From 76d06b504f07669bc0a3713ba34c425b511dfe6e Mon Sep 17 00:00:00 2001 From: Tad Date: Mon, 6 Mar 2023 20:10:27 -0500 Subject: [PATCH] Add support for the Echap stalkerware database Signed-off-by: Tad --- README.md | 1 + app/build.gradle | 4 ++-- .../java/us/spotco/malwarescanner/Database.java | 3 +++ .../us/spotco/malwarescanner/MainActivity.java | 7 +++++-- app/src/main/res/values/arrays.xml | 1 + fastlane/metadata/android/en-US/changelogs/96.txt | 1 + scripts/0stalkerware.sh | 14 ++++++++++++++ 7 files changed, 27 insertions(+), 4 deletions(-) create mode 100644 fastlane/metadata/android/en-US/changelogs/96.txt create mode 100644 scripts/0stalkerware.sh diff --git a/README.md b/README.md index 991d9e5..20331c3 100644 --- a/README.md +++ b/README.md @@ -65,6 +65,7 @@ Credits - ESET for extra databases (BSD 2-Clause) - Nex (@botherder) for extra databases (CC BY-SA 4.0) - Amnesty International for extra databases (CC BY 2.0) +- Echap for extra databases (CC BY 4.0) - RecursiveFileObserver.java (GPLv3): Daniel Gultsch, ownCloud Inc., Bartek Przybylski - Petra Mirelli for the German/Spanish/Italian translations, the app banner/feature graphic, and various tweaks. - Jean-Luc Tibaux and Petra Mirelli for the French translations. diff --git a/app/build.gradle b/app/build.gradle index e64f187..067890f 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -6,8 +6,8 @@ android { applicationId "us.spotco.malwarescanner" minSdkVersion 16 targetSdkVersion 32 - versionCode 95 - versionName "2.29" + versionCode 96 + versionName "2.30" resConfigs 'en', 'af', 'de', 'es', 'fi', 'fr', 'it', 'pl', 'pt', 'ru' } buildTypes { diff --git a/app/src/main/java/us/spotco/malwarescanner/Database.java b/app/src/main/java/us/spotco/malwarescanner/Database.java index 0808b61..6985769 100644 --- a/app/src/main/java/us/spotco/malwarescanner/Database.java +++ b/app/src/main/java/us/spotco/malwarescanner/Database.java @@ -96,6 +96,9 @@ class Database { if (prefs.getBoolean("SIGNATURES_AMNESTY", true)) { signatureDatabases.add(new SignatureDatabase(baseURL, "amnesty.hsb.gz")); } + if (prefs.getBoolean("SIGNATURES_STALKERWARE", true)) { + signatureDatabases.add(new SignatureDatabase(baseURL, "stalkerware.hsb.gz")); + } if (prefs.getBoolean("SIGNATURES_ESET", true)) { signatureDatabases.add(new SignatureDatabase(baseURL, "eset.hdb.gz")); signatureDatabases.add(new SignatureDatabase(baseURL, "eset.hsb.gz")); diff --git a/app/src/main/java/us/spotco/malwarescanner/MainActivity.java b/app/src/main/java/us/spotco/malwarescanner/MainActivity.java index 67a85ce..9463fe4 100644 --- a/app/src/main/java/us/spotco/malwarescanner/MainActivity.java +++ b/app/src/main/java/us/spotco/malwarescanner/MainActivity.java @@ -150,14 +150,16 @@ public class MainActivity extends Activity { localizeDBDescription("ClamAV: Daily\n • SIZE: SIZE_LARGE\n • LICENSE: GPL-2.0\n • AUTHOR: Cisco\n • SOURCE: https://clamav.net\n"), localizeDBDescription("ESET\n • SIZE: SIZE_SMALL\n • LICENSE: BSD 2-Clause\n • AUTHOR: ESET\n • SOURCE: https://github.com/eset/malware-ioc\n"), localizeDBDescription("Targeted Threats\n • SIZE: SIZE_SMALL\n • LICENSE: CC BY-SA 4.0\n • AUTHOR: Nex\n • SOURCE: https://github.com/botherder/targetedthreats\n"), - localizeDBDescription("Amnesty Tech Investigations\n • SIZE: SIZE_SMALL\n • LICENSE: CC BY 2.0\n • AUTHOR: Amnesty International\n • SOURCE: https://github.com/amnestytech/investigations")}; + localizeDBDescription("Amnesty Tech Investigations\n • SIZE: SIZE_SMALL\n • LICENSE: CC BY 2.0\n • AUTHOR: Amnesty International\n • SOURCE: https://github.com/amnestytech/investigations\n"), + localizeDBDescription("Stalkerware\n • SIZE: SIZE_SMALL\n • LICENSE: CC BY 4.0\n • AUTHOR: Echap\n • SOURCE: https://github.com/AssoEchap/stalkerware-indicators")}; final boolean[] databaseDefaults = { prefs.getBoolean("SIGNATURES_CLAMAV-ANDROID", true), prefs.getBoolean("SIGNATURES_CLAMAV-MAIN", false), prefs.getBoolean("SIGNATURES_CLAMAV-DAILY", false), prefs.getBoolean("SIGNATURES_ESET", true), prefs.getBoolean("SIGNATURES_TARGETEDTHREATS", true), - prefs.getBoolean("SIGNATURES_AMNESTY", true)}; + prefs.getBoolean("SIGNATURES_AMNESTY", true), + prefs.getBoolean("SIGNATURES_STALKERWARE", true)}; Dialog databaseDialog; AlertDialog.Builder databaseBuilder = new AlertDialog.Builder(this); @@ -171,6 +173,7 @@ public class MainActivity extends Activity { prefs.edit().putBoolean("SIGNATURES_ESET", databaseDefaults[3]).apply(); prefs.edit().putBoolean("SIGNATURES_TARGETEDTHREATS", databaseDefaults[4]).apply(); prefs.edit().putBoolean("SIGNATURES_AMNESTY", databaseDefaults[5]).apply(); + prefs.edit().putBoolean("SIGNATURES_STALKERWARE", databaseDefaults[6]).apply(); }); databaseDialog = databaseBuilder.create(); diff --git a/app/src/main/res/values/arrays.xml b/app/src/main/res/values/arrays.xml index 3989eb0..56b6f85 100644 --- a/app/src/main/res/values/arrays.xml +++ b/app/src/main/res/values/arrays.xml @@ -15,6 +15,7 @@ • ESET: Signature Databases • Nex (@botherder): Signature Databases • Amnesty International: Signature Databases + • Echap: Signature Databases • RecursiveFileObserver.java: Daniel Gultsch, ownCloud Inc., Bartek Przybylski • Google: App Icon diff --git a/fastlane/metadata/android/en-US/changelogs/96.txt b/fastlane/metadata/android/en-US/changelogs/96.txt new file mode 100644 index 0000000..e874d17 --- /dev/null +++ b/fastlane/metadata/android/en-US/changelogs/96.txt @@ -0,0 +1 @@ +* Add support for the Echap stalkerware database diff --git a/scripts/0stalkerware.sh b/scripts/0stalkerware.sh new file mode 100644 index 0000000..28298b3 --- /dev/null +++ b/scripts/0stalkerware.sh @@ -0,0 +1,14 @@ +#!/bin/bash +#License: GPLv3 +#Description: Hypatia conversion script for https://github.com/AssoEchap/stalkerware-indicators (CC BY 4.0) + +while IFS=, read -r col1SHA col2Package col3Certificate col4Version col5Name +do + if [ -n "$col1SHA" ] && [ -n "$col5Name" ]; then + echo "$col1SHA:0:$col5Name" >> ./stalkerware.hsb; + fi; +done < samples.csv; + +sed -i '1d' stalkerware.hsb; + +gzip stalkerware.hsb;