Ejemplo n.º 1
0
class Dex(File, DexParserInterface):
    __FILE_NAME_CLASSES_DEX = "classes.dex"

    # Class constructor.
    #
    # @param filepath  The classes.dex file path.
    # @param string_processing  If True (default), the URLs and shell commands in the classes.dex will be extracted.
    #
    def __init__(self, filepath, string_processing=True):
        super(Dex, self).__init__(filepath, "classes.dex")

        self._strings = []
        self._urls = []
        self._shell_commands = []
        self._custom_signatures = []

        self._extract_and_set_strings()

        if string_processing:
            self._extract_and_set_substring_from()

    ##
    # Extract the strings from the classes.dex file and set the correspondent attributes. Empty strings will be removed.
    #
    def _extract_and_set_strings(self):
        command = "strings " + self.get_file_path()
        process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=None, shell=True)
        self._strings = process.communicate()[0].decode("utf-8").splitlines()
        self._strings.sort()
        while "" in self._strings:
            self._strings.remove("")

    ##
    # Extract the strings from the classes.dex file and set the correspondent attributes. Empty strings will be removed.
    #
    def _extract_and_set_substring_from(self):
        for string in self._strings:
            if string == "":
                continue

            self._extract_and_set_urls_from(string)
            self._extract_and_set_shell_commands_from(string)
            #self._extract_and_set_signatures_from(string)

        self._urls.sort()
        self._shell_commands.sort()
        #self._custom_signatures.sort()

    ##
    # Extract eventual URLs from a string and set the correspondent attribute.
    #
    # @param string  The string from which extracting the eventual URLs.
    #
    def _extract_and_set_urls_from(self, string):
        if not hasattr(self, "_uri"):
            self._uri_signature = URISignature()
        if len(string) > 6:
            url = self._uri_signature.get_matches_in_string(string)
            if url != "" and url not in self._urls:
                self._urls.append(url)

    ##
    # Extract eventual shell commands from a string and set the correspondent attribute.
    #
    # @param string  The string from which extracting the eventual shell commands.
    #
    def _extract_and_set_shell_commands_from(self, string):
        if not hasattr(self, "_shell"):
            self._shell_signature = ShellCommandSignature()
        command = self._shell_signature.get_matches_in_string(string)
        if command != "" and command not in self._shell_commands:
            self._shell_commands.append(command)

    ##
    # Extract eventual signatures from a string and set the correspondent attribute.
    #
    # @param string  The string from which extracting the eventual signatures.
    #
    def _extract_and_set_signatures_from(self, string):
        if not hasattr(self, "_shell"):
            self._generic_signature = Signature()
            match = self._generic_signature.get_matches_in_string(string)
            if match != "" and match not in self._custom_signatures:
                self._custom_signatures.append(match)

    @staticmethod
    def looks_like_a_dex(filename):
        return filename == Dex.__FILE_NAME_CLASSES_DEX

    def dump(self):
        dump = super(Dex, self).dump()
        dump["urls"] = self._urls
        dump["shell_commands"] = self._shell_commands
        #dump["custom_signatures"] = self._custom_signatures
        dump["strings"] = self._strings
        return dump

    def get_strings(self):
        return self._strings

    def get_urls(self):
        return self._urls

    def get_shell_commands(self):
        return self._shell_commands

    def get_custom_signatures(self):
        return self._custom_signatures
Ejemplo n.º 2
0
 def _extract_and_set_signatures_from(self, string):
     if not hasattr(self, "_shell"):
         self._generic_signature = Signature()
         match = self._generic_signature.get_matches_in_string(string)
         if match != "" and match not in self._custom_signatures:
             self._custom_signatures.append(match)
Ejemplo n.º 3
0
 def setUpClass(cls):
     cls.signature = Signature()