Example #1
0
def main():
    if len(sys.argv) != 2:
        print sys.argv[0],"apk_name"
        sys.exit(1)
    
    f_name = sys.argv[1]
    f_md5 = md5Checksum(sys.argv[1]);

    try:
        dir_name = APK_ROOT + "/analytics/" + f_md5 + "/"
        if os.path.exists(dir_name): 
            a, d, dx = read_apk(f_name, f_md5)
            result = getAPKInformationJson(a, d)
            print '{"result":"Analytics already exist.", "error":null, "id":"' + f_md5 + '", "detail":"http://annonapk.com/apk/analytics/' + f_md5 +'", "apk_info":' + result + '}'
            sys.exit(1)
        # force to delete directory by command (apktool d -f )
        apktoolAnalyze(f_name, f_md5)
        result = androguardAnalyze(f_name, f_md5)
        print '{"result":"Done.", "error":null, "id":"' + f_md5 + '", "detail":"http://annonapk.com/apk/analytics/' + f_md5 + '", "apk_info":' + result + '}'
        with open(dir_name + "result", "ab") as f:
            f.write(result)
    except SystemExit:
        pass
    except:
        sys.stderr.write("Unexpected error: %s\n" % sys.exc_info()[0])
        print '{"result":null, "error":"Parse error."}'
Example #2
0
def androguardAnalyze(f_name, f_md5):
    a, d, dx = read_apk(f_name, f_md5)

    for current_class in d.get_classes():
        path = current_class.get_name()[1:-1]
        dir_name = APK_ROOT + "/analytics/" + f_md5 + "/src/" + os.path.dirname(path) + "/"
        src_name = dir_name + os.path.basename(path) + ".java"
        # create dir
        mkdir_p(dir_name)
        with open(src_name, "ab") as f:
            f.write("{} class {}".format(current_class.get_access_flags_string(), path.replace('/', '.')))
            if current_class.get_superclassname() is None or current_class.get_superclassname() == "":
                f.write(" extends {}".format(current_class.get_superclassname()))
            f.write(" {\n")
            f.write("// class fields \n")
            for field in current_class.get_fields():
                classname = field.get_class_name()[1:-1].replace('/', '.')
                f.write(field.get_access_flags_string() + " " + field.get_descriptor() + " " + classname + "." + field.get_name() + "\n")
                f.write("{} {} {}.{}\n".format(field.get_access_flags_string(), field.get_descriptor(), classname, field.get_name()))
            # dump source code
            f.write("// class methods \n")
            for method in current_class.get_methods():
                if method.get_code() == None:
                    continue
                classname = method.get_class_name()[1:-1].replace('/', '.')
                f.write("// {} {}.{}{}\n".format(method.get_access_flags_string(), classname, method.get_name(), method.get_descriptor()))
                f.write(decompileMethod(dx, method))
            f.write("}\n")
    return getAPKInformationJson(a, d)
def load(apk_name):
    # check apk file exist
    if not os.path.exists(apk_name):
        print ERROR_MSG_PREFIX + "APK not found: {}".format(apk_name)
        sys.exit(-1)

    print OK_MSG_PREFIX + "Load APK: {}".format(apk_name)

    a, d, dx = dm4.read_apk(apk_name)
#     a, d, dx = AnalyzeAPK(apk_name)
    # a: androguard.core.bytecodes.apk.APK
    # d: androguard.core.bytecodes.dvm.DalvikVMFormat
    # dx: androguard.core.analysis.analysis.uVMAnalysis

    cm = d.get_class_manager()
    dm4.a, dm4.d, dm4.dx, dm4.cm = a, d, dx, cm

    return a, d, dx, cm
Example #4
0
import dm4

# default value is 1000
sys.setrecursionlimit(100000)
apk_session_dir = "session/" 
ERROR_MSG_PREFIX = "\033[1;31m[!]\033[m "
OK_MSG_PREFIX = "\033[1;32m[+]\033[m "
WARN_MSG_PREFIX = "\033[1;33m[*]\033[m "

if __name__ == "__main__" :
    print OK_MSG_PREFIX + "Start to get malicious actions..."
    apk_name = "apk/com.texty.sms-1.apk"
#    apk_name = "apk/com.facebook.katana.apk"
#    apk_name = "apk/com.facebook.orca.apk"

    a, d, dx = dm4.read_apk(apk_name)
    # a: androguard.core.bytecodes.apk.APK
    # d: androguard.core.bytecodes.dvm.DalvikVMFormat
    # dx: androguard.core.analysis.analysis.uVMAnalysis

    cm = d.get_class_manager()
    dm4.a, dm4.d, dm4.dx, dm4.cm = a, d, dx, cm

    class_hierarchy = dm4.construct_class_hierarchy()
    dm4.class_hierarchy = class_hierarchy

    intent_service_link = None
    dm4.intent_service_link = None

    intent_service_link = dm4.link()
    dm4.intent_service_link = intent_service_link
import dm4

# default value is 1000
sys.setrecursionlimit(100000)
apk_session_dir = "session/" 
ERROR_MSG_PREFIX = "\033[1;31m[!]\033[m "
OK_MSG_PREFIX = "\033[1;32m[+]\033[m "
WARN_MSG_PREFIX = "\033[1;33m[*]\033[m "


if __name__ == "__main__" :
    print OK_MSG_PREFIX + "Start to get malicious actions..."
    apk_name = "/Users/atdog/Desktop/com.texty.sms-1.apk"
#     apk_name = "/Users/atdog/Desktop/eva_3/jp.naver.line.android.apk"

    a, d, dx = dm4.read_apk(apk_name)
    # a: androguard.core.bytecodes.apk.APK
    # d: androguard.core.bytecodes.dvm.DalvikVMFormat
    # dx: androguard.core.analysis.analysis.uVMAnalysis

    cm = d.get_class_manager()
    dm4.a, dm4.d, dm4.dx, dm4.cm = a, d, dx, cm

    class_hierarchy = dm4.construct_class_hierarchy()
    dm4.class_hierarchy = class_hierarchy

    intent_service_link = None
    dm4.intent_service_link = None

    intent_service_link = dm4.service_link()
    dm4.broadcast_link()