den4uk / andriller

📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.
MIT License
1.34k stars 208 forks source link

Extraction issue with su/cat on rooted device #45

Open m1435 opened 3 years ago

m1435 commented 3 years ago

Describe the bug Andriller fails to extract internal databases using the the get_file(su/cat) method.

To Reproduce

  1. Connect rooted Android device.
  2. Set output folder.
  3. Click Check and then Extract.

Expected behavior Andriller extracts and parses the various databases, e.g. calllog.db.

Screenshots n/a

Environment:

Target Android device:

Error Log / Traceback andriller.log

Additional context The reason appears to be related to the unstrip function in the adb_conn.py file. With the following change which effectively bypasses the function, I got the extraction working:

136     def unstrip(self, data: bytes) -> bytes:¬                                   
137         return data # re.sub(self.rmr, b'\n', data)¬ 

So maybe the value of the _is_adb_out_post_v5 variable is not setup correctly? It appears to be False in my case, although I have adb exec-out id available.

den4uk commented 3 years ago

Thank you, I will investigate this. It seems that the version you have does not require removing extra carriage returns. I don't want to rush in releasing a fix, as I would need to be able to test with multiple Android versions.

m1435 commented 3 years ago

Thanks for replying. I am all for proper investigation. In the end, it might still be odd behavior of my version of adb. It's not called Debian Unstable for nothing 😉

den4uk commented 3 years ago

TBH, I won't have the time for a month to be able to look into it, as I am on a long holiday. Feel free to modify your own fork with any code changes you like in the mean time.