Skip to content

Commit

Permalink
Fix macos install (#67)
Browse files Browse the repository at this point in the history
* update shell path and some docs

* download ADB if not present

* big O not little o

* bugfix

* bugfix

* silence errors for macos developers

* Update dist/install-common.sh

Co-authored-by: Will Greenberg <[email protected]>

---------

Co-authored-by: Will Greenberg <[email protected]>
  • Loading branch information
cooperq and wgreenberg authored Oct 22, 2024
1 parent 3b9a001 commit ee75326
Show file tree
Hide file tree
Showing 7 changed files with 55 additions and 30 deletions.
11 changes: 6 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -35,18 +35,19 @@ linux/qualcom devices but this is the only one we have tested on. Buy the orbic

## Setup

1. Install the Android Debug Bridge (ADB) on your computer (don't worry about instructions for installing it on a phone/device yet). You can find instructions for doing so on your platform [here](https://www.xda-developers.com/install-adb-windows-macos-linux/#how-to-set-up-adb-on-your-computer).
2. Download the latest [rayhunter release bundle](https://github.com/EFForg/rayhunter/releases) and extract it (on Windows use 7zip).
3. Run the install script inside the bundle corresponding to your platform (`install-linux.sh`, `install-mac.sh`).
4. Once finished, rayhunter should be running! You can verify this by visiting the web UI as described below.
*NOTE: We don't currently support automated installs on windows, you will have to follow the manual install instructions below*

1. Download the latest [rayhunter release bundle](https://github.com/EFForg/rayhunter/releases) and extract it.
2. Run the install script inside the bundle corresponding to your platform (`install-linux.sh`, `install-mac.sh`).
3. Once finished, rayhunter should be running! You can verify this by visiting the web UI as described below.

## Usage

Once installed, rayhunter will run automatically whenever your Orbic device is running. It serves a web UI that provides some basic controls, such as being able to start/stop recordings, download captures, and view heuristic analyses of captures. You can access this UI in one of two ways:

1. Over wifi: Connect your phone/laptop to the Orbic's wifi network and visit `http://192.168.1.1:8080` (click past your browser warning you about the connection not being secure, rayhunter doesn't have HTTPS yet!)
* Note that you'll need the Orbic's wifi password for this, which can be retrieved by pressing the "MENU" button on the device and opening the 2.4 GHz menu.
2. Over usb: Connect the Orbic device to your laptop via usb. Run `adb forward tcp:8080 tcp:8080`, then visit `http://localhost:8080`.
2. Over usb: Connect the Orbic device to your laptop via usb. Run `adb forward tcp:8080 tcp:8080`, then visit `http://localhost:8080`. For this you will need to install the Android Debug Bridge (ADB) on your computer, you can copy the version that was downloaded inside the releases/platform-tools/` folder to somewhere else in your path or you can install it manually. You can find instructions for doing so on your platform [here](https://www.xda-developers.com/install-adb-windows-macos-linux/#how-to-set-up-adb-on-your-computer), (don't worry about instructions for installing it on a phone/device yet).

## Development
* Install ADB on your computer using the instructions above, and make sure it's in your terminal's PATH
Expand Down
42 changes: 19 additions & 23 deletions dist/install-common.sh
Original file line number Diff line number Diff line change
@@ -1,25 +1,21 @@
#!/bin/env bash
#!/usr/bin/env bash
install() {
if [[ -z "${SERIAL_PATH}" ]]; then
echo "SERIAL_PATH not set, did you run this from install-linux.sh or install-mac.sh?"
echo "\$SERIAL_PATH not set, did you run this from install-linux.sh or install-mac.sh?"
exit 1
fi
if [[ -z "${ADB}" ]]; then
echo "\$ADB not set, did you run this from install-linux.sh or install-mac.sh?"
exit 1
fi
check_adb
force_debug_mode
setup_rootshell
setup_rayhunter
test_rayhunter
}

check_adb() {
if ! command -v adb &> /dev/null
then
echo "adb not found, please ensure it's installed or check the README.md"
exit 1
fi
}

force_debug_mode() {
echo "Using adb at $ADB"
echo "Force a switch into the debug mode to enable ADB"
"$SERIAL_PATH" --root
echo -n "adb enabled, waiting for reboot..."
Expand All @@ -31,14 +27,14 @@ force_debug_mode() {
}

wait_for_atfwd_daemon() {
until [ -n "$(adb shell 'pgrep atfwd_daemon')" ]
until [ -n "$($ADB shell 'pgrep atfwd_daemon)'" ]
do
sleep 1
done
}
wait_for_adb_shell() {
until adb shell true 2> /dev/null
until $ADB shell true 2> /dev/null
do
sleep 1
done
Expand All @@ -51,29 +47,29 @@ setup_rootshell() {
"$SERIAL_PATH" "AT+SYSCMD=chown root /bin/rootshell"
sleep 1
"$SERIAL_PATH" "AT+SYSCMD=chmod 4755 /bin/rootshell"
adb shell /bin/rootshell -c id
$ADB shell /bin/rootshell -c id
echo "we have root!"
}
_adb_push() {
adb push "$(dirname "$0")/$1" "$2"
$ADB push "$(dirname "$0")/$1" "$2"
}
setup_rayhunter() {
adb shell '/bin/rootshell -c "mkdir -p /data/rayhunter"'
$ADB shell '/bin/rootshell -c "mkdir -p /data/rayhunter"'
_adb_push config.toml.example /data/rayhunter/config.toml
_adb_push rayhunter-daemon /data/rayhunter/
_adb_push scripts/rayhunter_daemon /tmp/rayhunter_daemon
_adb_push scripts/misc-daemon /tmp/misc-daemon
adb shell '/bin/rootshell -c "cp /tmp/rayhunter_daemon /etc/init.d/rayhunter_daemon"'
adb shell '/bin/rootshell -c "cp /tmp/misc-daemon /etc/init.d/misc-daemon"'
adb shell '/bin/rootshell -c "chmod 755 /etc/init.d/rayhunter_daemon"'
adb shell '/bin/rootshell -c "chmod 755 /etc/init.d/misc-daemon"'
$ADB shell '/bin/rootshell -c "cp /tmp/rayhunter_daemon /etc/init.d/rayhunter_daemon"'
$ADB shell '/bin/rootshell -c "cp /tmp/misc-daemon /etc/init.d/misc-daemon"'
$ADB shell '/bin/rootshell -c "chmod 755 /etc/init.d/rayhunter_daemon"'
$ADB shell '/bin/rootshell -c "chmod 755 /etc/init.d/misc-daemon"'
echo -n "waiting for reboot..."
adb shell '/bin/rootshell -c reboot'
$ADB shell '/bin/rootshell -c reboot'
# first wait for shutdown (it can take ~10s)
until ! adb shell true 2> /dev/null
until ! $ADB shell true 2> /dev/null
do
sleep 1
done
Expand All @@ -86,7 +82,7 @@ setup_rayhunter() {
test_rayhunter() {
URL="http://localhost:8080"
adb forward tcp:8080 tcp:8080 > /dev/null
$ADB forward tcp:8080 tcp:8080 > /dev/null
echo -n "checking for rayhunter server..."
SECONDS=0
Expand Down
11 changes: 11 additions & 0 deletions dist/install-linux.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,17 @@
#!/bin/env bash

set -e
if ! command -v adb &> /dev/null; then
if [ ! -d ./platform-tools ] ; then
echo "adb not found, downloading local copy"
curl -O "https://dl.google.com/android/repository/platform-tools-latest-linux.zip"
unzip platform-tools-latest-linux.zip
fi
export ADB="./platform-tools/adb"
else
export ADB=`which adb`
fi

export SERIAL_PATH="./serial-ubuntu-latest/serial"
. "$(dirname "$0")"/install-common.sh
install
11 changes: 11 additions & 0 deletions dist/install-mac.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,17 @@
#!/usr/bin/env bash

set -e
if ! command -v adb &> /dev/null; then
if [ ! -d ./platform-tools ]; then
echo "adb not found, downloading local copy"
curl -O "https://dl.google.com/android/repository/platform-tools-latest-darwin.zip"
unzip platform-tools-latest-darwin.zip
fi
export ADB="./platform-tools/adb"
else
export ADB=`which adb`
fi

export SERIAL_PATH="./serial-macos-latest/serial"
. "$(dirname "$0")"/install-common.sh
install
1 change: 0 additions & 1 deletion lib/src/analysis/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,3 @@ pub mod information_element;
pub mod lte_downgrade;
pub mod imsi_provided;
pub mod null_cipher;
pub mod test_analyzer;
6 changes: 5 additions & 1 deletion lib/src/diag_device.rs
Original file line number Diff line number Diff line change
Expand Up @@ -63,10 +63,14 @@ const MEMORY_DEVICE_MODE: i32 = 2;
const DIAG_IOCTL_REMOTE_DEV: u32 = 32;
#[cfg(target_arch = "x86_64")]
const DIAG_IOCTL_REMOTE_DEV: u64 = 32;
#[cfg(target_arch = "aarch64")]
const DIAG_IOCTL_REMOTE_DEV: u64 = 32;

#[cfg(target_arch = "arm")]
const DIAG_IOCTL_SWITCH_LOGGING: u32 = 7;
#[cfg(target_arch = "x86_64")]
#[cfg(target_arch = "x86_64")]
const DIAG_IOCTL_SWITCH_LOGGING: u64 = 7;
#[cfg(target_arch = "aarch64")]
const DIAG_IOCTL_SWITCH_LOGGING: u64 = 7;

pub struct DiagDevice {
Expand Down
3 changes: 3 additions & 0 deletions rootshell/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ use std::process::Command;
use std::os::unix::process::CommandExt;
use std::env;

#[cfg(target_arch = "arm")]
use nix::unistd::Gid;

fn main() {
Expand All @@ -14,11 +15,13 @@ fn main() {
// Android's "paranoid network" feature restricts network access to
// processes in specific groups. More info here:
// https://www.elinux.org/Android_Security#Paranoid_network-ing
#[cfg(target_arch = "arm")] {
let gids = &[
Gid::from_raw(3003), // AID_INET
Gid::from_raw(3004), // AID_NET_RAW
];
nix::unistd::setgroups(gids).expect("setgroups failed");
}

// discard argv[0]
let _ = args.next();
Expand Down

0 comments on commit ee75326

Please sign in to comment.