def dex_2_smali(app_dir, tools_dir): """Run dex2smali.""" try: logger.info('DEX -> SMALI') dexes = get_dex_files(app_dir) for dex_path in dexes: logger.info('Converting %s to Smali Code', filename_from_path(dex_path)) if (len(settings.BACKSMALI_BINARY) > 0 and is_file_exists(settings.BACKSMALI_BINARY)): bs_path = settings.BACKSMALI_BINARY else: bs_path = os.path.join(tools_dir, 'baksmali-2.5.2.jar') output = os.path.join(app_dir, 'smali_source/') smali = [ find_java_binary(), '-jar', bs_path, 'd', dex_path, '-o', output, ] trd = threading.Thread(target=subprocess.call, args=(smali, )) trd.daemon = True trd.start() except Exception: logger.exception('Converting DEX to SMALI')
def code_analysis(app_dir, typ, manifest_file): """Perform the code analysis.""" try: logger.info('Code Analysis Started') root = Path(settings.BASE_DIR) / 'StaticAnalyzer' / 'views' code_rules = root / 'android' / 'rules' / 'android_rules.yaml' api_rules = root / 'android' / 'rules' / 'android_apis.yaml' niap_rules = root / 'android' / 'rules' / 'android_niap.yaml' code_findings = {} api_findings = {} email_n_file = [] url_n_file = [] url_list = [] app_dir = Path(app_dir) if typ == 'apk': src = app_dir / 'java_source' elif typ == 'studio': src = app_dir / 'app' / 'src' / 'main' / 'java' kt = app_dir / 'app' / 'src' / 'main' / 'kotlin' if not src.exists() and kt.exists(): src = kt elif typ == 'eclipse': src = app_dir / 'src' src = src.as_posix() + '/' skp = settings.SKIP_CLASS_PATH logger.info('Code Analysis Started on - %s', filename_from_path(src)) # Code and API Analysis code_findings = scan(code_rules.as_posix(), {'.java', '.kt'}, [src], skp) api_findings = scan(api_rules.as_posix(), {'.java', '.kt'}, [src], skp) # NIAP Scan logger.info('Running NIAP Analyzer') niap_findings = niap_scan(niap_rules.as_posix(), {'.java', '.xml'}, [src], manifest_file, None) # Extract URLs and Emails for pfile in Path(src).rglob('*'): if ((pfile.suffix in ('.java', '.kt') and any(skip_path in pfile.as_posix() for skip_path in skp) is False)): content = None try: content = pfile.read_text('utf-8', 'ignore') # Certain file path cannot be read in windows except Exception: continue relative_java_path = pfile.as_posix().replace(src, '') urls, urls_nf, emails_nf = url_n_email_extract( content, relative_java_path) url_list.extend(urls) url_n_file.extend(urls_nf) email_n_file.extend(emails_nf) logger.info('Finished Code Analysis, Email and URL Extraction') code_an_dic = { 'api': api_findings, 'findings': code_findings, 'niap': niap_findings, 'urls_list': url_list, 'urls': url_n_file, 'emails': email_n_file, } return code_an_dic except Exception: logger.exception('Performing Code Analysis')