feat: set Exploit App run duration

thelicato · thelicato · commit 7f2ede737e22 · 2025-05-30T08:43:41.000+02:00
diff --git a/.env.sample b/.env.sample
@@ -18,4 +18,5 @@ DROIDGROUND_SHUTDOWN_DISABLED=false # Feature enabled by default if not set othe
 DROIDGROUND_START_ACTIVITY_DISABLED=false # Feature enabled by default if not set otherwise
 DROIDGROUND_START_RECEIVER_DISABLED=false # Feature enabled by default if not set otherwise
 DROIDGROUND_START_SERVICE_DISABLED=false # Feature enabled by default if not set otherwise
-DROIDGROUND_TERMINAL_DISABLED=false # Feature enabled by default if not set otherwise
+DROIDGROUND_TERMINAL_DISABLED=false # Feature enabled by default if not set otherwise
+DROIDGROUND_EXPLOIT_APP_DURATION=10 # The time (in seconds) the exploit app will be active before the target app is restarted. This field makes sense only if the App Manager is enabled. Default value is 10
diff --git a/README.md b/README.md
@@ -75,29 +75,30 @@ Almost all features are **modular** and defined via environment variables, ensur
 
 The `.env.sample` file in the root directory is a good starting point. This is the full list of all env variables currently supported:
 
-| Variable                              | Description                                        | Default     |
-| ------------------------------------- | -------------------------------------------------- | ----------- |
-| `DROIDGROUND_APP_PACKAGE_NAME`        | Package name of target app                         | -           |
-| `DROIDGROUND_ADB_HOST`                | ADB host                                           | `localhost` |
-| `DROIDGROUND_ADB_PORT`                | ADB port                                           | `5037`      |
-| `DROIDGROUND_DEVICE_TYPE`             | `usb` or `network`                                 | `usb`       |
-| `DROIDGROUND_DEVICE_HOST`             | IP of Android device (`adb`) (network mode only)   | -           |
-| `DROIDGROUND_DEVICE_PORT`             | port of Android device (`adb`) (network mode only) | -           |
-| `DROIDGROUND_INIT_SCRIPTS_FOLDER`     | Folder containing `setup.sh` and `reset.sh`        | `/init.d`   |
-| `DROIDGROUND_HOST`                    | Bind address                                       | `0.0.0.0`   |
-| `DROIDGROUND_PORT`                    | Bind port                                          | `4242`      |
-| `DROIDGROUND_APP_MANAGER_DISABLED`    | Disable app manager                                | `false`     |
-| `DROIDGROUND_BUG_REPORT_DISABLED`     | Disable bugreport                                  | `false`     |
-| `DROIDGROUND_FILE_BROWSER_DISABLED`   | Disable file browser                               | `false`     |
-| `DROIDGROUND_FRIDA_DISABLED`          | Disable Frida support                              | `false`     |
-| `DROIDGROUND_FRIDA_TYPE`              | `jail` or `full`                                   | `jail`      |
-| `DROIDGROUND_LOGCAT_DISABLED`         | Disable logcat                                     | `false`     |
-| `DROIDGROUND_REBOOT_DISABLED`         | Disable reboot                                     | `false`     |
-| `DROIDGROUND_SHUTDOWN_DISABLED`       | Disable shutdown                                   | `false`     |
-| `DROIDGROUND_START_ACTIVITY_DISABLED` | Disable startActivity                              | `false`     |
-| `DROIDGROUND_START_RECEIVER_DISABLED` | Disable broadcast                                  | `false`     |
-| `DROIDGROUND_START_SERVICE_DISABLED`  | Disable startService                               | `false`     |
-| `DROIDGROUND_TERMINAL_DISABLED`       | Disable terminal                                   | `false`     |
+| Variable                              | Description                                          | Default     |
+| ------------------------------------- | ---------------------------------------------------- | ----------- |
+| `DROIDGROUND_APP_PACKAGE_NAME`        | Package name of target app                           | -           |
+| `DROIDGROUND_ADB_HOST`                | ADB host                                             | `localhost` |
+| `DROIDGROUND_ADB_PORT`                | ADB port                                             | `5037`      |
+| `DROIDGROUND_DEVICE_TYPE`             | `usb` or `network`                                   | `usb`       |
+| `DROIDGROUND_DEVICE_HOST`             | IP of Android device (`adb`) (network mode only)     | -           |
+| `DROIDGROUND_DEVICE_PORT`             | port of Android device (`adb`) (network mode only)   | -           |
+| `DROIDGROUND_INIT_SCRIPTS_FOLDER`     | Folder containing `setup.sh` and `reset.sh`          | `/init.d`   |
+| `DROIDGROUND_HOST`                    | Bind address                                         | `0.0.0.0`   |
+| `DROIDGROUND_PORT`                    | Bind port                                            | `4242`      |
+| `DROIDGROUND_APP_MANAGER_DISABLED`    | Disable app manager                                  | `false`     |
+| `DROIDGROUND_BUG_REPORT_DISABLED`     | Disable bugreport                                    | `false`     |
+| `DROIDGROUND_FILE_BROWSER_DISABLED`   | Disable file browser                                 | `false`     |
+| `DROIDGROUND_FRIDA_DISABLED`          | Disable Frida support                                | `false`     |
+| `DROIDGROUND_FRIDA_TYPE`              | `jail` or `full`                                     | `jail`      |
+| `DROIDGROUND_LOGCAT_DISABLED`         | Disable logcat                                       | `false`     |
+| `DROIDGROUND_REBOOT_DISABLED`         | Disable reboot                                       | `false`     |
+| `DROIDGROUND_SHUTDOWN_DISABLED`       | Disable shutdown                                     | `false`     |
+| `DROIDGROUND_START_ACTIVITY_DISABLED` | Disable startActivity                                | `false`     |
+| `DROIDGROUND_START_RECEIVER_DISABLED` | Disable broadcast                                    | `false`     |
+| `DROIDGROUND_START_SERVICE_DISABLED`  | Disable startService                                 | `false`     |
+| `DROIDGROUND_TERMINAL_DISABLED`       | Disable terminal                                     | `false`     |
+| `DROIDGROUND_EXPLOIT_APP_DURATION`    | The time (in seconds) the exploit app will be active | `10`        |
 
 ## 🧩 Use Cases
 
diff --git a/src/client/components/StartExploitAppModal.tsx b/src/client/components/StartExploitAppModal.tsx
@@ -54,7 +54,8 @@ export const StartExploitAppModal: React.FC<IModalProps> = ({ dialogRef }) => {
         <h3 className="font-bold text-lg mb-4">Start Exploit App</h3>
         <p className="mb-4">
           This will allow you start one of the installed apps as the <b>Exploit App</b>. <br />
-          The app will stay active for 10 seconds and then the <b>Target App</b> will be restarted.
+          The app will stay active for the amount of time selected by the host and then the <b>Target App</b> will be
+          restarted.
         </p>
         <form onSubmit={handleSubmit(startExploitApp)} className="space-y-4">
           <input
diff --git a/src/server/api/controller.ts b/src/server/api/controller.ts
@@ -33,7 +33,7 @@ import {
 } from "@server/utils/helpers";
 import { capitalize, sleep } from "@shared/helpers";
 import { CompanionClient } from "@server/companion";
-import { BUGREPORT_FILENAME, DEFAULT_UPLOAD_FOLDER } from "@server/config";
+import { BUGREPORT_FILENAME, DEFAULT_UPLOAD_FOLDER, SECOND } from "@server/config";
 import { CompanionAttackSurfaceResponse } from "@server/utils/types";
 import { loadFridaLibrary } from "@server/utils/frida";
 
@@ -510,15 +510,17 @@ class APIController {
     try {
       const body = req.body as StartExploitAppRequest;
       const singleton = ManagerSingleton.getInstance();
+      const config = singleton.getConfig();
+      const duration = config.features.exploitAppDuration;
 
       const { packageName: exploitApp } = body;
       await singleton.runAppByPackageName(exploitApp);
 
-      res.json({ result: "Exploit app correctly started, it will be up for 10 seconds" }).end();
+      res.json({ result: `Exploit app correctly  for ${duration} seconds` }).end();
       responseSent = true;
 
-      await sleep(10 * 1000);
-      Logger.info("10 seconds have passed, restarting target app...");
+      await sleep(duration * SECOND);
+      Logger.info(`${duration} seconds have passed, restarting target app...`);
       await singleton.runTargetApp();
     } catch (error: any) {
       Logger.error(`Error starting exploit app: ${error}`);
diff --git a/src/server/config/constants.ts b/src/server/config/constants.ts
@@ -0,0 +1,7 @@
+/*
+Configuration file containing constants
+Convention: constants are declared in UPPERCASE
+Usage: import { CONSTANT_NAME } from '@/config'
+*/
+
+export const SECOND = 1000;
diff --git a/src/server/config/index.ts b/src/server/config/index.ts
@@ -1 +1,2 @@
 export * from "@server/config/resources";
+export * from "@server/config/constants";
diff --git a/src/server/manager.ts b/src/server/manager.ts
@@ -39,12 +39,13 @@ export class ManagerSingleton {
 
   private constructor() {
     // private constructor prevents direct instantiation
-    const port = process.env.DROIDGROUND_ADB_PORT ?? "";
+    const port: any = process.env.DROIDGROUND_ADB_PORT ?? "";
+    const exploitAppDuration: any = process.env.DROIDGROUND_EXPLOIT_APP_DURATION ?? "";
     this.config = {
       packageName: process.env.DROIDGROUND_APP_PACKAGE_NAME ?? "",
       adb: {
         host: process.env.DROIDGROUND_ADB_HOST ?? "localhost",
-        port: isNaN(port as any) || port.trim().length === 0 ? 5037 : parseInt(port),
+        port: isNaN(port) || port.trim().length === 0 ? 5037 : parseInt(port),
       },
       features: {
         appManagerEnabled: !(process.env.DROIDGROUND_APP_MANAGER_DISABLED === "true"),
@@ -59,6 +60,8 @@ export class ManagerSingleton {
         startServiceEnabled: !(process.env.DROIDGROUND_START_SERVICE_DISABLED === "true"),
         terminalEnabled: !(process.env.DROIDGROUND_TERMINAL_DISABLED === "true"),
         fridaType: process.env.DROIDGROUND_FRIDA_TYPE === "full" ? "full" : "jail",
+        exploitAppDuration:
+          isNaN(exploitAppDuration) || exploitAppDuration.trim().length === 0 ? 10 : parseInt(exploitAppDuration),
       },
     };
   }
diff --git a/src/shared/types.ts b/src/shared/types.ts
@@ -14,6 +14,7 @@ export interface DroidGroundFeatures {
   terminalEnabled: boolean;
   logcatEnabled: boolean;
   fridaType: "full" | "jail";
+  exploitAppDuration: number;
 }
 
 export interface DroidGroundConfig {

Original file line number	Diff line number	Diff line change
`@@ -1 +1,2 @@`
`1`	`1`	`export * from "@server/config/resources";`
	`2`	`+export * from "@server/config/constants";`
Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@ export interface DroidGroundFeatures {`
`14`	`14`	`terminalEnabled: boolean;`
`15`	`15`	`logcatEnabled: boolean;`
`16`	`16`	`fridaType: "full" \| "jail";`
	`17`	`+ exploitAppDuration: number;`
`17`	`18`	`}`
`18`	`19`
`19`	`20`	`export interface DroidGroundConfig {`