def main(options, arguments) :
details = False
if options.display != None :
details = True
if options.input != None :
ret_type = androconf.is_android( options.input[0] )
if ret_type == "APK" :
a = apk.APK( options.input[0] )
d1 = dvm.DalvikVMFormat( a.get_dex() )
elif ret_type == "DEX" :
d1 = dvm.DalvikVMFormat( open(options.input[0], "rb").read() )
dx1 = analysis.VMAnalysis( d1 )
ret_type = androconf.is_android( options.input[1] )
if ret_type == "APK" :
a = apk.APK( options.input[1] )
d2 = dvm.DalvikVMFormat( a.get_dex() )
elif ret_type == "DEX" :
d2 = dvm.DalvikVMFormat( open(options.input[1], "rb").read() )
dx2 = analysis.VMAnalysis( d2 )
print d1, dx1, d2, dx2
sys.stdout.flush()
threshold = None
if options.threshold != None :
threshold = float(options.threshold)
FS = FILTERS_DALVIK_SIM
FS[elsim.FILTER_SKIPPED_METH].set_regexp( options.exclude )
FS[elsim.FILTER_SKIPPED_METH].set_size( options.size )
el = elsim.Elsim( ProxyDalvik(d1, dx1), ProxyDalvik(d2, dx2), FS, threshold, options.compressor )
el.show()
e1 = elsim.split_elements( el, el.get_similar_elements() )
for i in e1 :
j = e1[ i ]
elb = elsim.Elsim( ProxyDalvikMethod(i), ProxyDalvikMethod(j), FILTERS_DALVIK_BB, threshold, options.compressor )
#elb.show()
eld = elsim.Eldiff( ProxyDalvikBasicBlock(elb), FILTERS_DALVIK_DIFF_BB )
#eld.show()
ddm = DiffDalvikMethod( i, j, elb, eld )
ddm.show()
print "NEW METHODS"
enew = el.get_new_elements()
for i in enew :
el.show_element( i, False )
print "DELETED METHODS"
edel = el.get_deleted_elements()
for i in edel :
el.show_element( i )
elif options.version != None :
print "Androdiff version %s" % androconf.ANDROGUARD_VERSION
def check_one_file(a,
d1,
dx1,
FS,
threshold,
file_input,
file0_input,
view_strings=False,
new=True,
library=True):
apk1_v = get_version(file0_input)
apk2_v = get_version(file_input)
path1, file = os.path.split(file0_input)
file1_name = file[:-4]
path2, file = os.path.split(file_input)
file2_name = file[:-4]
print file1_name
print file2_name
fldrs1 = path1.split('/', -1)
fldrs2 = path2.split('/', -1)
fldr_name1 = fldrs1[-1]
fldr_name2 = fldrs2[-1]
print fldr_name1
print fldr_name2
d2 = None
ret_type = androconf.is_android(file_input)
if ret_type == "APK":
a = apk.APK(file_input)
d2 = dvm.DalvikVMFormat(a.get_dex())
elif ret_type == "DEX":
d2 = dvm.DalvikVMFormat(open(file_input, "rb").read())
if d2 == None:
return
dx2 = analysis.VMAnalysis(d2)
el = elsim.Elsim(ProxyDalvik(d1, dx1),
ProxyDalvik(d2, dx2),
FS,
threshold,
options.compressor,
libnative=library)
#el.show()
#print "\t--> methods: %f%% of similarities" % el.get_similarity_value(new)
el.print_final_rslt("%s_%s" % (fldr_name1[:12], file1_name),
"%s_%s" % (fldr_name2[:12], file2_name), apk1_v,
apk2_v)
gc.collect()
if options.display:
print "SIMILAR methods:"
diff_methods = el.get_similar_elements()
for i in diff_methods:
el.show_element(i)
print "IDENTICAL methods:"
new_methods = el.get_identical_elements()
for i in new_methods:
el.show_element(i)
print "NEW methods:"
new_methods = el.get_new_elements()
for i in new_methods:
el.show_element(i, False)
print "DELETED methods:"
del_methods = el.get_deleted_elements()
for i in del_methods:
el.show_element(i)
print "SKIPPED methods:"
skipped_methods = el.get_skipped_elements()
for i in skipped_methods:
el.show_element(i)
if view_strings:
els = elsim.Elsim(ProxyDalvikStringMultiple(d1, dx1),
ProxyDalvikStringMultiple(d2, dx2),
FILTERS_DALVIK_SIM_STRING,
threshold,
options.compressor,
libnative=library)
#els = elsim.Elsim( ProxyDalvikStringOne(d1, dx1),
# ProxyDalvikStringOne(d2, dx2), FILTERS_DALVIK_SIM_STRING, threshold, options.compressor, libnative=library )
els.show()
print "\t--> strings: %f%% of similarities" % els.get_similarity_value(
new)
if options.display:
print "SIMILAR strings:"
diff_strings = els.get_similar_elements()
for i in diff_strings:
els.show_element(i)
print "IDENTICAL strings:"
new_strings = els.get_identical_elements()
for i in new_strings:
els.show_element(i)
print "NEW strings:"
new_strings = els.get_new_elements()
for i in new_strings:
els.show_element(i, False)
print "DELETED strings:"
del_strings = els.get_deleted_elements()
for i in del_strings:
els.show_element(i)
print "SKIPPED strings:"
skipped_strings = els.get_skipped_elements()
for i in skipped_strings:
els.show_element(i)
def check_one_file(a,
d1,
dx1,
FS,
threshold,
file_input,
view_strings=False,
new=True,
library=True):
d2 = None
ret_type = androconf.is_android(file_input)
if ret_type == "APK":
a = apk.APK(file_input)
d2 = dvm.DalvikVMFormat(a.get_dex())
elif ret_type == "DEX":
d2 = dvm.DalvikVMFormat(read(file_input))
if d2 == None:
return
dx2 = analysis.VMAnalysis(d2)
el = elsim.Elsim(ProxyDalvik(d1, dx1),
ProxyDalvik(d2, dx2),
FS,
threshold,
options.compressor,
libnative=library)
el.show()
print "\t--> methods: %f%% of similarities" % el.get_similarity_value(new)
if options.display:
print "SIMILAR methods:"
diff_methods = el.get_similar_elements()
for i in diff_methods:
el.show_element(i)
print "IDENTICAL methods:"
new_methods = el.get_identical_elements()
for i in new_methods:
el.show_element(i)
print "NEW methods:"
new_methods = el.get_new_elements()
for i in new_methods:
el.show_element(i, False)
print "DELETED methods:"
del_methods = el.get_deleted_elements()
for i in del_methods:
el.show_element(i)
print "SKIPPED methods:"
skipped_methods = el.get_skipped_elements()
for i in skipped_methods:
el.show_element(i)
if view_strings:
els = elsim.Elsim(ProxyDalvikStringMultiple(d1, dx1),
ProxyDalvikStringMultiple(d2, dx2),
FILTERS_DALVIK_SIM_STRING,
threshold,
options.compressor,
libnative=library)
#els = elsim.Elsim( ProxyDalvikStringOne(d1, dx1),
# ProxyDalvikStringOne(d2, dx2), FILTERS_DALVIK_SIM_STRING, threshold, options.compressor, libnative=library )
els.show()
print "\t--> strings: %f%% of similarities" % els.get_similarity_value(
new)
if options.display:
print "SIMILAR strings:"
diff_strings = els.get_similar_elements()
for i in diff_strings:
els.show_element(i)
print "IDENTICAL strings:"
new_strings = els.get_identical_elements()
for i in new_strings:
els.show_element(i)
print "NEW strings:"
new_strings = els.get_new_elements()
for i in new_strings:
els.show_element(i, False)
print "DELETED strings:"
del_strings = els.get_deleted_elements()
for i in del_strings:
els.show_element(i)
print "SKIPPED strings:"
skipped_strings = els.get_skipped_elements()
for i in skipped_strings:
els.show_element(i)
def check_one_file(a, d1, dx1, FS, threshold, file_input, view_strings=False, new=True, library=True):
d2 = None
ret_type = androconf.is_android( file_input )
if ret_type == "APK":
a = apk.APK( file_input )
d2 = dvm.DalvikVMFormat( a.get_dex() )
elif ret_type == "DEX":
d2 = dvm.DalvikVMFormat( read(file_input) )
if d2 == None:
return
dx2 = analysis.VMAnalysis( d2 )
el = elsim.Elsim( ProxyDalvik(d1, dx1), ProxyDalvik(d2, dx2), FS, threshold, options.compressor, libnative=library )
el.show()
print "\t--> methods: %f%% of similarities" % el.get_similarity_value(new)
if options.dump:
print '\nDumping smali code...'
tmp1 = options.input[1].split('/')
jarname = tmp1[len(tmp1)-1]
if not os.path.exists('smali'):
os.makedirs('smali')
os.system('apktool d ' + options.input[1])
if jarname[len(jarname)-4:len(jarname)] == '.apk':
os.system('mv -f ' + jarname[0:len(jarname)-4] + ' smali')
else:
os.system('mv -f ' + jarname + '.out ' + 'smali')
classes = Set([])
diff_methods = el.get_similar_elements()
for i in diff_methods:
x = el.show_similar_class_name( i )
for j in range(0, len(x)):
classes.add(x.pop())
new_methods = el.get_new_elements()
for i in new_methods:
y = el.show_new_class_name( i )
classes.add(y)
if not os.path.exists('codedump'):
os.makedirs('codedump')
os.chdir('codedump')
if os.path.exists(jarname):
os.system('rm -rf ' + jarname)
os.makedirs(jarname)
os.chdir('..')
for i in range(0,len(classes)):
#os.makedirs('codedump/' + jarname)
filepath = classes.pop()
filename = filepath.replace('/','.')
shutil.copy2('smali/' + jarname + '.out/smali/' + filepath, 'codedump/' + jarname + '/' + filename)
os.system('rmdir codedump/' + jarname)
classes1 = Set([])
for i in diff_methods:
x = el.show_similar_method_name( i )
for j in range(0, len(x)):
classes1.add(x.pop())
for i in new_methods:
y = el.show_new_method_name( i )
classes1.add(y)
start = ''
end = '.end method'
if not os.path.exists('methoddump'):
os.makedirs('methoddump')
for i in range(0,len(classes1)):
x1 = classes1.pop()
xx = x1.split(' ', 1)
if not os.path.exists('methoddump/' + jarname):
os.makedirs('methoddump/' + jarname)
with open('codedump/' + jarname + '/' + xx[0]) as infile:
for line in infile:
if xx[1] in line:
start = line.replace('\n','')
break
med = xx[1].split('(', 1)[0]
with open('codedump/' + jarname + '/' + xx[0]) as infile, open('methoddump/' + jarname + '/' + xx[0] + '.' + med + '.method', 'w+') as outfile:
copy = False
outfile.write(start + '\n')
for line1 in infile:
if line1.strip() == start:
copy = True
elif line1.strip() == end:
copy = False
elif copy:
outfile.write(line1)
outfile.write(end)
print 'DUMP SMALI CODE SUCCESSFULLY.'
if options.display:
print "SIMILAR methods:"
diff_methods = el.get_similar_elements()
for i in diff_methods:
el.show_element( i )
print "IDENTICAL methods:"
new_methods = el.get_identical_elements()
for i in new_methods:
el.show_element( i )
print "NEW methods:"
new_methods = el.get_new_elements()
for i in new_methods:
el.show_element( i, False )
print "DELETED methods:"
del_methods = el.get_deleted_elements()
for i in del_methods:
el.show_element( i )
print "SKIPPED methods:"
skipped_methods = el.get_skipped_elements()
for i in skipped_methods:
el.show_element( i )
if view_strings:
els = elsim.Elsim( ProxyDalvikStringMultiple(d1, dx1),
ProxyDalvikStringMultiple(d2, dx2),
FILTERS_DALVIK_SIM_STRING,
threshold,
options.compressor,
libnative=library )
#els = elsim.Elsim( ProxyDalvikStringOne(d1, dx1),
# ProxyDalvikStringOne(d2, dx2), FILTERS_DALVIK_SIM_STRING, threshold, options.compressor, libnative=library )
els.show()
print "\t--> strings: %f%% of similarities" % els.get_similarity_value(new)
if options.display:
print "SIMILAR strings:"
diff_strings = els.get_similar_elements()
for i in diff_strings:
els.show_element( i )
print "IDENTICAL strings:"
new_strings = els.get_identical_elements()
for i in new_strings:
els.show_element( i )
print "NEW strings:"
new_strings = els.get_new_elements()
for i in new_strings:
els.show_element( i, False )
print "DELETED strings:"
del_strings = els.get_deleted_elements()
for i in del_strings:
els.show_element( i )
print "SKIPPED strings:"
skipped_strings = els.get_skipped_elements()
for i in skipped_strings:
els.show_element( i )