File system enumerator and monitor for Android.

Related tags

GUI whatislife_enum
Overview

File system enumerator and file monitor for Android. Built to be compatible with other command line utilties! This tool was created to somewhat automate file discovery by catching new files that are created by Android applications at runtime.

Disclaimer: This tool is meant for educational and ethical purposes. I'm not responsible for any buffoonery. Tested on Ubuntu with rooted device.

Binaries are provided in releases.

Building from source with cargo

Pre-reqs

  1. Install Rust

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

  1. Switch to Rust nightly for .contains substring library.

rustup show

rustup override set <toolchain>

  1. Install toolchains for your Android architecture

Note: adb shell uname -a will list your phone's architecture.

rustup target add arm-linux-androideabi --toolchain nightly

Other toolchain names:

aarch64-linux-android
arm-linux-androideabi
armv7-linux-androideabi
i686-linux-android
x86_64-linux-android
  1. Change .cargo/config to link your NDK SDK
[target.arm-linux-androideabi]
ar = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/arm-linux-androideabi-ar"
linker = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/armv7a-linux-androideabi24-clang"

[target.aarch64-linux-android]
ar = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android-ar"
linker = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android24-clang"

[target.i686-linux-android]
ar = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/i686-linux-android-ar"
linker = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/i686-linux-android24-clang"

[target.x86_64-linux-android]
ar = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/x86_64-linux-android-ar"
linker = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/x86_64-linux-android24-clang"

[target.armv7-linux-androideabi]
ar = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/arm-linux-androideabi-ar"
linker = "/home/b3nac/Android/Sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/linux-x86_64/bin/armv7a-linux-androideabi24-clang"
  1. Build binaries

Creates the binary for your PC

cargo build

Creates a binary for arm-linux-androideabi

cargo build --release --target=arm-linux-androideabi

Creates a binary for aarch64-linux-android

cargo build --release --target=aarch64-linux-android

Creates a binary for armv7-linux-androideabi

cargo build --release --target=armv7-linux-androideabi

Automatically deploy to a device with make files

Pre-reqs

sudo apt-get install build-essential

Note: This will install other build tools as well.

These make files combine several commands and automate the process.

all:
	cargo build --release --target=arm-linux-androideabi
	adb push target/arm-linux-androideabi/release/whatislife_enum /data/local/tmp/whatislife_enum
	adb shell chmod 755 /data/local/tmp/whatislife_enum
	adb shell /data/local/tmp/whatislife_enum create > results.txt
	adb push results.txt /data/local/tmp
ARM architecture

make -f test_arm.mk

ARMv7 architecture

make -f test_armv7.mk

AARCH64 architecture

make -f test_aarch64.mk

Command documentation

For most of the commands to work the filesystem needs to be enumerated first.

adb shell /data/local/tmp/whatislife_enum create > results.txt will pipe the Android filesystem to your PC. After that either adb push results.txt /data/local/tmp or run whatislife_enum create in the tmp directory and pipe to a file on the device itself. ./whatislife_enum create > results.txt. Then all the commands from your PC will work and output results.

Enumerate the entire file system

adb shell /data/local/tmp/whatislife_enum create

Save results by piping to a file adb shell /data/local/tmp/whatislife_enum create > results.txt

Note: > overwrites the entire file >> appends results

Enumerate apps

adb shell /data/local/tmp/whatislife_enum apps path/to/result/file.txt

Save results by piping to a file adb shell /data/local/tmp/whatislife_enum apps /data/local/tmp/results.txt > filename.txt

Note: > overwrites the entire file >> appends results

Enumerate external-storage

adb shell /data/local/tmp/whatislife_enum external-storage path/to/result/file.txt

Save results by piping to a file adb shell /data/local/tmp/whatislife_enum external-storage /data/local/tmp/results.txt > filename.txt

Note: > overwrites the entire file >> appends results

Show changes to file system

Scan the filesystem again and name the file whatever you want in this example I named the new scan results2.txt (super original I know).

adb shell /data/local/tmp/whatislife_enum filemon /data/local/tmp/results.txt /data/local/tmp/results2.txt | sed '/proc/d'

The result will print the differences between file system scans.

Update base file system file

adb shell /data/local/tmp/whatislife_enum refresh current_result_file new_result_file_name new_result_file

adb shell /data/local/tmp/whatislife_enum refresh /data/local/tmp/results.txt /data/local/tmp/results-test.txt /data/local/tmp/results2.txt

You might also like...
Play Hack The Box directly on your system.
Play Hack The Box directly on your system.

HTB Toolkit HTB Toolkit allows you to play Hack The Box machines directly on your system. Usage To use HTB Toolkit, you need to retrieve an App Token

D3vil0p3r 9 Sep 5, 2023
Deno is a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust.

Deno Deno is a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Features Secure by default. No file,

Derek Jones 2 Aug 13, 2022
Rust bindings to Core Foundation and other low level libraries on Mac OS X and iOS

core-foundation-rs Compatibility Targets macOS 10.7 by default. To enable features added in macOS 10.8, set Cargo feature mac_os_10_8_features. To hav

Servo 685 Jan 2, 2023
Rust bindings and wrappers for GLib, GDK 3, GTK+ 3 and Cairo.

THIS REPOSITORY IS DEPRECATED SEE: https://github.com/rust-gnome rgtk Rust bindings and wrappers for GLib, GDK 3, GTK+ 3 and Cairo. Building rgtk expe

Jeremy Letang 124 Jul 10, 2022
A collection of components and widgets that are built for bevy_ui and the ECS pattern

Widgets for Bevy UI A collection of components and widgets that are built for bevy_ui and the ECS pattern. Current State This was started recently and

Gabriel Bourgeois 3 Sep 2, 2022
Unofficial Linux QQ client, based on GTK4 and libadwaita, developed with Rust and Relm4.
Unofficial Linux QQ client, based on GTK4 and libadwaita, developed with Rust and Relm4.

GTK QQ (WIP) Unofficial Linux QQ client, based on GTK4 and libadwaita, developed with Rust and Relm4. Screenshots Light Dark Note The two screenshots

Lomírus 198 Dec 24, 2022
A powerful color picker and formatter, built with GTK and Rust
A powerful color picker and formatter, built with GTK and Rust

Eyedropper A powerful color picker and formatter. More screenshots Features Pick a Color Enter a color in Hex-Format Parse RGBA/ARGB Hex-Colors View c

Jonathan 108 Dec 24, 2022
Build beautiful desktop apps with flutter and rust. 🌠 (wip)
Build beautiful desktop apps with flutter and rust. 🌠 (wip)

flutter-rs Build flutter desktop app in dart & rust. Get Started Install requirements Rust flutter sdk Develop install the cargo flutter command cargo

null 2k Dec 26, 2022
Simple and portable (but not inflexible) GUI library in C that uses the native GUI technologies of each platform it supports.
Simple and portable (but not inflexible) GUI library in C that uses the native GUI technologies of each platform it supports.

libui: a portable GUI library for C This README is being written. Status It has come to my attention that I have not been particularly clear about how

Pietro Gagliardi 10.4k Dec 31, 2022
Comments
  • back trace error

    back trace error

    when running command ./whatislife_enum extenal-storage

    thread 'main' panicked at 'index out of bounds: the len is 2 but the index is 2', src/main.rs:176:32 note: run with RUST_BACKTRACE=1 environment variable to display a backtrace

    opened by balook 5
  • error again

    error again

    for this command adb shell /data/local/tmp/whatislife_enum filemon /data/local/tmp/results.txt /data/local/tmp/results2.txt

    its giving error no such file or directory for results2.txt

    Error: comm: /data/local/tmp/results2.txt: No such file or directory

    opened by balook 2
Owner
Kyle Benac
Android Bug Wrangler for Google. Independent Security Researcher via bug bounties.
Kyle Benac
GitHub
The fastest way to get / set DDC values for a monitor

A simple tool suitable for adjusting external monitor's brightness. Much faster than ddcutil, still faster than ddcset which enumerates all monitors.

依云 7 Dec 16, 2022
Example for Rust Android Native Development

Android console application example project based on rust & cargo-xdk

Zhuo Zhang 4 Mar 17, 2022
Experimental package manager/system configurator for system hoppers

mascara An experimental package manager/config initializer tool for system hoppers. mascara.toml [mascara] feature = "Debian" logs = { stdout = "blue"

Ethan Gallucci 1 Apr 15, 2022
A simple, clean, and beautiful WYSIWYG Markdown editor and content-management system

ScribeDown Current version: v0.0.1 Feature level: See the roadmap Beautiful, Clean, Writer-Oriented The goal of ScribeDown is to make Markdown the bes

Alex Dumas 4 Dec 20, 2022
OS-native file dialogs on Linux, OS X and Windows

nfd-rs nfd-rs is a Rust binding to the library nativefiledialog, that provides a convenient cross-platform interface to opening file dialogs on Linux,

Saurav Sachidanand 152 Nov 9, 2022
A tiny, neat C library that portably invokes native file open and save dialogs.

Native File Dialog A tiny, neat C library that portably invokes native file open, folder select and save dialogs. Write dialog code once and have it p

Michael Labbe 1.5k Dec 28, 2022
Szyszka is a simple but powerful and fast bulk file renamer.

Szyszka is a simple but powerful and fast bulk file renamer. Features Written in Rust Available for Linux, Mac and Windows Simple GUI created

Rafał Mikrut 649 Dec 28, 2022
Unsafe bindings and a safe wrapper for gtk4-layer-shell, automatically generated from a .gir file

gtk4-layer-shell: gtk4-layer-shell-sys: gtk4-layer-shell This is the safe wrapper for gtk4-layer-shell, automatically generated from its .gir file. Fo

null 3 Apr 30, 2023
An operating system kernel running on RISC-V arch. Developing...

An operating system kernel running on RISC-V arch How to build it Environmental requirement rustup ( >=1.57.0-nightly) Qemu ( >=5.0.0) Step Build loca

JAYICE 4 Dec 15, 2022
A lightweight cross-platform system-monitoring fltk gui application based on sysinfo

Sysinfo-gui A lightweight cross-platform system-monitoring fltk gui application based on sysinfo. The UI design is inspired by stacer. The svg icons a

Mohammed Alyousef 22 Dec 31, 2022