コード例 #1
0
 def loadAPK(self, flag):
     sess = misc.get_default_session()
     if flag == True:
         sess = session.Load("androguard_session.ag")
         a, d, dx = misc.AnalyzeAPK(self.apk_path, session=sess)
         self.a = a
         self.d = d
         self.dx = dx
         return
     a, d, dx = misc.AnalyzeAPK(self.apk_path, session=sess)
     self.a = a
     self.d = d
     self.dx = dx
コード例 #2
0
def decompile_apk(filepath):
    '''
    decompiles an apk and outputs a gml file of the graph. Will write to disk.

    filepath --> path to the APK file
    session_n --> session filename, extension is '.ag'


    '''
    current_dir = os.getcwd()
    target_dir = "/teams/DSC180A_FA20_A00/a04malware/personal-group03/benign_graphs"
    if not os.path.exists(target_dir):
        os.makedirs(target_dir)

    # build fp
    path, app = os.path.split(filepath)
    app = app.replace(".apk", "")

    final_path = os.path.join(target_dir, (app + ".gml.bz2"))

    a, d, dx = misc.AnalyzeAPK(filepath)
    networkx_graph = dx.get_call_graph()

    mapping = {}
    for node_id, node_data in networkx_graph.nodes(data=True):
        mapping[node_id] = str(node_id.get_method().full_name)
        node_data['feature'] = features_encoder(node_data)
        node_data['type'] = features_encoder2(node_data)

    G = nx.relabel_nodes(networkx_graph, mapping)
    nx.write_gml(G, final_path)

    return app
コード例 #3
0
def get_character(the_dict, the_list, path, isbenign):
    array = None
    try:
        _, _, dx = misc.AnalyzeAPK(path)
        array = np.zeros(len(the_list) + 1, dtype=bool)
        array[0] = isbenign
        for mess, perms in dx.get_permissions(25):
            mess_name = mess.class_name + mess.name
            if mess_name in the_dict.keys():
                array[the_dict[mess_name] + 1] = True
            for perm in perms:
                if perm in the_dict.keys():
                    array[the_dict[perm] + 1] = True
    except BaseException as e:
        print(e)
    return array
コード例 #4
0
def result(request):
    if request.method == 'POST':
        form = uploadForm(request.POST, request.FILES)

        if form.is_valid():
            file_input = request.FILES['file_input']
            fs = FileSystemStorage()
            file = fs.save('test.apk', file_input)

            # Extract APK File
            listOfInputApkPermission = [['File Name', 'Permission']]
            a, d, dx = misc.AnalyzeAPK(fs.path(file))
            app_name = a.get_app_name()
            input_apk_permission = a.get_permissions()
            listOfInputApkPermission.append(
                (a.get_app_name(), ','.join(input_apk_permission)))
            headers = listOfInputApkPermission.pop(0)
            df = pd.DataFrame(listOfInputApkPermission, columns=headers)

            # Get and Check Permission
            data_test_detected = getTrainAndTestDataset(df)
            permission = df['Permission']

            # Prepare Data for test
            data_test_detected = data_test_detected.astype('float32')
            data_test_detected = np.array(data_test_detected)
            data_test_detected = data_test_detected.reshape(
                data_test_detected.shape[0], 13, 13, 1)

            # Test Data
            load_model = keras.models.load_model(fs.path('model_TA_03.h5'))
            result = load_model.predict_classes(data_test_detected)
            if result == 0:
                status = "Kurang Berbahaya"
            elif result == 1:
                status = "Berbahaya"
            else:
                status = "Tidak Berbahaya"

            fs.delete(file)
            return render(request, 'result.html', {
                'app_name': app_name,
                'status': status,
                'permission': permission,
            })

    return render(request, 'result.html')
コード例 #5
0
def data_preprocess(input_apk):
    # Insert APK
    from androguard import misc
    a, d, dx = misc.AnalyzeAPK(input_apk)
    input_apk_permission = a.get_permissions()
    input_apk_permission = pd.DataFrame(input_apk_permission)
    input_apk_permission.columns = ['Name']

    # Connection to database
    connection = sqlite3.connect("AndrosecData.sqlite")

    # Importing the dataset
    permission_table = pd.read_sql_query("""
                                         SELECT * FROM Permission;
                                         """, connection)
    permission_table_manifest = pd.read_sql_query("""
                                         SELECT * FROM Android_Manifest_Permission;
                                         """, connection)
    join_1 = pd.read_sql_query(""" SELECT Version.versionID, fuzzy_risk
                                FROM Version
                                INNER JOIN Vulnerability
                                ON Version.versionID = Vulnerability.versionID
                                ; """, connection)
    join_2 = pd.read_sql_query(""" SELECT UnderPermission.VersionID, Permission.PermissionID
                               FROM Permission
                               JOIN UnderPermission
                               ON UnderPermission.permissionID = Permission.PermissionID
                                ; """, connection)

    join_3 = pd.read_sql_query(""" SELECT OverPermission.VersionID, Permission.PermissionID
                               FROM Permission
                               JOIN OverPermission
                               ON OverPermission.permissionID = Permission.PermissionID
                                ; """, connection)

    connection.close()

    # Input Data Preprocessing
    data_input = pd.merge(permission_table, input_apk_permission, left_on='name', right_on='Name', how='inner')
    data_input = pd.merge(permission_table_manifest, input_apk_permission, left_on='Permission', right_on='Name',
                          how='inner')
    data_input = data_input.drop('Name', axis=1)
    data_input['VersionID'] = np.nan
    data_input = data_input.pivot(index='VersionID', columns='Permission')

    return permission_table, permission_table_manifest, join_1, join_2, join_3, input_apk_permission, data_input
コード例 #6
0
def r2ProjectName(projectName, sessionName, fileName, sess): 
    project = Path(os.environ['HOME'] + "/.local/share/radare2/projects/" + projectName)
    sessionFile = str(project) +"/" + sessionName
    sessionFile = Path(sessionFile)

    if project.is_dir():
        print("Project exists! -- " + str(project) + "\n")
        if sessionFile.is_file():
            print("Loading session file at " + str(sessionFile) + ", please wait... \n")
            sess = session.Load(str(sessionFile))
            return sess
        else:
                print("No session file found, creating one! Please wait...")
                apk, d, dx = misc.AnalyzeAPK(fileName.decode('utf-8'), session=sess)
                session.Save(sess, str(sessionFile))
                print("Session file created at : " + str(sessionFile) + "\n")

                return sess        
    else:
        print("Radare2 Project does not exist, please save a Radare2 project first")
        exit()
コード例 #7
0
application_package_analyze = [
    "com.gamecircus.PrizeClaw", "air.com.generamobile.colormaniaguess"
]

if __name__ == "__main__":

    #calculate average target sdk
    #-------------------------------------------
    total_target_sdk_counter = 0

    for root, dirs, files in os.walk(APK_FOLDER_PATH):
        for f in files:
            if f.endswith(".apk"):
                path = APK_FOLDER_PATH + "/" + f
                print path
                a, d, dx = misc.AnalyzeAPK(path)
                target_sdk = a.get_effective_target_sdk_version()
                if target_sdk != None:
                    total_target_sdk_counter += target_sdk
                    print total_target_sdk_counter

    print "average target sdk:" + total_target_sdk_counter / 50

    #-------------------------------------------

    # for application in application_package_analyze:
    # 	print application
    # 	headers = {'Apptweak-Key': ''}

    # 	req = requests.get(TWEAK_URL + application + ".json", headers=headers)
    # 	print req.json()
コード例 #8
0
# encoding: utf-8

from androguard import misc
from androguard import session

sess = misc.get_default_session()

a, d, dx = misc.AnalyzeAPK("")
コード例 #9
0
 def analyze(self):
     a, d, dx = misc.AnalyzeAPK(self.apk_file)
     self.apk = a
     self.dalvik_format = d
     self.analysis = dx
コード例 #10
0
            pair.closers = clears
            pair.field = k
            pairs.append(pair)
        return pairs


def read_pair_file(reference_dx: Analysis,
                   cg_filter: DiGraph = None) -> List[Pair]:
    method_pairs = []
    opener_to_closer = defaultdict(list)
    with open("./parseInterfaces/output/pairs.txt", 'r') as f:
        line = f.readline().strip()
        while line:
            # map classname * opener => [potential_closers...]
            (classname, opener, closer) = line.split(" ## ")
            opener_to_closer[(classname, opener)].append(closer)
            line = f.readline().strip()
        for classname_opener, closers in opener_to_closer.items():
            # create Pair objects for the gathered map of opener to closer_list
            classname, opener = classname_opener
            pair = Pair(opener, closers, classname, reference_dx, cg_filter)
            if pair.openers:
                method_pairs.append(pair)

    return method_pairs


if __name__ == "__main__":
    _, _, dx = misc.AnalyzeAPK("./testApks/app-debug.apk")
    pairs = read_pair_file(dx)
コード例 #11
0
def main(projectName, className, methodName):

    if methodName and (not className):
        print('Must provide class name "-c" in order to decompile specific method "-m"')
        exit()

    #Increase recursion limit to save session file
    sys.setrecursionlimit(100000)
    r2 = r2pipe.open()

    fileName = r2.cmd("i~file[1]")
    fileName = fileName.split("/")[2]
    if fileName.split("."):
        sessionName = fileName.split(".")[0]
        sessionName = sessionName+".session"
        sessionFile = Path(sessionName)

    currentClassMethod = r2.cmd("afi.")

    if "_" in currentClassMethod:
        currentClassMethod = str(currentClassMethod).replace("_", "/")

    currentClass = str(currentClassMethod).split(".")[1]
    print("Current class: " + currentClass)

    currentMethod = str(currentClassMethod).split(".")[3]

    apkMethod = currentMethod.split("/")[0]

    if apkMethod == "method":

        currentMethod = str(currentClassMethod).split(".")[4]
        apkMethod = currentMethod.split("(")[0]

    print("    Current Method: " +  apkMethod + "\n")

    sess = misc.get_default_session()

    #Check if project name is passed
    if projectName != None:
        projectSession = r2ProjectName(projectName, sessionName, fileName, sess)

        if className and methodName:
            decompileMethod(className, methodName, projectSession)
            exit()
        if className:
            decompileClass(className, projectSession)
            exit() 

        dalv = next(projectSession.get_objects_dex())[1]
        dx = next(projectSession.get_objects_dex())[2]
        print("Decompiling method " + apkMethod + " in the class" + currentClass)

        dad = decompiler.DecompilerDAD(dalv, dx)

        classNames = dalv.get_classes_names()
        autoDecompile(dalv, dx, dad, classNames, currentClass, apkMethod)
        exit()

    # Check if session file exists    
    if sessionFile.is_file(): 
            
        print("Loading session file, please wait... \n")
        sess = session.Load(sessionName)

        if className and methodName:
            decompileMethod(className, methodName, sess)
            exit()
        if className:
            decompileClass(className, sess)
            exit() 
        

        dalv = next(sess.get_objects_dex())[1]
        dx = next(sess.get_objects_dex())[2]
        dad = decompiler.DecompilerDAD(dalv, dx)

        classNames = dalv.get_classes_names()
        autoDecompile(dalv,dx,dad,classNames, currentClass, apkMethod)

    # Create sesssion file
    else:
        print("No session file found, creating one! Please wait...")
        fileName = fileName.replace("\\n\\x00","")
        fileName = fileName.split("\'")[0]
        apk, d, dx = misc.AnalyzeAPK(fileName, session=sess)
        session.Save(sess, sessionName)

        print("Session file created: " + sessionName)
        print("    Will load session file for future calls... \n")

        if className and methodName:
            decompileMethod(className, methodName, sess)
            exit()

        if className:
            decompileClass(className, sess)
            exit() 

        dalv = next(sess.get_objects_dex())[1]
        dx = next(sess.get_objects_dex())[2]
        dad = decompiler.DecompilerDAD(dalv, dx)

        classNames = dalv.get_classes_names()
        autoDecompile(dalv,dx,dad,classNames,currentClass, apkMethod)
コード例 #12
0
                                               MethodClassAnalysis)
from androguard.core.androconf import show_logging
from androguard.core.bytecodes.dvm import EncodedMethod
from androguard.decompiler.dad.decompile import DvClass, DvMachine
from networkx import shortest_simple_paths

from callback_list import callback_list as android_callback_list

show_logging(logging.FATAL)

apk_file = sys.argv[1].strip()

print("Decompiling APK...")

start_time = time.time()
apk_obj, dalv_format, dx = misc.AnalyzeAPK(apk_file)

cg = dx.get_call_graph()

print("Getting syntax tree...")
machine = DvMachine(apk_file)


def format_activity_name(name):
    return "L" + name.replace('.', '/') + ";"


def get_method_from_ast(class_ast, name):
    for method in class_ast['methods']:
        if method['triple'][1] == name:
            return method
コード例 #13
0
def main():
    apk_file = sys.argv[1].strip()

    print("Decompiling APK...")
    apk_obj: APK
    dalv_format: List[DalvikVMFormat]
    dx: Analysis
    apk_obj, dalv_format, dx = misc.AnalyzeAPK(apk_file)

    print("Getting syntax tree...")
    machine = DvMachine(apk_file)

    ast = machine.get_ast()

    # get the main activity
    # This is the main activity for the app
    main_act = util.format_activity_name(apk_obj.get_main_activity())
    # class analysis of the main activity class
    main_analysis: ClassAnalysis = dx.get_class_analysis(main_act)
    write_info: util.StaticFieldWriteInfo = util.get_static_fields(
        main_analysis, dx)
    field_pairs: List[
        allocator_util.Pair] = allocator_util.Pair.from_write_info(write_info)

    main_package_pattern = '/'.join(main_act.split('/')[:2]) + '.*'
    print("Creating call graph...")
    cg = dx.get_call_graph()
    cg_filter = dx.get_call_graph(classname=main_package_pattern)

    resource_method_pairs = allocator_util.read_pair_file(dx, cg_filter)

    print("Analyzing callbacks...")

    filtered_methods = [
        x for x in dx.find_methods(classname=main_package_pattern)
    ]
    for mca in filtered_methods:
        util.link_callbacks(mca, dx, ast, cg)

    # Get analyses for exit points.
    on_pause_analysis = util.find_method(main_analysis, "onPause")
    on_pause_method = None
    if on_pause_analysis:
        on_pause_method: EncodedMethod = on_pause_analysis.method

    on_stop_analysis = util.find_method(main_analysis, "onStop")
    on_stop_method = None
    if on_stop_analysis:
        on_stop_method: EncodedMethod = on_stop_analysis.method

    on_destroy_analysis = util.find_method(main_analysis, "onDestroy")
    on_destroy_method = None
    if on_destroy_analysis:
        on_destroy_method: EncodedMethod = on_destroy_analysis.method

    exit_methods = []
    if on_pause_method:
        exit_methods.append(on_pause_method)
    if on_stop_method:
        exit_methods.append(on_stop_method)
    if on_destroy_method:
        exit_methods.append(on_destroy_method)

    pair: allocator_util.Pair
    main_mcas: List[MethodClassAnalysis] = main_analysis.get_methods()
    for pair in resource_method_pairs:
        opener_paths = util.get_opener_paths(cg, main_mcas, pair)
        if opener_paths:
            open_paths, closed_paths = util.process_paths(
                cg, opener_paths, pair, exit_methods)
            if open_paths:
                # print out all the paths that haven't been closed
                for path in open_paths:
                    util.print_allocation_path(path)

    for pair in field_pairs:
        opener_paths = util.get_opener_paths(cg, main_mcas, pair)
        if opener_paths:
            open_paths, closed_paths = util.process_paths(
                cg, opener_paths, pair, exit_methods)
            if closed_paths:
                print("CLOSED PATHS: ")
                for path in closed_paths:
                    util.print_field_set_path(path, pair.field)

            if open_paths:
                print("OPEN PATHS: ")
                # print out all the paths that haven't been closed
                for path in open_paths:
                    util.print_field_set_path(path, pair.field)
コード例 #14
0
ファイル: deckard.py プロジェクト: sepyeight/deckard 
              format(sys.argv[0]))
        sys.exit(1)

    reportpath = Path(sys.path[0]).parent / "reports"

    target = Path(sys.argv[2])
    if not target.exists():
        print("File {0} does not exist".format(target))
        sys.exit(1)

    if sys.argv[1] == "static":
        filebuf = None
        with open(target, "rb") as f:
            filebuf = f.read()

        if filebuf:
            a, d, dx = misc.AnalyzeAPK(filebuf, raw=True)
            hooks = set(static.analyze(a, d, dx))
            save_report(hooks, reportpath, target)
    elif sys.argv[1] == "dynamic":
        lines = dynamic.get_input(sys.argv[0], target)
        hooks = set(dynamic.parse_lines(lines))
        print("{} hooks captured".format(len(hooks)))
        a, d, dx = misc.AnalyzeAPK(target)
        hooks_filtered = set(dynamic.filter(hooks, dx))
        save_report(hooks_filtered, reportpath, target)

    elif sys.argv[1] == "show":
        report = analysis.Report.load(target)
        webui.serve(report)
コード例 #15
0
 def parse_apk(self):
     a, d, dx = misc.AnalyzeAPK(self.file_data, raw=True)
     return a,d,dx