Merge branch 'release/0.2.0'

Author: thelicato

.env.sample

@@ -18,4 +18,5 @@ DROIDGROUND_SHUTDOWN_DISABLED=false # Feature enabled by default if not set othe
 DROIDGROUND_START_ACTIVITY_DISABLED=false # Feature enabled by default if not set otherwise
 DROIDGROUND_START_RECEIVER_DISABLED=false # Feature enabled by default if not set otherwise
 DROIDGROUND_START_SERVICE_DISABLED=false # Feature enabled by default if not set otherwise
-DROIDGROUND_TERMINAL_DISABLED=false # Feature enabled by default if not set otherwise
+DROIDGROUND_TERMINAL_DISABLED=false # Feature enabled by default if not set otherwise
+DROIDGROUND_EXPLOIT_APP_DURATION=10 # The time (in seconds) the exploit app will be active before the target app is restarted. This field makes sense only if the App Manager is enabled. Default value is 10

.github/workflows/release.yaml

@@ -12,6 +12,9 @@ jobs:
       contents: write
     steps:
       - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
       - uses: ncipollo/release-action@v1
 
       - name: Update changelog

README.md

@@ -75,29 +75,30 @@ Almost all features are **modular** and defined via environment variables, ensur
 
 The `.env.sample` file in the root directory is a good starting point. This is the full list of all env variables currently supported:
 
-| Variable                              | Description                                        | Default     |
-| ------------------------------------- | -------------------------------------------------- | ----------- |
-| `DROIDGROUND_APP_PACKAGE_NAME`        | Package name of target app                         | -           |
-| `DROIDGROUND_ADB_HOST`                | ADB host                                           | `localhost` |
-| `DROIDGROUND_ADB_PORT`                | ADB port                                           | `5037`      |
-| `DROIDGROUND_DEVICE_TYPE`             | `usb` or `network`                                 | `usb`       |
-| `DROIDGROUND_DEVICE_HOST`             | IP of Android device (`adb`) (network mode only)   | -           |
-| `DROIDGROUND_DEVICE_PORT`             | port of Android device (`adb`) (network mode only) | -           |
-| `DROIDGROUND_INIT_SCRIPTS_FOLDER`     | Folder containing `setup.sh` and `reset.sh`        | `/init.d`   |
-| `DROIDGROUND_HOST`                    | Bind address                                       | `0.0.0.0`   |
-| `DROIDGROUND_PORT`                    | Bind port                                          | `4242`      |
-| `DROIDGROUND_APP_MANAGER_DISABLED`    | Disable app manager                                | `false`     |
-| `DROIDGROUND_BUG_REPORT_DISABLED`     | Disable bugreport                                  | `false`     |
-| `DROIDGROUND_FILE_BROWSER_DISABLED`   | Disable file browser                               | `false`     |
-| `DROIDGROUND_FRIDA_DISABLED`          | Disable Frida support                              | `false`     |
-| `DROIDGROUND_FRIDA_TYPE`              | `jail` or `full`                                   | `jail`      |
-| `DROIDGROUND_LOGCAT_DISABLED`         | Disable logcat                                     | `false`     |
-| `DROIDGROUND_REBOOT_DISABLED`         | Disable reboot                                     | `false`     |
-| `DROIDGROUND_SHUTDOWN_DISABLED`       | Disable shutdown                                   | `false`     |
-| `DROIDGROUND_START_ACTIVITY_DISABLED` | Disable startActivity                              | `false`     |
-| `DROIDGROUND_START_RECEIVER_DISABLED` | Disable broadcast                                  | `false`     |
-| `DROIDGROUND_START_SERVICE_DISABLED`  | Disable startService                               | `false`     |
-| `DROIDGROUND_TERMINAL_DISABLED`       | Disable terminal                                   | `false`     |
+| Variable                              | Description                                          | Default     |
+| ------------------------------------- | ---------------------------------------------------- | ----------- |
+| `DROIDGROUND_APP_PACKAGE_NAME`        | Package name of target app                           | -           |
+| `DROIDGROUND_ADB_HOST`                | ADB host                                             | `localhost` |
+| `DROIDGROUND_ADB_PORT`                | ADB port                                             | `5037`      |
+| `DROIDGROUND_DEVICE_TYPE`             | `usb` or `network`                                   | `usb`       |
+| `DROIDGROUND_DEVICE_HOST`             | IP of Android device (`adb`) (network mode only)     | -           |
+| `DROIDGROUND_DEVICE_PORT`             | port of Android device (`adb`) (network mode only)   | -           |
+| `DROIDGROUND_INIT_SCRIPTS_FOLDER`     | Folder containing `setup.sh` and `reset.sh`          | `/init.d`   |
+| `DROIDGROUND_HOST`                    | Bind address                                         | `0.0.0.0`   |
+| `DROIDGROUND_PORT`                    | Bind port                                            | `4242`      |
+| `DROIDGROUND_APP_MANAGER_DISABLED`    | Disable app manager                                  | `false`     |
+| `DROIDGROUND_BUG_REPORT_DISABLED`     | Disable bugreport                                    | `false`     |
+| `DROIDGROUND_FILE_BROWSER_DISABLED`   | Disable file browser                                 | `false`     |
+| `DROIDGROUND_FRIDA_DISABLED`          | Disable Frida support                                | `false`     |
+| `DROIDGROUND_FRIDA_TYPE`              | `jail` or `full`                                     | `jail`      |
+| `DROIDGROUND_LOGCAT_DISABLED`         | Disable logcat                                       | `false`     |
+| `DROIDGROUND_REBOOT_DISABLED`         | Disable reboot                                       | `false`     |
+| `DROIDGROUND_SHUTDOWN_DISABLED`       | Disable shutdown                                     | `false`     |
+| `DROIDGROUND_START_ACTIVITY_DISABLED` | Disable startActivity                                | `false`     |
+| `DROIDGROUND_START_RECEIVER_DISABLED` | Disable broadcast                                    | `false`     |
+| `DROIDGROUND_START_SERVICE_DISABLED`  | Disable startService                                 | `false`     |
+| `DROIDGROUND_TERMINAL_DISABLED`       | Disable terminal                                     | `false`     |
+| `DROIDGROUND_EXPLOIT_APP_DURATION`    | The time (in seconds) the exploit app will be active | `10`        |
 
 ## 🧩 Use Cases
 

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "droidground",
-  "version": "0.1.1",
+  "version": "0.2.0",
   "type": "module",
   "author": "Angelo Delicato",
   "scripts": {
@@ -46,7 +46,7 @@
     "frida": "^16.7.14",
     "lottie-react": "^2.4.1",
     "motion": "^12.10.4",
-    "multer": "^1.4.5-lts.2",
+    "multer": "^2.0.0",
     "pino": "^9.6.0",
     "pino-http": "^10.4.0",
     "pino-pretty": "^13.0.0",

package.json

@@ -10,6 +10,7 @@ import {
   IGenericResultRes,
   StartActivityRequest,
   StartBroadcastRequest,
+  StartExploitAppRequest,
   StartServiceRequest,
 } from "@shared/api";
 import { REST_API_ENDPOINTS as E } from "@shared/endpoints";
@@ -49,6 +50,11 @@ class RESTManager {
     return res;
   }
 
+  async startExploitApp(data: StartExploitAppRequest): Promise<AxiosResponse<IGenericResultRes>> {
+    const res = await http.post<IGenericResultRes>(E.EXPLOIT_APP, data);
+    return res;
+  }
+
   async startService(data: StartServiceRequest): Promise<AxiosResponse<IGenericResultRes>> {
     const res = await http.post<IGenericResultRes>(E.SERVICE, data);
     return res;

src/client/api/rest.ts

@@ -62,6 +62,9 @@ export const StartActivityModal: React.FC<IModalProps> = ({ dialogRef }) => {
     <dialog ref={dialogRef} className="modal">
       <div className="modal-box max-w-3xl">
         <h3 className="font-bold text-lg mb-4">Start Activity</h3>
+        <p className="mb-4">
+          This will allow you start an activity <b>belonging to the target app only</b>!
+        </p>
         <form onSubmit={handleSubmit(startActivity)} className="space-y-4">
           {/* Main Fields */}
           <input

src/client/components/StartActivityModal.tsx

@@ -67,6 +67,9 @@ export const StartBroadcastModal: React.FC<IModalProps> = ({ dialogRef }) => {
     <dialog ref={dialogRef} className="modal">
       <div className="modal-box max-w-3xl">
         <h3 className="font-bold text-lg mb-4">Send Broadcast Intent</h3>
+        <p className="mb-4">
+          This will allow you send a <i>Broadcast Intent</i> <b>belonging to the target app only</b>!
+        </p>
         <form onSubmit={handleSubmit(startBroadcastReceiver)} className="space-y-4">
           <input
             type="text"

src/client/components/StartBroadcastModal.tsx

@@ -0,0 +1,80 @@
+import { useEffect } from "react";
+import { SubmitHandler, useForm } from "react-hook-form";
+import toast from "react-hot-toast";
+import { RESTManagerInstance } from "@client/api/rest";
+import { StartExploitAppRequest } from "@shared/api";
+
+interface IModalProps {
+  dialogRef: React.RefObject<HTMLDialogElement | null>;
+}
+
+export const StartExploitAppModal: React.FC<IModalProps> = ({ dialogRef }) => {
+  const {
+    register,
+    handleSubmit,
+    reset,
+    formState: { errors },
+  } = useForm<StartExploitAppRequest>();
+
+  useEffect(() => {
+    const handleClose = () => {
+      reset();
+    };
+
+    const dialog = dialogRef.current;
+    if (dialog) {
+      dialog.addEventListener("close", handleClose);
+    }
+
+    return () => {
+      if (dialog) {
+        dialog.removeEventListener("close", handleClose);
+      }
+    };
+  }, []);
+
+  const startExploitApp: SubmitHandler<StartExploitAppRequest> = async data => {
+    if (!data.packageName) {
+      return;
+    }
+
+    try {
+      await RESTManagerInstance.startExploitApp(data);
+      toast.success("Exploit app correctly started.");
+      dialogRef.current?.close();
+    } catch (e) {
+      console.error(e);
+      toast.error("Failed to start exploit app.");
+    }
+  };
+
+  return (
+    <dialog ref={dialogRef} className="modal">
+      <div className="modal-box max-w-3xl">
+        <h3 className="font-bold text-lg mb-4">Start Exploit App</h3>
+        <p className="mb-4">
+          This will allow you start one of the installed apps as the <b>Exploit App</b>. <br />
+          The app will stay active for the amount of time selected by the host and then the <b>Target App</b> will be
+          restarted.
+        </p>
+        <form onSubmit={handleSubmit(startExploitApp)} className="space-y-4">
+          <input
+            type="text"
+            placeholder="com.exploit.app"
+            className="input input-bordered w-full"
+            {...register("packageName", { required: true })}
+          />
+          {errors.packageName && <p className="text-error text-sm">Package Name is required.</p>}
+
+          {/* Submit */}
+          <div className="flex justify-end">
+            <input className="btn btn-primary" type="submit" value="Start Exploit App" />
+          </div>
+        </form>
+      </div>
+      <form method="dialog" className="modal-backdrop">
+        <button>close</button>
+      </form>
+    </dialog>
+  );
+};

src/client/components/StartExploitAppModal.tsx

@@ -61,6 +61,9 @@ export const StartServiceModal: React.FC<IModalProps> = ({ dialogRef }) => {
     <dialog ref={dialogRef} className="modal">
       <div className="modal-box max-w-3xl">
         <h3 className="font-bold text-lg mb-4">Start Service</h3>
+        <p className="mb-4">
+          This will allow you start a <i>Service</i> <b>belonging to the target app only</b>!
+        </p>
         <form onSubmit={handleSubmit(startService)} className="space-y-4">
           <input
             type="text"