Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Squashed public commit of v0.2 #7

Merged
merged 1 commit into from
Feb 28, 2025
Merged

Squashed public commit of v0.2 #7

merged 1 commit into from
Feb 28, 2025

Conversation

minoskt
Copy link
Collaborator

@minoskt minoskt commented Feb 28, 2025

This PR is a squashed public version of BLaDE v0.2, with the following changes:

  • Refactor the codebase to use it as a submodule in other projects.
  • Remove support for -ee argument.
  • Remove experiments folder.
  • Support --auto-recharge argument to automatically recharge the battery of the device during experiments.
  • Remove unused libs and scripts, not relevant to core BLaDE infrastructure.
  • Convert wait times into constants.
  • Support latest Raspberry Pi 5 and Raspberry Pi OS 12 (Bookworm).
  • pid files are now saved into a global .pid_files folder
  • Add support for memory monitoring per app.
  • Support local proxy for dynamically injecting custom JavaScript.
  • Updated documentation and list of optional but recommended OS configuration settings.
  • Add a logger that by default logs to the stdout, and with flag --log-output it adds a log.txt file to the output directory.
  • Replace parameter -d to be a positional parameter which is required, except when running -h, -ld or --list-devices.
  • Add support for remote control for the device. Only available for Android devices.

@minoskt @ankeleralph @stoletheminerals
Squashed public commit of v0.2
5d02450 
- Refactor the codebase to use it as a submodule in other projects.
- Remove support for `-ee` argument.
- Remove `experiments` folder.
- Support `--auto-recharge` argument to automatically recharge the battery of the device during experiments.
- Remove unused libs and scripts, not relevant to core BLaDE infrastructure.
- Convert wait times into constants.
- Support latest Raspberry Pi 5 and Raspberry Pi OS 12 (Bookworm).
- `pid` files are now saved into a global `.pid_files` folder
- Add support for memory monitoring per app.
- Support local proxy for dynamically injecting custom JavaScript.
- Updated documentation and list of optional but recommended OS configuration settings.
- Add a logger that by default logs to the stdout, and with flag `--log-output` it adds a log.txt file to the output directory.
- Replace parameter `-d` to be a positional parameter which is required, except when running `-h`, `-ld` or `--list-devices`.
- Add support for remote control for the device. Only available for Android devices.

Co-Authored-By: Ralph Ankele <117092743+ankeleralph@users.noreply.github.com>
Co-Authored-By: Artem Chaikin <10810135+stoletheminerals@users.noreply.github.com>
@minoskt minoskt requested a review from ankeleralph February 28, 2025 10:57
@github-actions GitHub Actions
Copy link

[puLL-Merge] - brave/blade@7

Description

This PR represents a significant refactoring and enhancement of the BLaDE (BatteryLab and Device Evaluations) infrastructure. The changes focus on improving code organization, adding new features, and enhancing reliability. Major changes include:

  1. Adding support for remote control of Android devices
  2. Adding memory monitoring capabilities
  3. Introducing a local proxy for JavaScript injection
  4. Improving logging functionality
  5. Supporting auto-recharge functionality
  6. Adding support for Raspberry Pi 5 and OS 12
  7. Removing experiment-related code to use BLaDE as a submodule

Security Hotspots

  1. Client-Side JavaScript Injection: The new proxy functionality (pageload-inject.py) injects JavaScript into web pages, which could potentially be abused if not properly secured.
  2. Certificate Management: The introduction of SSL certificates for the proxy server requires careful management of certificate files.
  3. Remote Control Access: The new remote control functionality could pose a security risk if not properly restricted.
Changes

Changes

By filename:

  • .github/: Updated CODEOWNERS and added renovate configuration
  • .gitignore: Added more comprehensive ignore patterns
  • src/tools/:
    • Added new scripts for memory monitoring, network usage tracking
    • Enhanced device control with auto-recharge capability
    • Added proxy and remote control functionality
    • Introduced proper logging system
    • Refactored core libraries for better maintainability
  • src/setup/:
    • Updated setup scripts for newer Raspberry Pi support
    • Added OS configuration documentation
    • Added support for new dependencies
  • Added CHANGELOG.md tracking versions 0.1 and 0.2
  • Enhanced documentation in README.md and setup instructions
sequenceDiagram
    participant User
    participant BLaDE
    participant Device
    participant Monsoon
    participant Proxy

    User->>BLaDE: Initialize Device Control
    BLaDE->>Monsoon: Configure Power Monitor
    BLaDE->>Device: Setup Connection
    
    alt Remote Control Enabled
        BLaDE->>Device: Enable Remote Access
        Device-->>User: Provide Remote Interface
    end

    alt Auto-recharge Enabled
        loop Battery Monitoring
            BLaDE->>Device: Check Battery Level
            Device-->>BLaDE: Battery Status
            alt Battery Low
                BLaDE->>Device: Enable Charging
                BLaDE->>Device: Wait for Target Level
            end
        end
    end

    opt Proxy Enabled
        BLaDE->>Proxy: Start Local Proxy
        Proxy->>Device: Inject Monitoring Code
        Device-->>Proxy: Send Performance Data
    end

    BLaDE->>Device: Start Measurements
    Device-->>BLaDE: Stream Performance Data
Loading

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 28, 2025
View reviewed changes
github-actions[bot]
github-actions bot reviewed Feb 28, 2025
View reviewed changes
src/tools/libs/automation/adb_commands.py
return subprocess.check_output(command, shell=True).rstrip().decode()
# run the command
start_time = time.time()
output = subprocess.check_output(command, shell=True).rstrip().decode()
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Found 'subprocess' function 'check_output' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead.

Source: https://semgrep.dev/r/python.lang.security.audit.subprocess-shell-true.subprocess-shell-true


Cc @thypon @kdenhartog

src/tools/libs/automation/adb_commands.py
return subprocess.check_output(command, shell=True).rstrip().decode()
# run the command
start_time = time.time()
output = subprocess.check_output(command, shell=True).rstrip().decode()
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Found subprocess function check_output with shell=True. This is dangerous because this call will
spawn the command using a shell process. Doing so propagates current shell settings and
variables,
which makes it much easier for a malicious actor to execute commands. Use shell=False
instead.


Source: https://semgrep.dev/r/gitlab.bandit.B602


Cc @thypon @kdenhartog

src/tools/libs/adblib.py

# Get all process IDs for the package
ps_cmd = f'adb -s {adb_identifier} shell "ps -A | grep {package_name}"'
ps_output = os.popen(ps_cmd).read().strip()
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Starting a process with a shell; seems safe, but may be changed in the future, consider
rewriting without shell


Source: https://semgrep.dev/r/gitlab.bandit.B605


Cc @thypon @kdenhartog

src/tools/libs/adblib.py

# Run dumpsys meminfo for this PID
meminfo_cmd = f'adb -s {adb_identifier} shell dumpsys meminfo {pid}'
meminfo_output = os.popen(meminfo_cmd).read()
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Starting a process with a shell; seems safe, but may be changed in the future, consider
rewriting without shell


Source: https://semgrep.dev/r/gitlab.bandit.B605


Cc @thypon @kdenhartog

src/tools/libs/async_calls.py
def disable_remote_control():

script = os.path.join(__location__, "../disable_remote_control.sh")
os.system(script)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Starting a process with a shell; seems safe, but may be changed in the future, consider
rewriting without shell


Source: https://semgrep.dev/r/gitlab.bandit.B605


Cc @thypon @kdenhartog

src/tools/libs/async_calls.py
]
if not verbose:
command.append("-q")
process = subprocess.Popen(command)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Python possesses many mechanisms to invoke an external executable. However,
doing so may present a security issue if appropriate care is not taken to
sanitize any user provided or variable input. This plugin test is part of a
family of tests built to check for process spawning and warn appropriately.
Specifically, this test looks for the spawning of a subprocess without the
use of a command shell. This type of subprocess invocation is not
vulnerable to shell injection attacks, but care should still be taken to
ensure validity of input.


Source: https://semgrep.dev/r/gitlab.bandit.B603


Cc @thypon @kdenhartog

src/tools/libs/async_calls.py
"--cert", "cert.pem",
"--key", "key.pem",
"--output", output_dir,
])
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Python possesses many mechanisms to invoke an external executable. However,
doing so may present a security issue if appropriate care is not taken to
sanitize any user provided or variable input. This plugin test is part of a
family of tests built to check for process spawning and warn appropriately.
Specifically, this test looks for the spawning of a subprocess without the
use of a command shell. This type of subprocess invocation is not
vulnerable to shell injection attacks, but care should still be taken to
ensure validity of input.


Source: https://semgrep.dev/r/gitlab.bandit.B603


Cc @thypon @kdenhartog

src/tools/libs/async_calls.py
output_file,
f"--interval={interval_ms}",
]
)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Python possesses many mechanisms to invoke an external executable. However,
doing so may present a security issue if appropriate care is not taken to
sanitize any user provided or variable input. This plugin test is part of a
family of tests built to check for process spawning and warn appropriately.
Specifically, this test looks for the spawning of a subprocess without the
use of a command shell. This type of subprocess invocation is not
vulnerable to shell injection attacks, but care should still be taken to
ensure validity of input.


Source: https://semgrep.dev/r/gitlab.bandit.B603


Cc @thypon @kdenhartog

src/tools/libs/devicelib.py

import json
import os
import subprocess
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Consider possible security implications associated with subprocess module.


Source: https://semgrep.dev/r/gitlab.bandit.B404


Cc @thypon @kdenhartog

src/tools/pageload-server.py


if __name__ == "__main__":
# To create certificates: openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Found openssl command using insecure flags

Source: https://semgrep.dev/r/trailofbits.generic.openssl-insecure-flags.openssl-insecure-flags


Cc @thypon @kdenhartog

@minoskt minoskt merged commit 2a5610a into main Feb 28, 2025
7 checks passed
@minoskt minoskt deleted the release/v0.2 branch February 28, 2025 23:27
@minoskt minoskt restored the release/v0.2 branch March 1, 2025 12:09
@mihaiplesa mihaiplesa deleted the release/v0.2 branch March 3, 2025 15:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@stoletheminerals stoletheminerals stoletheminerals approved these changes

@ankeleralph ankeleralph ankeleralph approved these changes

Assignees

@thypon thypon

@kdenhartog kdenhartog

Labels
needs-security-review puLL-Merge
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@minoskt @stoletheminerals @ankeleralph @thypon @kdenhartog