feat: add ADB detection (#49)

* feat(Android): add ADB detection * feat(ts): add ADB detection * feat(example): add ADB detection * release: freeRASP 7.1.0
talsec · Nov 20, 2024 · 8621a60 · 8621a60
1 parent 01a861d
commit 8621a60
Show file tree

Hide file tree

Showing 12 changed files with 42 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,20 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [7.1.0] - 2024-11-19
+
+### Cordova
+
+#### Added
+
+- Added `adbEnabled` callback, which allows you to detect USB debugging option enabled in the developer settings on the device
+
+### Android
+
+#### Added
+
+- ADB detection feature
+
 ## [7.0.1] - 2024-11-18
 
 - Android SDK version: 12.0.0

diff --git a/example/package-lock.json b/example/package-lock.json
diff --git a/example/src/app/app.component.ts b/example/src/app/app.component.ts
@@ -19,11 +19,11 @@ export class AppComponent implements OnInit {
 
   config = {
     androidConfig: {
-      packageName: 'com.cordova.example',
+      packageName: 'io.ionic.starter',
       certificateHashes: ['AKoRuyLMM91E7lX/Zqp3u4jMmd0A7hH/Iqozu0TMVd0='],
       malwareConfig: {
         blacklistedHashes: ['FgvSehLMM91E7lX/Zqp3u4jMmd0A7hH/Iqozu0TMVd0u'],
-        blacklistedPackageNames: ['com.wultra.app.screenlogger'],
+        blacklistedPackageNames: ['io.ionic.starter'],
         suspiciousPermissions: [
           [
             'android.permission.INTERNET',
@@ -36,7 +36,7 @@ export class AppComponent implements OnInit {
       },
     },
     iosConfig: {
-      appBundleIds: 'com.cordova.example',
+      appBundleIds: 'io.ionic.starter',
       appTeamId: 'your_team_ID',
     },
     watcherMail: 'your_email_address@example.com',
@@ -89,6 +89,7 @@ export class AppComponent implements OnInit {
       this.updateMalware(detectedApps);
       this.updateAppChecks('Malware');
     },
+    adbEnabled: () => this.updateAppChecks('ADB Enabled'),
   };
 
   async addItemsToMalwareWhitelist() {

diff --git a/example/src/app/utils/checks.ts b/example/src/app/utils/checks.ts
@@ -17,4 +17,5 @@ export const androidChecks = [
   { name: 'Obfuscation Issues', isSecure: true },
   { name: 'Developer Mode', isSecure: true },
   { name: 'Malware', isSecure: true },
+  { name: 'ADB Enabled', isSecure: true },
 ];
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "cordova-talsec-plugin-freerasp",
-  "version": "7.0.1",
+  "version": "7.1.0",
   "description": "Cordova plugin for improving app security and threat monitoring on Android and iOS mobile devices.",
   "cordova": {
     "id": "cordova-talsec-plugin-freerasp",

diff --git a/plugin.xml b/plugin.xml
@@ -2,7 +2,7 @@
 
 <plugin xmlns="http://apache.org/cordova/ns/plugins/1.0"
         id="cordova-talsec-plugin-freerasp"
-        version="7.0.1">
+        version="7.1.0">
 
   <name>freerasp</name>
   <author>Talsec (info@talsec.app)</author>

diff --git a/src/android/TalsecThreatHandler.kt b/src/android/TalsecThreatHandler.kt
@@ -54,6 +54,10 @@ internal object TalsecThreatHandler : ThreatListener.ThreatDetected, ThreatListe
     listener?.threatDetected(Threat.DevMode)
   }
 
+  override fun onADBEnabledDetected() {
+    listener?.threatDetected(Threat.ADBEnabled)
+  }
+
   override fun onSystemVPNDetected() {
     listener?.threatDetected(Threat.SystemVPN)
   }

diff --git a/src/android/Threat.kt b/src/android/Threat.kt
@@ -23,6 +23,7 @@ internal sealed class Threat(val value: Int) {
   object SystemVPN : Threat((10000..999999999).random())
   object DevMode : Threat((10000..999999999).random())
   object Malware : Threat((10000..999999999).random())
+  object ADBEnabled : Threat((10000..999999999).random())
 
   companion object {
     internal fun getThreatValues(): JSONArray {
@@ -40,7 +41,8 @@ internal sealed class Threat(val value: Int) {
           UnofficialStore.value,
           ObfuscationIssues.value,
           DevMode.value,
-          Malware.value
+          Malware.value,
+          ADBEnabled.value
         )
       )
     }

diff --git a/src/android/talsec.gradle b/src/android/talsec.gradle
@@ -4,7 +4,7 @@ repositories {
 }
 
 dependencies {
-    implementation "com.aheaditec.talsec.security:TalsecSecurity-Community-Cordova:12.0.0"
+    implementation "com.aheaditec.talsec.security:TalsecSecurity-Community-Cordova:13.0.0"
     implementation "org.jetbrains.kotlinx:kotlinx-serialization-json:1.4.1"
 }
 

diff --git a/www/talsec.d.ts b/www/talsec.d.ts
@@ -31,6 +31,7 @@ export type NativeEventEmitterActions = {
   devMode?: () => any;
   systemVPN?: () => any;
   malware?: (suspiciousApps: SuspiciousAppInfo[]) => any;
+  adbEnabled?: () => any;
 };
 export type TalsecConfig = {
   androidConfig?: TalsecAndroidConfig;

diff --git a/www/talsec.js b/www/talsec.js
@@ -15,6 +15,7 @@ class Threat {
   static ObfuscationIssues = new Threat(0);
   static DevMode = new Threat(0);
   static Malware = new Threat(0);
+  static ADBEnabled = new Threat(0);
   constructor(value) {
     this.value = value;
   }
@@ -34,6 +35,7 @@ class Threat {
           this.ObfuscationIssues,
           this.DevMode,
           this.Malware,
+          this.ADBEnabled,
         ]
       : [
           this.AppIntegrity,
@@ -169,6 +171,9 @@ const start = async (config, eventListenerConfig) => {
       case Threat.Malware.value:
         eventListenerConfig.malware?.(parseMalwareData(event[malwareKey]));
         break;
+      case Threat.ADBEnabled.value:
+        eventListenerConfig.adbEnabled?.();
+        break;
       default:
         onInvalidCallback();
         break;

diff --git a/www/talsec.ts b/www/talsec.ts
@@ -38,6 +38,7 @@ export type NativeEventEmitterActions = {
   devMode?: () => any;
   systemVPN?: () => any;
   malware?: (suspiciousApps: SuspiciousAppInfo[]) => any;
+  adbEnabled?: () => any;
 };
 
 export type TalsecConfig = {
@@ -82,6 +83,7 @@ class Threat {
   static ObfuscationIssues = new Threat(0);
   static DevMode = new Threat(0);
   static Malware = new Threat(0);
+  static ADBEnabled = new Threat(0);
 
   constructor(value: number) {
     this.value = value;
@@ -103,6 +105,7 @@ class Threat {
           this.ObfuscationIssues,
           this.DevMode,
           this.Malware,
+          this.ADBEnabled,
         ]
       : [
           this.AppIntegrity,
@@ -251,6 +254,9 @@ const start = async (
       case Threat.Malware.value:
         eventListenerConfig.malware?.(parseMalwareData(event[malwareKey]));
         break;
+      case Threat.ADBEnabled.value:
+        eventListenerConfig.adbEnabled?.();
+        break;
       default:
         onInvalidCallback();
         break;