-
Notifications
You must be signed in to change notification settings - Fork 239
Non ‐ interactive mode
Since version 2.4.6, Medusa introduces a non-interactive mode, enhancing its capability to integrate seamlessly into automated pipelines or processes. This feature allows Medusa to operate autonomously, requiring no direct user input during its execution, making it an ideal candidate for continuous integration systems, batch processing, or other automated environments.
To utilise Medusa in non-interactive mode, you'll need to specify the following parameters:
- Package Name: The target application's package name.
- Time in Seconds: Duration for which Medusa should run.
- Filename for Output Logs: Destination file where Medusa will write its output logs.
- Modules File: A text file listing the modules Medusa should execute during its run. This file allows for customisable and targeted analysis.
- Device ID: Identifier for the device on which Medusa should operate.
To execute Medusa in non-interactive mode, you might use a command like the following:
medusa --not-interactive -p com.foo.bar -t 60 -s output.log -m recipe.txt -d dev-123This command sets up Medusa to analyze the application com.foo.bar on the device dev-123. It runs for 60 seconds, using the modules listed in recipe.txt, and records the session's output in output.log. Additionally, a screen recording of the device during the application's execution will be saved in the same directory as output.log, providing a comprehensive view of the application's behavior during analysis.
-
Obtaining Device ID: To find the device ID, simply enter
adb devicesin your terminal. This command lists all connected devices along with their unique device IDs. -
Creating a Modules File: To specify which modules Medusa should run in non-interactive mode, you'll need to create a modules file. This can be done in two ways:
- Using the Export Command: While operating Medusa in interactive mode, utilize the export command. This approach not only saves your current session's modules but also captures any additional code you've entered into the scratchpad.
-
Manually Creating a Text File: Alternatively, you can manually create a text file and list the modules you wish to run. Each module should be specified in the format:
MODULE <category>/<module_name>
To create a modules file manually, your text file might look something like this:
MODULE http_communications/multiple_unpinner
MODULE webviews/hook_webviews
MODULE intents/start_activity
MODULE helpers/android_net_uri
Medusa Wiki
Medusa Wiki
-
- Searching for the right module
- Getting info about a module
- Stashing / un-stashing
- Compiling
- Starting a session
- Hooking beyond the modules
- Importing Frida scripts
- Working with native libraries
- Working with the application's memory
- Getting Class and Object snapshots
- Useful utilities
- Saving a session (recipe)