From 97039270b798ae00606aee5967d502e8480d7b5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20Novotn=C3=BD?= <62177414+yardexx@users.noreply.github.com> Date: Tue, 19 Nov 2024 15:59:49 +0100 Subject: [PATCH 1/8] build: match versions --- android/build.gradle | 6 +++++- example/android/app/build.gradle | 3 +-- example/android/settings.gradle | 2 +- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/android/build.gradle b/android/build.gradle index 8b4ed29..8672f8a 100644 --- a/android/build.gradle +++ b/android/build.gradle @@ -3,7 +3,7 @@ version '1.0-SNAPSHOT' buildscript { ext.kotlin_version = '1.7.20' - ext.talsec_version = '12.0.0' + ext.talsec_version = '13.0.0' repositories { google() mavenCentral() @@ -51,6 +51,10 @@ android { minSdkVersion 23 consumerProguardFiles 'consumer-rules.pro' } + + lintOptions { + disable 'InvalidPackage' + } } dependencies { diff --git a/example/android/app/build.gradle b/example/android/app/build.gradle index 1d8ff3b..101709d 100644 --- a/example/android/app/build.gradle +++ b/example/android/app/build.gradle @@ -43,8 +43,7 @@ android { applicationId "com.aheaditec.freerasp_example" // Talsec library needs higher version than default (16) minSdkVersion 23 - // TODO: Update to "flutter.targetSdkVersion" when sdk will be updated to >= 2.0 - targetSdkVersion 31 + targetSdkVersion flutter.targetSdkVersion versionCode flutterVersionCode.toInteger() versionName flutterVersionName } diff --git a/example/android/settings.gradle b/example/android/settings.gradle index f4524f2..37dc226 100644 --- a/example/android/settings.gradle +++ b/example/android/settings.gradle @@ -19,7 +19,7 @@ pluginManagement { plugins { id "dev.flutter.flutter-plugin-loader" version "1.0.0" id "com.android.application" version "7.4.2" apply false - id "org.jetbrains.kotlin.android" version "1.6.10" apply false + id "org.jetbrains.kotlin.android" version "1.7.20" apply false } include ":app" \ No newline at end of file From ed78dbd1787a8cbaca1a0e92a9d9e945c7f3a317 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20Novotn=C3=BD?= <62177414+yardexx@users.noreply.github.com> Date: Tue, 19 Nov 2024 16:00:04 +0100 Subject: [PATCH 2/8] feat: add new callback --- android/src/main/kotlin/com/aheaditec/freerasp/Threat.kt | 2 ++ .../aheaditec/freerasp/handlers/PluginThreatHandler.kt | 4 ++++ lib/src/enums/threat.dart | 8 ++++++++ lib/src/talsec.dart | 2 ++ lib/src/threat_callback.dart | 4 ++++ 5 files changed, 20 insertions(+) diff --git a/android/src/main/kotlin/com/aheaditec/freerasp/Threat.kt b/android/src/main/kotlin/com/aheaditec/freerasp/Threat.kt index ee3a2d0..8df0ae6 100644 --- a/android/src/main/kotlin/com/aheaditec/freerasp/Threat.kt +++ b/android/src/main/kotlin/com/aheaditec/freerasp/Threat.kt @@ -31,4 +31,6 @@ internal sealed class Threat(val value: Int) { object SystemVPN : Threat(659382561) object DevMode : Threat(45291047) + + object ADBEnabled : Threat(379769839) } \ No newline at end of file diff --git a/android/src/main/kotlin/com/aheaditec/freerasp/handlers/PluginThreatHandler.kt b/android/src/main/kotlin/com/aheaditec/freerasp/handlers/PluginThreatHandler.kt index 8ed309f..8e8afcc 100644 --- a/android/src/main/kotlin/com/aheaditec/freerasp/handlers/PluginThreatHandler.kt +++ b/android/src/main/kotlin/com/aheaditec/freerasp/handlers/PluginThreatHandler.kt @@ -76,6 +76,10 @@ internal object PluginThreatHandler : ThreatDetected, DeviceState { notify(Threat.DevMode) } + override fun onADBEnabledDetected() { + notify(Threat.ADBEnabled) + } + override fun onMalwareDetected(suspiciousApps: List) { notify(suspiciousApps) } diff --git a/lib/src/enums/threat.dart b/lib/src/enums/threat.dart index a833ad4..8c4b036 100644 --- a/lib/src/enums/threat.dart +++ b/lib/src/enums/threat.dart @@ -54,6 +54,12 @@ enum Threat { /// /// Android only devMode, + + /// The application is running on a device that has active ADB + /// (Android Debug Bridge). + /// + /// Android only + adb, } /// An extension on the [Threat] enum to provide additional functionality. @@ -112,6 +118,8 @@ extension ThreatX on Threat { return Threat.systemVPN; case 45291047: return Threat.devMode; + case 379769839: + return Threat.adb; default: // Unknown data came from native code. This shouldn't normally happen. exit(127); diff --git a/lib/src/talsec.dart b/lib/src/talsec.dart index 83ec38d..3498f88 100644 --- a/lib/src/talsec.dart +++ b/lib/src/talsec.dart @@ -193,6 +193,8 @@ class Talsec { callback.onSystemVPN?.call(); case Threat.devMode: callback.onDevMode?.call(); + case Threat.adb: + callback.onADB?.call(); } }); } diff --git a/lib/src/threat_callback.dart b/lib/src/threat_callback.dart index 2417488..a67bdff 100644 --- a/lib/src/threat_callback.dart +++ b/lib/src/threat_callback.dart @@ -34,6 +34,7 @@ class ThreatCallback extends TalsecPigeonApi { this.onSecureHardwareNotAvailable, this.onSystemVPN, this.onDevMode, + this.onADB, this.onMalware, }); @@ -83,6 +84,9 @@ class ThreatCallback extends TalsecPigeonApi { /// This method is called whe the device has Developer mode enabled final VoidCallback? onDevMode; + /// This method is called when the device has active ADB (Android Debug) + final VoidCallback? onADB; + @override void onMalwareDetected(List packageInfo) { onMalware?.call(packageInfo); From 6c1b14a57ee16c16f6f648f50e7bfe2d3fd72b3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20Novotn=C3=BD?= <62177414+yardexx@users.noreply.github.com> Date: Tue, 19 Nov 2024 16:00:14 +0100 Subject: [PATCH 3/8] fix: update tests --- test/test_utils/spy_threat_callback.dart | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/test_utils/spy_threat_callback.dart b/test/test_utils/spy_threat_callback.dart index 55ac8f4..5a670cd 100644 --- a/test/test_utils/spy_threat_callback.dart +++ b/test/test_utils/spy_threat_callback.dart @@ -54,6 +54,8 @@ class SpyThreatListener { callback.onSystemVPN?.call(); case Threat.devMode: callback.onDevMode?.call(); + case Threat.adb: + callback.onADB?.call(); } } } From a40e7274df3d12ee6aef2ecdac4a4068e4089a70 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20Novotn=C3=BD?= <62177414+yardexx@users.noreply.github.com> Date: Tue, 19 Nov 2024 16:23:35 +0100 Subject: [PATCH 4/8] fix: update tests --- test/src/enums/threat_test.dart | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/test/src/enums/threat_test.dart b/test/src/enums/threat_test.dart index e5fde88..ea1d1ee 100644 --- a/test/src/enums/threat_test.dart +++ b/test/src/enums/threat_test.dart @@ -2,10 +2,10 @@ import 'package:flutter_test/flutter_test.dart'; import 'package:freerasp/freerasp.dart'; void main() { - test('Threat enum should contain 13 values', () { + test('Threat enum should contain 14 values', () { final threatValuesLength = Threat.values.length; - expect(threatValuesLength, 13); + expect(threatValuesLength, 14); }); test('Threat enum should match its values index', () { @@ -24,6 +24,7 @@ void main() { expect(threatValues[10], Threat.secureHardwareNotAvailable); expect(threatValues[11], Threat.systemVPN); expect(threatValues[12], Threat.devMode); + expect(threatValues[13], Threat.adb); }); test( @@ -43,6 +44,7 @@ void main() { expect(ThreatX.fromInt(1564314755), Threat.secureHardwareNotAvailable); expect(ThreatX.fromInt(659382561), Threat.systemVPN); expect(ThreatX.fromInt(45291047), Threat.devMode); + expect(ThreatX.fromInt(379769839), Threat.adb); }, ); } From a13e5e2362389fd8be3ca265c1a9d48e833da6f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20Novotn=C3=BD?= <62177414+yardexx@users.noreply.github.com> Date: Tue, 19 Nov 2024 16:23:43 +0100 Subject: [PATCH 5/8] fix: update docs --- lib/src/enums/threat.dart | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/src/enums/threat.dart b/lib/src/enums/threat.dart index 8c4b036..fbba7f9 100644 --- a/lib/src/enums/threat.dart +++ b/lib/src/enums/threat.dart @@ -90,6 +90,7 @@ extension ThreatX on Threat { /// * 1564314755 - secureHardwareNotAvailable /// * 659382561 - systemVPN /// * 45291047 - devMode + /// * 379769839 - adb static Threat fromInt(int code) { switch (code) { case 1268968002: From c416171f0074eea4e0bfb5113e12dab8b4aeac81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20Novotn=C3=BD?= <62177414+yardexx@users.noreply.github.com> Date: Tue, 19 Nov 2024 16:23:52 +0100 Subject: [PATCH 6/8] fix: implement example --- example/lib/threat_notifier.dart | 1 + 1 file changed, 1 insertion(+) diff --git a/example/lib/threat_notifier.dart b/example/lib/threat_notifier.dart index 8aa9663..eeac585 100644 --- a/example/lib/threat_notifier.dart +++ b/example/lib/threat_notifier.dart @@ -27,6 +27,7 @@ class ThreatNotifier extends AutoDisposeNotifier { _updateThreat(Threat.secureHardwareNotAvailable), onSystemVPN: () => _updateThreat(Threat.systemVPN), onDevMode: () => _updateThreat(Threat.devMode), + onADB: () => _updateThreat(Threat.adb), ); Talsec.instance.attachListener(threatCallback); From 2bc98d2fd32b8122a1f3f84b930da1b192121eb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20Novotn=C3=BD?= <62177414+yardexx@users.noreply.github.com> Date: Tue, 19 Nov 2024 16:30:34 +0100 Subject: [PATCH 7/8] chore: version bump + CHANGELOG --- CHANGELOG.md | 14 ++++++++++++++ pubspec.yaml | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8b4fa77..0070b0f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [6.9.0] - 2024-11-19 +- Android SDK version: 13.0.0 +- iOS SDK version: 6.6.3 + +### Flutter + +#### Added +- New feature: ADB detection as a new callback for enhanced app security + +### Android + +#### Added +- ADB detection feature + ## [6.8.0] - 2024-11-15 - Android SDK version: 12.0.0 - iOS SDK version: 6.6.3 diff --git a/pubspec.yaml b/pubspec.yaml index 0844619..845ddb0 100644 --- a/pubspec.yaml +++ b/pubspec.yaml @@ -1,6 +1,6 @@ name: freerasp description: Flutter library for improving app security and threat monitoring on Android and iOS mobile devices. Learn more about provided features on the freeRASP's homepage first. -version: 6.8.0 +version: 6.9.0 homepage: https://www.talsec.app/freerasp-in-app-protection-security-talsec repository: https://github.com/talsec/Free-RASP-Flutter From 6d54a0a477f1c7454b456bd2952827876ded640b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20Novotn=C3=BD?= <62177414+yardexx@users.noreply.github.com> Date: Tue, 19 Nov 2024 16:47:38 +0100 Subject: [PATCH 8/8] chore: update README --- README.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index aaf5e1b..fb2efb2 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,11 @@ Learn more about commercial features at [https://talsec.app](https://talsec.app) Learn more about freemium freeRASP features at [GitHub main repository](https://github.com/talsec/Free-RASP-Community). +## :radioactive: freeMalwareDetection +**freeMalwareDetection** is a powerful feature designed to enhance the security of your Android application by quickly and efficiently scanning for malicious or suspicious applications (e.g. Android malware) based on various blacklists and security policies. It helps to detect apps with suspicious package names, hashes, or potentially dangerous permissions. + +After the integration of freeRASP, make sure you visit the [freeMalwareDetection](https://github.com/talsec/freeMalwareDetection) repository to learn more about this feature! + # :book: Discover the Official freeRASP Documentation Visit the [GitBook page](https://docs.talsec.app/freerasp) for comprehensive and up-to-date guides, tutorials, and technical documentation specifically for freeRASP. It serves as your go-to resource, offering everything from basic instructions to advanced tips and tricks to help you get the most out of the project. @@ -54,12 +59,6 @@ For integrating freeRASP on the Flutter platform, be sure to follow all the step Be sure to bookmark it and stay informed! :books: :sparkles:. -## :scroll: Reference to Legacy Documentation - -If you have any suggestions for improvement or notice anything that could be clarified in the new GitBook documentation, please open an issue. Your feedback helps us maintain high-quality resources for all users. - -For information on older integration methods, you can refer to the [freeRASP wiki](https://github.com/talsec/Free-RASP-Flutter/wiki), which includes comprehensive legacy details and guidance. Additionally, the old integration can be found when you checkout to a specific tag. Your input is invaluable in helping us improve our resources and provide even better support for your needs. - # :rocket: What's New and Changelog Stay informed and make the most of freeRASP by checking out [What's New and Changelog](https://docs.talsec.app/freerasp/whats-new-and-changelog)! Here, you’ll discover the latest features, enhancements, and bug fixes we’ve implemented to improve your experience across all platforms, including Android, iOS, Flutter, React Native, Capacitor, and Cordova. @@ -72,4 +71,4 @@ If you have any ideas for improvements, feel free to [raise an issue](https://gi You can check out the project board [here](https://github.com/orgs/talsec/projects/2). # :page_facing_up: License -This project is provided as freemium software, i.e. there is a fair usage policy that imposes some limitations on the free usage. The SDK software consists of open-source and binary parts, which is the property of Talsec. The open-source part is licensed under the MIT License - see the LICENSE file for details. +This project is provided as freemium software, i.e. there is a fair usage policy that imposes some limitations on the free usage. The SDK software consists of open-source and binary parts, which is the property of Talsec. The open-source part is licensed under the MIT License - see the LICENSE file for details. \ No newline at end of file