Deduplicate modules which are run by the sub-commands.

2026-06-06 06:53:54 +02:00 · 2025-02-10 20:32:51 +01:00
parent 5d696350dc
commit a08c24b02a
54 changed files with 80 additions and 1201 deletions
@@ -1,27 +0,0 @@
-# Mobile Verification Toolkit (MVT)
-# Copyright (c) 2021-2023 The MVT Authors.
-# Use of this software is governed by the MVT License 1.1 that can be found at
-#   https://license.mvt.re/1.1/
-
-from pathlib import Path
-
-from mvt.android.modules.androidqf.dumpsys_adb import DumpsysADBState
-from mvt.common.module import run_module
-
-from ..utils import get_android_androidqf, list_files
-
-
-class TestDumpsysADBModule:
-    def test_parsing(self):
-        data_path = get_android_androidqf()
-        m = DumpsysADBState(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        run_module(m)
-        assert len(m.results) == 1
-        assert len(m.detected) == 0
-
-        adb_statedump = m.results[0]
-        assert "user_keys" in adb_statedump
-        assert len(adb_statedump["user_keys"]) == 1
@@ -1,24 +0,0 @@
-# Mobile Verification Toolkit (MVT)
-# Copyright (c) 2021-2023 The MVT Authors.
-# Use of this software is governed by the MVT License 1.1 that can be found at
-#   https://license.mvt.re/1.1/
-
-from pathlib import Path
-
-from mvt.android.modules.androidqf.dumpsys_battery_daily import DumpsysBatteryDaily
-from mvt.common.module import run_module
-
-from ..utils import get_android_androidqf, list_files
-
-
-class TestDumpsysBatteryDailyModule:
-    def test_parsing(self):
-        data_path = get_android_androidqf()
-        m = DumpsysBatteryDaily(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        run_module(m)
-        assert len(m.results) == 3
-        assert len(m.timeline) == 3
-        assert len(m.detected) == 0
@@ -1,24 +0,0 @@
-# Mobile Verification Toolkit (MVT)
-# Copyright (c) 2021-2023 The MVT Authors.
-# Use of this software is governed by the MVT License 1.1 that can be found at
-#   https://license.mvt.re/1.1/
-
-from pathlib import Path
-
-from mvt.android.modules.androidqf.dumpsys_battery_history import DumpsysBatteryHistory
-from mvt.common.module import run_module
-
-from ..utils import get_android_androidqf, list_files
-
-
-class TestDumpsysBatteryHistoryModule:
-    def test_parsing(self):
-        data_path = get_android_androidqf()
-        m = DumpsysBatteryHistory(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        run_module(m)
-        assert len(m.results) == 6
-        assert len(m.timeline) == 0
-        assert len(m.detected) == 0
@@ -1,24 +0,0 @@
-# Mobile Verification Toolkit (MVT)
-# Copyright (c) 2021-2023 The MVT Authors.
-# Use of this software is governed by the MVT License 1.1 that can be found at
-#   https://license.mvt.re/1.1/
-
-from pathlib import Path
-
-from mvt.android.modules.androidqf.dumpsys_dbinfo import DumpsysDBInfo
-from mvt.common.module import run_module
-
-from ..utils import get_android_androidqf, list_files
-
-
-class TestDumpsysDBInfoModule:
-    def test_parsing(self):
-        data_path = get_android_androidqf()
-        m = DumpsysDBInfo(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        run_module(m)
-        assert len(m.results) == 6
-        assert len(m.timeline) == 0
-        assert len(m.detected) == 0
@@ -1,23 +0,0 @@
-# Mobile Verification Toolkit (MVT)
-# Copyright (c) 2021-2023 The MVT Authors.
-# Use of this software is governed by the MVT License 1.1 that can be found at
-#   https://license.mvt.re/1.1/
-
-from pathlib import Path
-
-from mvt.android.modules.androidqf.dumpsys_platform_compat import DumpsysPlatformCompat
-from mvt.common.module import run_module
-
-from ..utils import get_android_androidqf, list_files
-
-
-class TestDumpsysPlatformCompatModule:
-    def test_parsing(self):
-        data_path = get_android_androidqf()
-        m = DumpsysPlatformCompat(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        run_module(m)
-        assert len(m.results) == 2
-        assert len(m.detected) == 0
@@ -1,23 +0,0 @@
-# Mobile Verification Toolkit (MVT)
-# Copyright (c) 2021-2023 The MVT Authors.
-# Use of this software is governed by the MVT License 1.1 that can be found at
-#   https://license.mvt.re/1.1/
-
-from pathlib import Path
-
-from mvt.android.modules.androidqf.dumpsys_accessibility import DumpsysAccessibility
-from mvt.common.module import run_module
-
-from ..utils import get_android_androidqf, list_files
-
-
-class TestDumpsysAccessibilityModule:
-    def test_parsing(self):
-        data_path = get_android_androidqf()
-        m = DumpsysAccessibility(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        run_module(m)
-        assert len(m.results) == 4
-        assert len(m.detected) == 0
@@ -1,29 +0,0 @@
-# Mobile Verification Toolkit (MVT)
-# Copyright (c) 2021-2023 The MVT Authors.
-# Use of this software is governed by the MVT License 1.1 that can be found at
-#   https://license.mvt.re/1.1/
-
-from pathlib import Path
-
-from mvt.android.modules.androidqf.dumpsys_appops import DumpsysAppops
-from mvt.common.module import run_module
-
-from ..utils import get_android_androidqf, list_files
-
-
-class TestDumpsysAppOpsModule:
-    def test_parsing(self):
-        data_path = get_android_androidqf()
-        m = DumpsysAppops(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        run_module(m)
-        assert len(m.results) == 12
-        assert len(m.timeline) == 16
-
-        detected_by_ioc = [
-            detected for detected in m.detected if detected.get("matched_indicator")
-        ]
-        assert len(m.detected) == 1
-        assert len(detected_by_ioc) == 0
@@ -1,46 +0,0 @@
-# Mobile Verification Toolkit (MVT)
-# Copyright (c) 2021-2023 The MVT Authors.
-# Use of this software is governed by the MVT License 1.1 that can be found at
-#   https://license.mvt.re/1.1/
-
-import logging
-from pathlib import Path
-
-from mvt.android.modules.androidqf.dumpsys_packages import DumpsysPackages
-from mvt.common.indicators import Indicators
-from mvt.common.module import run_module
-
-from ..utils import get_android_androidqf, list_files
-
-
-class TestDumpsysPackagesModule:
-    def test_parsing(self):
-        data_path = get_android_androidqf()
-        m = DumpsysPackages(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        run_module(m)
-        assert len(m.results) == 2
-        assert len(m.detected) == 0
-        assert len(m.timeline) == 6
-        assert (
-            m.results[0]["package_name"]
-            == "com.samsung.android.provider.filterprovider"
-        )
-
-    def test_detection_pkgname(self, indicator_file):
-        data_path = get_android_androidqf()
-        m = DumpsysPackages(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        ind = Indicators(log=logging.getLogger())
-        ind.parse_stix2(indicator_file)
-        ind.ioc_collections[0]["app_ids"].append("com.sec.android.app.DataCreate")
-        m.indicators = ind
-        run_module(m)
-        assert len(m.results) == 2
-        assert len(m.detected) == 1
-        assert len(m.timeline) == 6
-        assert m.detected[0]["package_name"] == "com.sec.android.app.DataCreate"
@@ -1,23 +0,0 @@
-# Mobile Verification Toolkit (MVT)
-# Copyright (c) 2021-2023 The MVT Authors.
-# Use of this software is governed by the MVT License 1.1 that can be found at
-#   https://license.mvt.re/1.1/
-
-from pathlib import Path
-
-from mvt.android.modules.androidqf.dumpsys_receivers import DumpsysReceivers
-from mvt.common.module import run_module
-
-from ..utils import get_android_androidqf, list_files
-
-
-class TestDumpsysReceiversModule:
-    def test_parsing(self):
-        data_path = get_android_androidqf()
-        m = DumpsysReceivers(target_path=data_path)
-        files = list_files(data_path)
-        parent_path = Path(data_path).absolute().parent.as_posix()
-        m.from_dir(parent_path, files)
-        run_module(m)
-        assert len(m.results) == 4
-        assert len(m.detected) == 0
@@ -6,7 +6,7 @@
 import logging
 from pathlib import Path

-from mvt.android.modules.androidqf.files import Files
+from mvt.android.modules.androidqf.aqf_files import AQFFiles
 from mvt.common.module import run_module

 from ..utils import get_android_androidqf, list_files
@@ -15,7 +15,7 @@ from ..utils import get_android_androidqf, list_files
 class TestAndroidqfFilesAnalysis:
    def test_androidqf_files(self):
        data_path = get_android_androidqf()
-        m = Files(target_path=data_path, log=logging)
+        m = AQFFiles(target_path=data_path, log=logging)
        files = list_files(data_path)
        parent_path = Path(data_path).absolute().parent.as_posix()
        m.from_dir(parent_path, files)
@@ -7,7 +7,7 @@ import logging
 import zipfile
 from pathlib import Path

-from mvt.android.modules.androidqf.getprop import Getprop
+from mvt.android.modules.androidqf.aqf_getprop import AQFGetProp
 from mvt.common.indicators import Indicators
 from mvt.common.module import run_module

@@ -17,7 +17,7 @@ from ..utils import get_android_androidqf, get_artifact, list_files
 class TestAndroidqfGetpropAnalysis:
    def test_androidqf_getprop(self):
        data_path = get_android_androidqf()
-        m = Getprop(target_path=data_path, log=logging)
+        m = AQFGetProp(target_path=data_path, log=logging)
        files = list_files(data_path)
        parent_path = Path(data_path).absolute().parent.as_posix()
        m.from_dir(parent_path, files)
@@ -30,7 +30,7 @@ class TestAndroidqfGetpropAnalysis:

    def test_getprop_parsing_zip(self):
        fpath = get_artifact("androidqf.zip")
-        m = Getprop(target_path=fpath, log=logging)
+        m = AQFGetProp(target_path=fpath, log=logging)
        archive = zipfile.ZipFile(fpath)
        m.from_zip(archive, archive.namelist())
        run_module(m)
@@ -42,7 +42,7 @@ class TestAndroidqfGetpropAnalysis:

    def test_androidqf_getprop_detection(self, indicator_file):
        data_path = get_android_androidqf()
-        m = Getprop(target_path=data_path, log=logging)
+        m = AQFGetProp(target_path=data_path, log=logging)
        files = list_files(data_path)
        parent_path = Path(data_path).absolute().parent.as_posix()
        m.from_dir(parent_path, files)
@@ -8,7 +8,7 @@ from pathlib import Path

 import pytest

-from mvt.android.modules.androidqf.packages import Packages
+from mvt.android.modules.androidqf.aqf_packages import AQFPackages
 from mvt.common.module import run_module

 from ..utils import get_android_androidqf, list_files
@@ -31,7 +31,7 @@ def file_list(data_path):

@pytest.fixture()
 def module(parent_data_path, file_list):
-    m = Packages(target_path=parent_data_path, log=logging)
+    m = AQFPackages(target_path=parent_data_path, log=logging)
    m.from_dir(parent_data_path, file_list)
    return m

@@ -6,7 +6,7 @@
 import logging
 from pathlib import Path

-from mvt.android.modules.androidqf.processes import Processes
+from mvt.android.modules.androidqf.aqf_processes import AQFProcesses
 from mvt.common.module import run_module

 from ..utils import get_android_androidqf, list_files
@@ -15,7 +15,7 @@ from ..utils import get_android_androidqf, list_files
 class TestAndroidqfProcessesAnalysis:
    def test_androidqf_processes(self):
        data_path = get_android_androidqf()
-        m = Processes(target_path=data_path, log=logging)
+        m = AQFProcesses(target_path=data_path, log=logging)
        files = list_files(data_path)
        parent_path = Path(data_path).absolute().parent.as_posix()
        m.from_dir(parent_path, files)
@@ -5,7 +5,7 @@

 from pathlib import Path

-from mvt.android.modules.androidqf.settings import Settings
+from mvt.android.modules.androidqf.aqf_settings import AQFSettings
 from mvt.common.module import run_module

 from ..utils import get_android_androidqf, list_files
@@ -14,7 +14,7 @@ from ..utils import get_android_androidqf, list_files
 class TestSettingsModule:
    def test_parsing(self):
        data_path = get_android_androidqf()
-        m = Settings(target_path=data_path)
+        m = AQFSettings(target_path=data_path)
        files = list_files(data_path)
        parent_path = Path(data_path).absolute().parent.as_posix()
        m.from_dir(parent_path, files)