def extractPermissions(apkFilename): try: a = AXMLPrinter(readManifest(apkFilename)) xml = a.get_xml_obj() permElements = xml.findall("uses-permission") perms = [] for perm in permElements: permstr = perm.get(PERM_NAME_ATTRIB_KEY) perms.append(permstr) return perms except: return []
def extractMetadata(self): # Get the compiler version manifest = self.readContent('META-INF/MANIFEST.MF') packer = re.findall(r'Created-By:\s+(.+)', manifest) if (len(packer) > 0): self.results['result']['metadata']['packer'] = packer[0].strip() # Get manifest data manifestBinary = self.readContent('AndroidManifest.xml', binaryMode=True) aPrinter = AXMLPrinter(manifestBinary) lxmlObject = aPrinter.get_xml_obj() for data in [ ['package', 'package'], ['compile-sdk-version', 'android:compileSdkVersion'], [ 'compile-sdk-version-codename', 'android:compileSdkVersionCodename' ], ['platform-build-version-code', 'platformBuildVersionCode'], ['platform-build-version-name', 'platformBuildVersionName'] ]: self.results['result']['metadata'][data[0]] = str( lxmlObject.get(data[1])) # Get data from compile certificate # It is difficult to obtain separately the properties of type text # in androguard. for certFilename in self.zipFiles: if (re.match(r'META-INF\/[a-zA-Z0-9\-_\.]+?\.RSA', certFilename)): certBinary = self.readContent(certFilename, binaryMode=True) pkcs7 = OpenSSL.crypto.load_pkcs7_data( OpenSSL.crypto.FILETYPE_ASN1, certBinary) cert = self.get_certificates(pkcs7)[0] issuer = cert.get_issuer() self.results['result']['metadata']['app-name'] = str( issuer.commonName) self.results['result']['metadata']['author'] = str( issuer.organizationName) break
def extractPermissionSample(apkFilename, features): #print(apkFilename) a = AXMLPrinter(readManifest(apkFilename)) xml = a.get_xml_obj() permElements = xml.findall("uses-permission") perms = [] for perm in permElements: permstr = perm.get(PERM_NAME_ATTRIB_KEY) perms.append(permstr) perms = cleanPermissions(perms) out_features = [] index = 0 for permission in features: if permission in perms: # could be slow out_features.append(1) #print(permission) else: out_features.append(0) index += 1 return out_features
def parse_manifest(self, manifest_file, resource_file): information = [] apk_info = defaultdict(list) print "Parsing Resource XML" if resource_file is not None: self.resource_parser = arcParser = ARSCParser(resource_file) for p in arcParser.get_packages_names(): apk_info['packages'].append(p) for locale in arcParser.get_locales(p): for t in arcParser.get_types(p, locale): for x in arcParser.values[p][locale][t]: try: if t == "public": (type, value, id) = x if isinstance(value, unicode): value = unidecode(value) information.append( self.createData("main", "RESOURCE", RESOURCE_VALUE=value, RESOURCE_LOCALE=locale, RESOURCE_PACKAGE=p, RESOURCE_TYPE=t, RESOURCE_TYPE2=type, RESOURCE_ID=id)) elif len(x) == 2: (key, value) = x if isinstance(value, unicode): value = unidecode(value) information.append( self.createData("main", "RESOURCE", RESOURCE_VALUE=value, RESOURCE_LOCALE=locale, RESOURCE_PACKAGE=p, RESOURCE_TYPE=t, RESOURCE_KEY=key)) else: value = x[0] if isinstance(value, unicode): value = unidecode(value) information.append( self.createData("main", "RESOURCE", RESOURCE_VALUE=value, RESOURCE_LOCALE=locale, RESOURCE_PACKAGE=p, RESOURCE_TYPE=t)) except Exception as e: print x print e print "Parsing Manifest XML" xmlPrinter = AXMLPrinter(manifest_file) root = xmlPrinter.get_xml_obj() # Get Permissions for e in root.findall('uses-permission'): attributes = self.extract_all_attributes(e) information.append( self.createData( "main", "PERMISSION", **{ 'PERMISSION_' + k.upper(): v for k, v in attributes.items() })) for e in root.findall('uses-permission-sdk-23'): attributes = self.extract_all_attributes(e) information.append( self.createData( "main", "PERMISSION", **{ 'PERMISSION_' + k.upper(): v for k, v in attributes.items() })) for e in root.findall('uses-feature'): attributes = self.extract_all_attributes(e) information.append( self.createData( "main", "FEATURES", **{ 'FEATURES_' + k.upper(): v for k, v in attributes.items() })) app = root.find('application') attributes = self.extract_all_attributes(app) information.append( self.createData( "main", "APP", **{'APP_' + k.upper(): v for k, v in attributes.items()})) if app is not None: for e in app.findall('.//meta-data'): attributes = self.extract_all_attributes(e) information.append( self.createData( "main", "META", **{ 'META_' + k.upper(): v for k, v in attributes.items() })) # for e in app.findall('uses-library'): # attributes = self.extract_all_attributes(e) # information.append(self.createData("main", "APK-USES-LIB" ,**attributes)) for tagtype in ['activity', 'receiver', 'service']: for e in app.findall(tagtype): attributes = self.extract_all_attributes(e) information.append( self.createData( "main", tagtype.upper(), **{ tagtype.upper() + '_' + k.upper(): v for k, v in attributes.items() })) for intent in e.findall('intent-filter'): intentions = defaultdict(list) for e2 in intent.getchildren(): # print e2.tag attributes = self.extract_all_attributes( e2, prefix=e2.tag + ".") for k, v in attributes.iteritems(): intentions[tagtype.upper() + "_" + k].append(v) information.append( self.createData("main", tagtype.upper(), **intentions)) return information