def main(args): includes = args.includes # Debug mode logs.DEBUG = args.d # logs.DEBUG = DEBUG smali_dir = None if logs.DEBUG: smali_dir = os.path.join(os.path.abspath(os.curdir), 'smali') else: smali_dir = tempfile.mkdtemp() output_dex = None if args.o: output_dex = args.o dex_file = None # smali dir if os.path.isdir(args.f): if args.f.endswith('\\') or args.f.endswith('/'): smali_dir = args.f[:-1] else: smali_dir = args.f dex_file = smali(smali_dir, os.path.basename(smali_dir) + '.dex') dexsim_dex(dex_file, smali_dir, includes, output_dex) elif Magic(args.f).get_type() == 'apk': apk_path = args.f if logs.DEBUG: tempdir = os.path.join(os.path.abspath(os.curdir), 'tmp_dir') if not os.path.exists(tempdir): os.mkdir(tempdir) else: tempdir = tempfile.mkdtemp() ptn = re.compile(r'classes\d*.dex') zipFile = zipfile.ZipFile(apk_path) for item in zipFile.namelist(): if ptn.match(item): output_path = zipFile.extract(item, tempdir) baksmali(output_path, smali_dir) zipFile.close() dex_file = os.path.join(tempdir, 'new.dex') # smali(smali_dir, dex_file) dexsim_dex(args.f, smali_dir, includes, output_dex) if not logs.DEBUG: shutil.rmtree(tempdir) elif Magic(args.f).get_type() == 'dex': dex_file = os.path.basename(args.f) baksmali(dex_file, smali_dir) dexsim_dex(dex_file, smali_dir, includes, output_dex) else: print("Please give smali_dir/dex/apk.")
def main(args): if os.path.isfile(args.file): if args.T: t = Magic(args.file).get_type() if t != 'apk': return trees = APK(args.file).get_trees() nodes = trees.get(args.T, []) for node in nodes: APK.pretty_print(node) else: return if not os.path.isdir(args.file): return apks = [] for root, _, files in os.walk(args.file): for f in files: path = os.path.join(root, f) t = Magic(path).get_type() if t != 'apk': continue apks.append(APK(path)) if not apks: return ai = APK_Intersection(apks) if args.m: ai.intersect_manifest() if args.s: ai.intersect_dex_string() # TODO 相同的字符串太多了,反编译删除干扰的数据 if args.t: ai.intersect_dex_tree() if args.p: ai.intersect_apis() if args.r: ai.intersect_resources()
def odex_to_dex(args): if not os.path.exists(args.file): print(args.file, 'is not exists.') elif os.path.isfile(args.file): file_type = Magic(args.file).get_type() if file_type == 'odex': odex2dex(args.file, args.o) else: print(file_type, 'unsupport') else: print('unsupported, please give a odex file.')
def _init_dex_files(self): self.dex_files = [] try: with apkfile.ZipFile(self.apk_path, 'r') as z: for name in z.namelist(): data = z.read(name) if name.startswith('classes') and name.endswith('.dex') \ and Magic(data).get_type() == 'dex': dex_file = DexFile(data) self.dex_files.append(dex_file) except Exception as ex: raise ex
def scan(file_path, rules, timeout): file_type = Magic(file_path).get_type() try: if 'apk' == file_type: scan_apk(file_path, rules, timeout) else: match_dict = do_yara(file_path, rules, timeout) if len(match_dict) > 0: print_matches(file_path, match_dict) except yara.Error as e: print(e)
def main(args): if args.debug: set_value("DEBUG_MODE", args.debug) if args.pname: set_value("PLUGIN_NAME", args.pname) includes = args.includes output_dex = None if args.o: output_dex = args.o if args.s: if os.path.isdir(args.s): dexsim_apk(args.f, args.s, includes, output_dex) return smali_dir = None if get_value('DEBUG_MODE'): smali_dir = os.path.join(os.path.abspath(os.curdir), 'zzz') else: smali_dir = tempfile.mkdtemp() dex_file = None if Magic(args.f).get_type() == 'apk': apk_path = args.f if get_value('DEBUG_MODE'): tempdir = os.path.join(os.path.abspath(os.curdir), 'tmp_dir') if not os.path.exists(tempdir): os.mkdir(tempdir) else: tempdir = tempfile.mkdtemp() ptn = re.compile(r'classes\d*.dex') zipFile = zipfile.ZipFile(apk_path) for item in zipFile.namelist(): if ptn.match(item): output_path = zipFile.extract(item, tempdir) baksmali(output_path, smali_dir) zipFile.close() dex_file = os.path.join(tempdir, 'new.dex') smali(smali_dir, dex_file) dexsim_apk(args.f, smali_dir, includes, output_dex) if not get_value('DEBUG_MODE'): shutil.rmtree(tempdir) else: print("Please give A apk.")
def _init_certs(self): try: with apkfile.ZipFile(self.apk_path, mode="r") as zf: for name in zf.namelist(): if 'META-INF' in name: data = zf.read(name) mine = Magic(data).get_type() if mine != 'txt': from apkutils.cert import Certificate cert = Certificate(data) self.certs = cert.get() except Exception as e: raise e
def _init_certs(self, digestalgo): try: with apkfile.ZipFile(self.apk_path, mode="r") as zf: for name in zf.namelist(): if name.startswith('META-INF/') and name.endswith( ('.DSA', '.RSA')): data = zf.read(name) mine = Magic(data).get_type() if mine != 'txt': from apkutils.cert import Certificate cert = Certificate(data, digestalgo=digestalgo) self.certs[digestalgo] = cert.get() except Exception as e: raise e
def run(self, input_path, output_path, include_str): if os.path.isdir(input_path): return self.sim_dir(input_path, output_path, include_str) file_type = Magic(input_path).get_type() print('File type: %s' % file_type) if file_type == 'apk': return self.sim_apk(input_path, output_path, include_str) elif file_type == 'dex': return self.sim_dex(input_path, output_path, include_str) print("Please give smali_dir/dex/apk.") return -1
def disassembles(args): if not os.path.exists(args.file): print(args.file, 'is not exists.') elif os.path.isfile(args.file): file_type = Magic(args.file).get_type() if file_type in ['dex', 'apk']: baksmali('d', args.file, output=args.o) elif file_type == 'odex': if args.p: baksmali('x', args.file, args.p, args.o) else: baksmali('x', args.file, droidbox_framework, args.o) else: print(file_type, 'unsupport') else: print('unsupported, please give a dex/odex/oat file.')
def main(args): include_str = args.i print() smali_tempdir = tempfile.mkdtemp() output_dex = None if args.o: output_dex = args.o if os.path.isdir(args.f): if args.f.endswith('\\') or args.f.endswith('/'): smali_dir = args.f[:-1] else: smali_dir = args.f dex_file = smali(smali_dir, os.path.basename(smali_dir) + '.dex') dexsim_dex(dex_file, smali_dir, include_str, output_dex) elif Magic(args.f).get_type() == 'apk': apk_path = args.f # 反编译所有的classes\d.dex文件 tempdir = tempfile.mkdtemp() smali_tempdir = tempfile.mkdtemp() import re ptn = re.compile(r'classes\d*.dex') import zipfile zipFile = zipfile.ZipFile(apk_path) for item in zipFile.namelist(): if ptn.match(item): output_path = zipFile.extract(item, tempdir) baksmali(output_path, smali_tempdir) zipFile.close() # 回编译为临时的dex文件 target_dex = os.path.join(tempdir, 'new.dex') smali(smali_tempdir, target_dex) dexsim_dex(target_dex, smali_tempdir, include_str, output_dex) shutil.rmtree(tempdir) else: dex_file = os.path.basename(args.f) baksmali(dex_file, smali_tempdir) dexsim_dex(dex_file, smali_tempdir, include_str, output_dex)
def get_elf_files(apk_path): files = list() if zipfile.is_zipfile(apk_path): try: with zipfile.ZipFile(apk_path, mode="r") as zf: for name in zf.namelist(): try: data = zf.read(name) mime = Magic(data).get_type() if mime == 'elf': elf_data = io.BytesIO(data) elf_file = ELFFile(elf_data) files.append((name, elf_data, elf_file)) except Exception as ex: continue except Exception as ex: raise ex return files
def _init_children(self): self.children = [] try: with apkfile.ZipFile(self.apk_path, mode="r") as zf: for name in zf.namelist(): try: data = zf.read(name) mine = Magic(data).get_type() info = zf.getinfo(name) except Exception as ex: print(name, ex) continue item = {} item["name"] = name item["type"] = mine item["time"] = "%d%02d%02d%02d%02d%02d" % info.date_time crc = str(hex(info.CRC)).upper()[2:] crc = '0' * (8 - len(crc)) + crc item["crc"] = crc # item["sha1"] = "" self.children.append(item) except Exception as e: raise e
def test_dex(self): m = Magic(FILES_PATH + 'test.dex') self.assertEqual(m.get_type(), 'dex')
def test_axml(self): m = Magic(FILES_PATH + 'test.axml') self.assertEqual(m.get_type(), 'axml')
def __init__(self, file_path): if Magic(file_path).get_type() != 'elf': return self.elf_data = open(file_path, 'rb') self.elf_file = ELFFile(self.elf_data)
def test_arsc(self): m = Magic(FILES_PATH + 'test.arsc') self.assertEqual(m.get_type(), 'arsc')
def test_elf(self): m = Magic(FILES_PATH + 'test.so') self.assertEqual(m.get_type(), 'elf')
def test_png(self): m = Magic(FILES_PATH + 'test.png') self.assertEqual(m.get_type(), 'png')
def test_apk(self): m = Magic(FILES_PATH + 'test.apk') self.assertEqual(m.get_type(), 'apk')
def istext(self, data): m = Magic(FILES_PATH + 'test.txt') self.assertEqual(m.get_type(), 'txt')
def test_zip(self): m = Magic(FILES_PATH + 'test.zip') self.assertEqual(m.get_type(), 'zip')
def main(args): print(Magic(args.p).get_type())