📱 Andriller - is software utility with a collection of forensic tools for smartphones

Overview

Andriller CE (Community Edition)

Build Workflow License PyPI Version Twitter Follow

Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. It has features, such as powerful Lockscreen cracking for Pattern, PIN code, or Password; custom decoders for Apps data from Android (some Apple iOS & Windows) databases for decoding communications. Extraction and decoders produce reports in HTML and Excel formats.

Features

  • Automated data extraction and decoding
  • Data extraction of non-rooted without devices by Android Backup (Android versions 4.x, varied/limited support)
  • Data extraction with root permissions: root ADB daemon, CWM recovery mode, or SU binary (Superuser/SuperSU)
  • Data parsing and decoding for Folder structure, Tarball files (from nanddroid backups), and Android Backup (backup.ab files)
  • Selection of individual database decoders for Android apps
  • Decryption of encrypted WhatsApp archived databases (.crypt to .crypt12, must have the right key file)
  • Lockscreen cracking for Pattern, PIN, Password (not gatekeeper)
  • Unpacking the Android backup files
  • Screen capture of a device's display screen

Python Requirements

  • 3.6-3.10 (64-bit version recommended)

It is highly advised to setup a virtual environment to install Andriller and its dependencies in it. However, it is not essential, and the global environment can also be used. Depending on how Python was setup, it may be needed to substitute python and pip to python3 and pip3 retrospectively for the instructions below.

Windows only: when installing Python from https://www.python.org, make sure Add Python to PATH is ticked.

System Dependencies

  • adb
  • python3-tk

[Ubuntu/Debian] Install from Terminal:

sudo apt-get install android-tools-adb python3-tk

[Mac] Install from Homebrew:

brew install android-platform-tools

[Windows] : Included.

Installation (Recommended way)

Create a virtual environment using Python 3:

python3 -m venv env

Activate the virtual environment (Linux/Mac):

source env/bin/activate

Activate the virtual environment (Windows):

.\env\Scripts\activate

Install Andriller with its Python dependencies (same command to upgrade it):

pip install andriller -U

Quick Start (run GUI)

python -m andriller

License

MIT License

Contributing

Contributions are welcome, please make your pull requests to the dev branch of the repository.

Bug Tracker

Bugs and issues can be submitted in the (Issues) section.

Donations

You may make donations to the projects, or you can also just buy me a beer:

Donate

Comments
  • error (on 2 andriods) backup too small

    error (on 2 andriods) backup too small

    the backup is not working with an error "Andriod backup failed - too small i have this issue on my old Sony Andriod and HTC phone. they connect but it never worked.

    any ideas?

    opened by yazeed000 0
  • zlib.error: Error -3 while decompressing data: incorrect header check

    zlib.error: Error -3 while decompressing data: incorrect header check

    Hello, when I click on "EXTRACT", a popup telling me to save the backup on the device appears.

    I look at the device, but being it encrypted by the owner, it asks to choose and insert a password for the backup.

    I insert 123 just to proceed, but then Andriller gets stuck and I can see on the console

    Exception in thread Thread-11: Traceback (most recent call last): File "C:\Users\Tanner\AppData\Local\Programs\Python\Python39\lib\threading.py", line 980, in _bootstrap_inner self.run() File "C:\Users\Tanner\AppData\Local\Programs\Python\Python39\lib\threading.py", line 917, in run self._target(*self._args, **self._kwargs) File "C:\Users\Tanner\AppData\Local\Programs\Python\Python39\lib\site-packages\andriller\utils.py", line 40, in command return method(self, *args, **kwargs) File "C:\Users\Tanner\AppData\Local\Programs\Python\Python39\lib\site-packages\andriller\gui\windows.py", line 418, in RunUsbExtraction drill.DataExtraction() File "C:\Users\Tanner\AppData\Local\Programs\Python\Python39\lib\site-packages\andriller\driller.py", line 316, in DataExtraction self.AndroidBackupToTar() File "C:\Users\Tanner\AppData\Local\Programs\Python\Python39\lib\site-packages\andriller\driller.py", line 253, in AndroidBackupToTar self.tarfile = self.tools.ab_to_tar(self.backup) File "C:\Users\Tanner\AppData\Local\Programs\Python\Python39\lib\site-packages\andriller\utils.py", line 160, in ab_to_tar c = zlib_obj.decompress(d) zlib.error: Error -3 while decompressing data: incorrect header check

    Is there any possibility to fix this issue?

    opened by Tanner85 0
  • Feature Request: SMS/calls extraction on non rooted device with temporary app

    Feature Request: SMS/calls extraction on non rooted device with temporary app

    Hi, Andriller is pretty cool but limited on rooted-only device (for most interesting things).

    I know that some expensive forensic extraction software uses ADB to install a temporary app that can grab all SMS and calls (among other things). This app is defined as the default SMS and calls app with the user allowing permissions. After the extraction the app is uninstalled and the default apps are changed to the previous ones.

    It would be very useful to have that kind of extraction. Thanks.

    opened by Aztorius 0
  • FaceBook Messenger parsing Error

    FaceBook Messenger parsing Error

    Describe the bug Older FaceBook Messenger file will not parse

    To Reproduce Steps to reproduce the behavior:

    1. Go to Decoders
    2. Scroll down to Facebook Messenger
    3. Select db file
    4. See error below

    Expected behavior Parse the messages

    Screenshots Started: Andriller CE 3.5.3 Time settings/format: Y-m-d H:M:S Z Detected/PC time: 2021-09-24 11:38:49 Universal time: 2021-09-24 15:38:49 UTC Time in reports: 2021-09-24 15:38:49 UTC <-- Decoding: threads_db2 'sticker_id' Traceback (most recent call last): File "andriller\windows.py", line 63, in func File "andriller\windows.py", line 509, in decode_file File "andriller\decoders.py", line 531, in init File "andriller\classes.py", line 68, in init File "andriller\decoders.py", line 619, in main File "andriller\decoders.py", line 575, in get_sticker KeyError: 'sticker_id'

    Environment (please complete the following information):

    • OS: Windows 11
    • Andriller version 3.5.3
    • Was it an installer or run from source (installer/source). CE Version

    Target Android device (where applicable): Extracted file

    Error Log / Traceback Started: Andriller CE 3.5.3 Time settings/format: Y-m-d H:M:S Z Detected/PC time: 2021-09-24 11:38:49 Universal time: 2021-09-24 15:38:49 UTC Time in reports: 2021-09-24 15:38:49 UTC <-- Decoding: threads_db2 'sticker_id' Traceback (most recent call last): File "andriller\windows.py", line 63, in func File "andriller\windows.py", line 509, in decode_file File "andriller\decoders.py", line 531, in init File "andriller\classes.py", line 68, in init File "andriller\decoders.py", line 619, in main File "andriller\decoders.py", line 575, in get_sticker KeyError: 'sticker_id'

    Additional context None

    opened by sambrothers 0
  • Extraction issue with su/cat on rooted device

    Extraction issue with su/cat on rooted device

    Describe the bug Andriller fails to extract internal databases using the the get_file(su/cat) method.

    To Reproduce

    1. Connect rooted Android device.
    2. Set output folder.
    3. Click Check and then Extract.

    Expected behavior Andriller extracts and parses the various databases, e.g. calllog.db.

    Screenshots n/a

    Environment:

    • OS: Debian Sid
    • Andriller version: 3.5.3
    • Installation from PyPi.
    • Python version: 3.9.2
    • ADB binary path: /usr/bin/adb
    • ADB version: Android Debug Bridge version 1.0.41, Version 28.0.2-debian, Installed as /usr/lib/android-sdk/platform-tools/adb

    Target Android device:

    • When a device is connected, is it recognised when clicked on Check? Yes.
    • Device make / model: Oneplus 5T
    • Android OS: 11 / Lineage 18.1 "dumpling"
    • Screenlock present? Yes, known credentials.

    Error Log / Traceback andriller.log

    Additional context The reason appears to be related to the unstrip function in the adb_conn.py file. With the following change which effectively bypasses the function, I got the extraction working:

    136     def unstrip(self, data: bytes) -> bytes:¬                                   
    137         return data # re.sub(self.rmr, b'\n', data)¬ 
    

    So maybe the value of the _is_adb_out_post_v5 variable is not setup correctly? It appears to be False in my case, although I have adb exec-out id available.

    opened by m1435 3
  • Signal database and/or backup extraction

    Signal database and/or backup extraction

    Signal has been growing as a secure messaging platform, but extracting from it is currently not supported in Andriller. I was wondering is there is any chance for adding support either for Signal Backup or Signal Database extraction?

    Their encryption code is public and there are standalone backup extraction utilities such as https://github.com/xeals/signal-back (written in Go) and https://github.com/tbvdm/sigbak (written in C).

    help wanted 
    opened by pshem 3
Releases(3.6.3)
Owner
Denis Sazonov
Denis Sazonov
OSGeo4A is a build environment to cross-compile opensource GIS software for android devices

OSGeo4A This provides a set of scripts to build opensource geo tools for Android. This is Experimental Dependencies instructions you need a JDK v8 or

OPENGIS.ch 31 Aug 5, 2022
This software was developed using an Agile and TDD methodology

VM-EmpDirectory Software Development Approach This software was developed using

null 0 Dec 22, 2021
Money Manager Ex is a free, open-source, cross-platform, easy-to-use personal finance software

Money Manager Ex is a free, open-source, cross-platform, easy-to-use personal finance software. It primarily helps organize one's finances and keeps track of where, when and how the money goes.

Money Manager EX 1.2k Dec 31, 2022
Copylefted libre software (GPLv3+) card management app

Catima Copylefted libre software (GPLv3+) card management app. Logo by Rose (TangentFoxy) Stores your store loyalty and membership cards on your devic

Catima 402 Jan 4, 2023
Game project in TDT4240 Software Architecture

Star Battle NTNU Intergalactic space warfare - Game project in TDT4240 Software Architecture View Demo Table of Contents About the Project Tech Stack

William H. Le 3 Sep 28, 2022
Design patterns are typical solutions to common problems in software design

Design patterns are typical solutions to common problems in software design. Each pattern is like a blueprint that you can customize to solve a particular design problem in your code.

hamid 4 Aug 30, 2022
Utility Android app for generating color palettes of images using the Palette library. Written in Kotlin.

Palette Helper is a simple utility app made to generate color palettes of images using Google's fantastic Palette library. It's mostly a for-fun pet p

Zac Sweers 154 Nov 18, 2022
Utility Android app for generating color palettes of images using the Palette library. Written in Kotlin.

Palette Helper is a simple utility app made to generate color palettes of images using Google's fantastic Palette library. It's mostly a for-fun pet p

Zac Sweers 154 Nov 18, 2022
An Application made with Android Studio that utilized National Renewable Energy Laboratory (PV Watts) API to detect nearby utility companies and electricity rates.

Electric App Electric App is a mobile application made on Android Studio that utilized the National Renewable Energy Laboratory (PV Watts) API to dete

null 1 Dec 6, 2021
📒 NotyKT is a complete 💎Kotlin-stack (Backend + Android) 📱 application built to demonstrate the use of Modern development tools with best practices implementation🦸.

NotyKT ??️ NotyKT is the complete Kotlin-stack note taking ??️ application ?? built to demonstrate a use of Kotlin programming language in server-side

Shreyas Patil 1.4k Jan 8, 2023
Shreyas Patil 2.1k Dec 30, 2022
Alkaa is a to-do application project to study the latest components, architecture and tools for Android development

Alkaa (begin, start in Finnish) is a to-do application project to study the latest components, architecture and tools for Android development. The project evolved a lot since the beginning is available on Google Play! ❤️

Igor Escodro 851 Jan 9, 2023
A Simple and Minimal Quotes Android Application to demonstrate the Modern Android Development tools

Quotee Android ?? A Simple and Minimal Quotes Android Application to demonstrate the Modern Android Development tools. Developed with ❤️ by Aminullah

null 12 Aug 24, 2022
A multi-modular Gradle project that encapsulates various modules to learn Kotlin language, tools and frameworks.

KotlinLearn This is a gradle project for the sole basis of exploring and learning Kotlin language, tools and frameworks. The root project wil encapsul

Victor Kiprop 2 Oct 10, 2021
Inspection tools for native android apps

InspectElement This project was just an exercise based on Android Developer Assistant, I have used AccessibilityService for inspecting, You can change

AmirHosseinAghajari 4 Sep 9, 2022
The application is developed using Modern tools/libraries with UI implementations with Navigation architecture

This is mobile application which actual users will interact with. The application is developed using Modern tools/libraries with UI implementations with Navigation architecture. It connects with the Dog API to retrieve data. more detail of api can be found here - https://dog.ceo/dog-api/documentation/random This project a basic example of Retrofit and mvvm

null 4 Feb 3, 2022
A simple Android project using modern Android development tools and libraries.

A simple Android project using modern Android development tools and libraries.

Ahmed Sumeiry 0 Feb 3, 2022
Easy setup of static analysis tools for Android and Java projects.

[DEPRECATED] Gradle static analysis plugin ⚠️ A fork of this project is maintained at https://github.com/GradleUp/static-analysis-plugin/ Please migra

Novoda 408 Dec 19, 2022
An extensive collection of Kotlin Android Utils

An extensive collection of Kotlin Android Utils This library contains small helper functions used throughout almost all of my other projects. The goal

Allan Wang 207 Dec 23, 2022