private        : 1                   
[+]          DataProtectionClass                     : NSFileProtectionComplete
[+]          com.apple.private.social.facebook.like  : 1                   
[+]          com.apple.private.canGetAppLinkInfo     : 1                   
[+]          com.apple.mobile.deleted.AllowFreeSpace : 1                   
[+]          com.apple.security.exception.mach-lookup.global-name: [u'com.apple.ak.auth.xpc', u'com.apple.hsa-authentication-server']
[+]          com.apple.private.security.container-required: 1                   
[+]          com.apple.private.canModifyAppLinkPermissions: 1                   
[+]          com.apple.private.game-center           : [u'Account', u'Profile', u'Friends', u'Games', u'GameStats', u'Challenges', u'Multiplayer', u'TurnBasedMultiplayer']
[+]          com.apple.private.tcc.allow             : [u'kTCCServicePhotos']
[+]          keychain-access-groups                  : [u'apple']          
[+]          com.apple.private.tcc.allow.overridable : [u'kTCCServicePhotos']
[+]          com.apple.accounts.facebook.defaultaccess: 1                   
[+]          com.apple.springboard.opensensitiveurl  : 1                   
[+]          com.apple.itunesstored.private          : 1                   
[+]          com.apple.authkit.client.internal       : 1                   
[+]          com.apple.private.mobileinstall.allowedSPI: [u'Lookup', u'Uninstall', u'UninstallForLaunchServices']

[+] Application Extension:
[+]         Bundle Display Name                     : TTRGameCenter       
[+]         Bundle Executable                       : TTRGameCenter       
[+]         Bundle ID                               : com.apple.gamecenter.TTRGameCenter
[+]         Bundle Version                          : 1 (1.0)             
[+]         Bundle Package Type                     : XPC!                
[+]         Platform Version                        : 9.0                 
[*]         URL Handlers not found
[*]         Apple Transport Security Settings not found
[+]         NSExtensionProtocol                     : NSObject            
[+]         NSExtensionPointIdentifier              : com.apple.taptoradar-service
[+]         PrincipalClass                          : NSObject            
[+]         NSExtensionAttributes                   : {'RCDisplayName': 'TTRGameCenter', 'RCAttachmentsName': 'Game Center Logs', 'RCOwnerBundleID': 'com.apple.gamecenter', 'NSExtensionPointVersion': '1.0', 'NSExtensionPointName': 'com.apple.taptoradar-service'}
[+]         NSExtensionPrincipalClass               : TTRGameCenterExtension
[+]         NSExtensionContextClass                 : RCTapToRadarExtensionContext
[+]         NSExtensionContextHostClass             : RCTapToRadarExtensionHostContext

[Yogehi]

closing this PR to clear up commit clutter

see PR https://github.com/mwrlabs/needle/pull/234