def scanning(self): if self.apk is None: sys.exit(util.writeln("** Undefined package. Exit!", col.FAIL)) util.writeln("\n** Scanning against '%s'" % (self.apk.package), col.OKBLUE) self.out_json["package"] = self.apk.package self.out_json["results"] = [] with open(self.pattern) as regexes: regex = json.load(regexes) for name, pattern in regex.items(): if isinstance(pattern, list): for p in pattern: try: thread = threading.Thread( target=self.extract, args=(name, util.finder(p, self.tempdir))) thread.start() except KeyboardInterrupt: sys.exit( util.writeln("\n** Interrupted. Aborting...", col.FAIL)) else: try: thread = threading.Thread( target=self.extract, args=(name, util.finder(pattern, self.tempdir))) thread.start() except KeyboardInterrupt: sys.exit( util.writeln("\n** Interrupted. Aborting...", col.FAIL))
def decompile(self): util.writeln("** Decompiling APK...", col.OKBLUE) args = [self.jadx, self.file, "-d", self.tempdir] try: args.extend(re.split(r"\s|=", self.disarg)) except Exception: pass comm = "%s" % (" ".join(quote(arg) for arg in args)) os.system(comm)
def cleanup(self): shutil.rmtree(self.tempdir) if self.scanned: self.fileout.write("%s" % (json.dumps(self.out_json, indent=4) if self.json else "")) self.fileout.close() print("%s\n** Results saved into '%s%s%s%s'%s." % (col.HEADER, col.ENDC, col.OKGREEN, self.output, col.HEADER, col.ENDC)) else: os.remove(self.output) util.writeln("\n** Done with nothing. ¯\\_(ツ)_/¯", col.WARNING)
def dependencies(self): exter = "https://github.com/skylot/jadx/releases/download/v1.2.0/jadx-1.2.0.zip" try: with closing(urlopen(exter)) as jadx: with ZipFile(io.BytesIO(jadx.read())) as zfile: zfile.extractall(os.path.join(str(Path(self.main_dir).parent), "jadx")) os.chmod(self.jadx, 33268) except Exception as error: util.writeln(str(error), col.WARNING) sys.exit()
def extract(self, name, matches): if len(matches): stdout = ("[%s]" % (name)) util.writeln("\n" + stdout, col.OKGREEN) self.fileout.write("%s" % (stdout + "\n" if self.json is False else "")) for secret in matches: if name == "LinkFinder" and re.match(r"^.(L[a-z]|application|audio|fonts|image|layout|multipart|plain|text|video).*\/.+", secret) is not None: continue stdout = ("- %s" % (secret)) print(stdout) self.fileout.write("%s" % (stdout + "\n" if self.json is False else "")) self.fileout.write("%s" % ("\n" if self.json is False else "")) self.out_json["results"].append({"name": name, "matches": matches}) self.scanned = True
def integrity(self): if os.path.exists(self.jadx) is False: util.writeln("Can't find jadx binary.", col.WARNING) valid = { "yes": True, "y": True, "ye": True, "no": False, "n": False } while True: util.write("Do you want to download jadx? (Y/n) ", col.OKBLUE) try: choice = input().lower() if choice == "": choice = valid["y"] break elif choice in valid: choice = valid[choice] break else: util.writeln( "\nPlease respond with 'yes' or 'no' (or 'y' or 'n').", col.WARNING) except KeyboardInterrupt: sys.exit( util.writeln("\n** Interrupted. Aborting.", col.FAIL)) if choice: util.writeln("\n** Downloading jadx...\n", col.OKBLUE) self.dependencies() else: sys.exit(util.writeln("\n** Aborted.", col.FAIL)) if os.path.isfile(self.file): try: self.apk = self.apk_info() except Exception as error: util.writeln(str(error), col.WARNING) sys.exit() else: return self.apk else: sys.exit(util.writeln("It's not a valid file!", col.WARNING))
def decompile(self): util.writeln("** Decompiling APK...", col.OKBLUE) args = [self.jadx, self.file, "-d", self.tempdir] args.extend(self.disarg) comm = "%s" % (" ".join(quote(arg) for arg in args)) os.system(comm)