package fuzion24.device.vulnerability.vulnerabilities.system;
import android.content.Context;
import android.content.pm.PackageManager;
import android.os.Build;
import fuzion24.device.vulnerability.util.CPUArch;
import fuzion24.device.vulnerability.vulnerabilities.VulnerabilityTest;
import java.io.File;
import java.util.ArrayList;
import java.util.List;
public class WeakSauce implements VulnerabilityTest {
@Override
public List<CPUArch> getSupportedArchitectures() {
ArrayList<CPUArch> archs = new ArrayList<>();
archs.add(CPUArch.ALL);
return archs;
}
private boolean isHTCPhone(){
return Build.MANUFACTURER.equalsIgnoreCase("htc");
}
@Override
public String getCVEorID() {
return "WeakSauce";
}
private boolean thisHasInternetPermission(Context ctx)
{
String permission = "android.permission.INTERNET";
int res = ctx.checkCallingOrSelfPermission(permission);
return (res == PackageManager.PERMISSION_GRANTED);
}
@Override
public boolean isVulnerable(Context context) throws Exception {
if(!isHTCPhone()){
return false;
}
if(!thisHasInternetPermission(context))
throw new Exception("No internet permission assigned to app to perform WeakSauce Test");
File dmAgentSocket = new File("/dev/socket/dmagent");
return dmAgentSocket.exists();
}
}