Quixxi CLI

Overview

This module provides a cross-platform command line interface for developers and IT administrators to create, scan and protect Android and iOS mobile apps

Features

  1. Login
  2. Create an app container in Quixxi
  3. Scan your app
  4. List the current Shield settings values
  5. Configure the Shield settings
  6. Download the protected unsigned app
  7. Download the protected debug signed app [Android ONLY]
  8. Logout

Installation

Installing Node.js

Requirements

The following must be intended as exact requirements, not as the minimum ones

  1. Node.js version: 10.13.0
  2. npm version: 6.4.1
  3. Python version: 2.7.15
  4. for Unix systems also: gcc [Mac] or g++ [Ubuntu]

Verify the requirements

In order to check the current version of Node.js, npm and Python independently from the operating system please run:

nodejs -v
npm -v
python -V

IMPORTANT: please be sure to run Python 2.7.15, Python 3 is NOT supported

Installing Quixxi-CLI

Run the following command on your shell or command prompt to install quixxi-cli. If you are on a Windows machine please run it as administrator

npm i quixxi-cli -g

NOTE: the -g flag will install the package globally on the machine

Starting Quixxi-CLI

After the installation, in order to run Quixxi-CLI please type:

quixxi

Available Commands

List of Quixxi-CLI commands

This command provides the list of all the available commands
Usage

help

Login

Login to your Quixxi account
Usage

login [email] [password]

Example

login test@test.com myPassword

Example Output

login test@test.com myPassword
Login success

List the apps

This command shows the list of apps under your Quixxi account
Usage

list apps

Create a new app container

This command allows you to create the app container that will host both the Android and iOS versions of your app
Usage

create app [appContainerName]

Example

create app MyNewApp

Example Output

create app MyNewApp
App created successfully

Scan your app and get the Vulnerability Report link

This command scans your app and makes the related Vulnerability Report available on the portal in the selected app container. Finally it gives back a publicly available link to this document
Usage

scan [Quixxi appContainerName or appID] [appFullPath]

Example

scan MyNewApp “/Users/MyName/MyNewAppFolder/MyNewApp.ipa”
scan MyNewApp “C:\Users\MyName\MyOriginalApps\MyNewApp.apk”

Output

scan MyNewApp “C:\Users\MyName\MyOriginalApps\MyNewApp.apk”
Uploading File [100%====================]
Scanning your App [100%====================]
PDF link :
https://portal-api.quixxi.com/storage/VulnerabilityTest/2f0nv64d-fg2a-4370-878a-7420ff0ed446_com.mycompany.mynewapp.pdf

List the current Shield settings

The purpose of this command is twofold. First of all it is needed to list the optionKeys that will be used to configure the Shield Settings through the next command. Moreover, it is the command to run to double-check the Shield settings before protecting the app. In fact, the settings changes made by the following command are permanently saved against the app, so closing the terminal will NOT discard the previous changes even if the Shield was not launched
Usage :

list android protectionOptions for [Quixxi appContainerName or appID]

Example

list android protectionOptions for MyNewApp

Configure the Shield settings

Before protecting the app it is important to set up the single Shield options, exactly as it happens on the portal. So this command allows you to customize the security parameters. In order to speed up the Shield configuration it is highly suggested to modify only those options that will be chosen differently from the default configurations of each platform. Again, the Shield settings changes are permanently saved against the app, so closing the terminal will NOT discard the changes made till that moment

IMPORTANT – ONLY the options that are editable on the portal will be modifiable also from command line

Usage

set android protectionOptions for [Quixxi appContainerName or appID] [optionKey] [optionValue: 1 – ON, 0 – OFF]

Example

set android protectionOptions for MyNewApp disableScreenshots 1
set android protectionOptions for 277b456e-75bc-46a8-vv73-191b91c80583 disableScreenshots 1

Output

set android protectionOptions for MyNewApp disableScreenshots 1
Configuration Updated

IMPORTANT: all the options in the following table that are marked with [N] will work ONLY on Native apps, i.e. Android apps written in Java or Kotlin and iOS apps written in Obj-C or Swift. The option marked with [C] instead is destined to Cordova apps. If you don’t know the technology behind the app to be shielded don’t worry because Quixxi will detect it for you. So you can still select every option you like and if they don’t match your app then Quixxi will simply skip them while producing the final protected app. The entries whose default values are indicated with a hyphen are editable only if the value of the preceding entry with an assigned default value will be set to 1

Entry optionKey Default Value
[N] Remove app logs removeDebugLogs 1
[N] Disable Copy & Paste Functionality copyPasteProtection 0
Disable screenshots capture & screen sharing disableScreenshots 0
Terminate the app when running in rooted device rootDetection 0
Allow apps installed from Google Play, Samsung and Amazon stores to bypass the root protection playStoreDetection
Terminate the app when connected to the emulator emulatorDetection 0
Integrate Malware Detector SDK quixxiMalwareDetection 0
Machine Learning based malware detection quixxiMachineLearningBasedMalwareDetection
Warn the User quixxiPresenceOfMalware
Stop the app execution quixxiApplicationExcuteMalware
Report to Quixxi portal after threat detection threatLogToCloud 1
Terminate the app when running with the debugger attached debuggerDetection 0
[C] Encrypt the assets folder encryptResourceFiles 0
Terminate the app when “USB debugging” is enabled detectUSBDebugging 0
Terminate the app if installation from “Unknown Sources” is enabled detectUnknownSourcesInstallation 0
[N] Remove unused images removeUnusedResources 1
Send crash reports to Quixxi portal crashLogReporting 0

Shield the application

This command shields your app, returns the outcome of the Shield operation, makes its protected version available on the portal in the selected app container and finally downloads it too in the specified path
Usage

shield [Quixxi appContainerName or appID] [originalAppPath] [outputFileName]

Example

shield MyNewApp “C:\Users\MyName\MyOriginalApps\MyNewApp.apk” “C:\Users\MyName\MyProtectedApps\MyNewApp-Android.zip”
shield MyNewApp “C:\Users\MyName\MyOriginalApps\MyNewApp.ipa” “C:\Users\MyName\MyProtectedApps\MyNewApp-iOS.zip”

Example Output

shield MyNewApp “C:\Users\MyName\MyOriginalApps\MyNewApp.apk” “C:\Users\MyName\MyProtectedApps\MyNewApp.zip”
Uploading File [100%====================]
Protecting your App [100%====================]
Protection successful, Downloading protected file
File downloaded successfully: C:\Users\MyName\MyProtectedApps\MyNewApp.zip

Download the protected unsigned app

This command will let you download a zipped copy of the last protected unsigned app without the need to shield it again
Usage

download protectedApp [Quixxi appContainerName or appID] [platform] [outputFileName]

Example

download protectedApp MyNewApp android “C:\Users\MyName\MyProtectedApps\MyNewApp.zip”
download protectedApp MyNewApp android “/Users/MyName/MyApp/MyProtectedApps/MyNewApp.zip”

Download the test app [Android only]

This command will download the latest test version of your protected app. The app will be signed by Quixxi debug.keystore, so it can be installed directly on device
Usage

download protectedDebugSignedApp [Quixxi appContainerName or appID] [outputFileName]

Example

download protectedDebugSignedApp MyNewApp “C:\Users\MyName\MyProtectedApps\MyNewApp.apk”
download protectedDebugSignedApp MyNewApp “/Users/MyName/MyApp/MyProtectedApps/MyNewApp.apk”

Output

MyNewApp.apk is downloaded and ready to be installed on device for test purposes

Logout

Logout from your Quixxi account
Usage

logout

Exit

This command exits the Quixxi prompt
Usage

exit

Quixxi CLI

Overview

This module provides a cross-platform command line interface for developers and IT administrators to create, protect and manage Quixxi based mobile applications.

Features

  1. Create app in Quixxi
  2. Add packages to app
  3. Protect the app using Quixxi protection
  4. Download the protected app
  5. Integrate Quixxi with your existing CI process using this CLI

Installation

Nodejs

Quixxi CLI is nodejs package, just follow the below instruction to complete the nodejs installation.Please skip this section if you already have nodejs installed.

  1. Go to https://nodejs.org/en/download/
  2. Follow the steps according to your currect operating system.

Verify node js installation

Run following command on your shell Or command prompt to check the version of installed nodejs.


The above command will display the node version installed, if the version is 6.9.2 or above you are good to go with quixxi cli.

Installing Quixxi-CLI

Run following command on your shell Or command prompt to install quixxi-cli.
Please run command prompt as admin user if you are installing on winodws machine.

$ npm i quixxi-cli -g

note : -g flag, this will install the package globaly on the machine

Available Commands

Login
Login to your Quixxi account.
Usage :
login

List Apps
Shows list of apps under your Quixxi account.
Usage :
list apps

Create App
Creates a new app under your account in Quixxi.
Usage :
create app

List Packages
Shows list of packages available in Quixxi.
Usage :
list packages
Output :

Package Name Supported Platfoems
Security Android , iOS
Licensing Android
Analytics Android , iOS , .NET UWP , Web , tvOS
Patch Android , iOS
360Dgrees Android , iOS , Web , tvOS
Musixxi Audio Android , iOS
ANPR Andriod, iOS

List Platforms

Shows list of platforms supported by Quixxi.
Usage :
list platforms
Output :

Package Name
Android
iOS
Web
tvOS
.NET UWP
HoloLens(Unity)

Add Package

Adds package to your app in Quixxi.
Usage :
add package
Example :
add package analytics android MyApp com.mycompany.myapp
Output :
Creates analytics package to your android MyApp.

Protect App

Wraps android apk file using quixxi security, and creates output as zip file.
Usage :
protect androidApp [options] [outputFileName]
Example :
protect androidApp MyApp /Users/MyName/MyApp/MyApp.apk /Users/MyName/MyApp/Output/MyApp.zip
Output :
MyApp.zip is generated with protected unsigned version of your app.

List CloudProtections

Shows list of cloud protections enabled/disabled for the app.
Usage :
list cloudProtections for
Example :
list cloudProtections for MyApp
Output :
success
list cloudProtections for MyApp

Title Name Enabled
Report user and device usage reportUserAndDeviceUsage Yes
Block, Unblock & Notify Users blockUnblockAndNotifyUsers Yes

Enable CloudProtections

Enable analytics,cloud protection option to your app before protecting the app.
Usage :
enable cloudProtections for [listOfItemsToEnable…]
Example :
enable cloudProtections for MyApp reportUserAndDeviceUsage
Output :
success
list cloudProtections for MyApp

Title Name Enabled
Report user and device usage reportUserAndDeviceUsage Yes
Block, Unblock & Notify Users blockUnblockAndNotifyUsers No

Note: Enable/Disable Cloud protection options can be applied only for Enterprise Customers.

Disable CloudProtections

Disable analytics,cloud protection option to your app before protecting the app.
Usage :
disable cloudProtections for [listOfItemsToDiable…]
Example :
disable cloudProtections for MyApp reportUserAndDeviceUsage
Output :
success
list cloudProtections for MyApp

Title Name Enabled
Report user and device usage reportUserAndDeviceUsage No
Block, Unblock & Notify Users blockUnblockAndNotifyUsers No

List ProtectionOptions

Shows list of protection options enabled/disabled for the app.
Usage :
list android protectionOptions for
Example :
list android protectionOptions for MyApp
Output :

Title Name Value
Enable Resource Encryption encryptResourceFiles 1
Use native hash table buildNativeHashTable 1
Use offset Randomization buildOffsetRandomization 1
Use Secure Process secureAppProcess 1
Use Secure Process removeUnusedResources 1
SSL pinning Urls sslPinning 1

Set ProtectionOptions

Sets android protection options for the app before securing the app.
Usage :
Sets android protection options for [optionValue]
Example :
set android protectionOptions for MyApp encryptResourceFiles 0
Output :
Configuration Updated
List android protectionOptions for Mypp

Download App

Download the latest version of your protected app.
Usage :
download protectedAndroidApp [outputFileName]
Example :
download protectedAndroidApp MyApp [outputFileName] /Users/MyName/MyApp/Output/MyApp.zip
Output :
MyApp.zip is generated with protected unsigned version of your app.

Logout

Logout from your Quixxi account.
Usage :
logout

Help

Provides help for a given command.
Usage :
help [command…]
Output Commands :

help [command…] Provides help for a given command.
exit Exits application.
login Login to your Quixxi account.
logout Logout from your Quixxi account.
list apps Shows list of apps.
create app creates an app.
list packages Shows list of apps.
list platforms Shows list of platforms supported by quixxi.
add package Add package to app.
protect androidApp [options] [outputFileName] Wraps android apk file using quixxi security, and creates output as zip file.
download protectedAndroidApp [outputFileName] Download last protected file.
list cloudProtections for Shows list of cloud protections enabled/disabled for the app.
disable cloudProtections for [listOfItemsToDisable…] Disables all cloud protections OR specified in the list.
You can get list of items by executing “list cloudProtections” command
enable cloudProtections for [listOfItemsToDisable…] Enables all cloud protections OR specified in the list.
You can get list of items by executing “list cloudProtections” command
list android protectionOptions for Shows list of protection options enabled/disabled for the app.
set android protectionOptions for [optionValue] Sets android protection options.

Exit

Exits the Quixxi prompt.
Usage :
exit