def testPermissionLoading(self): """Test if fallbacks for permission lists are working""" from androguard.core.api_specific_resources import load_permissions from androguard.core.androconf import load_api_specific_resource_module, InvalidResourceError, CONF import re root = 'androguard/core/api_specific_resources' levels = filter(lambda x: re.match(r'^permissions_\d+\.json$', x), os.listdir(os.path.join(root, "aosp_permissions"))) levels = list(map(lambda x: int(x[:-5].split('_')[1]), levels)) min_level = min(levels) max_level = max(levels) self.assertGreater(min_level, 0) self.assertGreater(max_level, 0) self.assertNotEqual(load_permissions(min_level), {}) self.assertNotEqual(load_permissions(min_level, 'groups'), {}) self.assertNotEqual(load_permissions(max_level), {}) self.assertNotEqual(load_permissions(max_level, 'groups'), {}) self.assertNotEqual(load_permissions(max_level - 1), {}) self.assertNotEqual(load_permissions(max_level - 1, 'groups'), {}) self.assertNotEqual(load_permissions(min_level + 1), {}) self.assertNotEqual(load_permissions(min_level + 1, 'groups'), {}) self.assertEqual(load_permissions(min_level - 1), load_permissions(min_level)) self.assertEqual(load_permissions(max_level + 1), load_permissions(max_level)) self.assertEqual(load_permissions(0), load_permissions(min_level)) self.assertEqual(load_permissions(1337), load_permissions(max_level)) with self.assertRaises(ValueError): load_permissions(23, 'foobar') with self.assertRaises(InvalidResourceError): load_api_specific_resource_module('blablabla') self.assertEqual( load_permissions(16), load_api_specific_resource_module('aosp_permissions', 16)) self.assertEqual(load_permissions(CONF['DEFAULT_API']), load_api_specific_resource_module('aosp_permissions')) for level in levels: perm = load_permissions(level) self.assertIn('android.permission.INTERNET', perm) self.assertIsInstance(perm, dict) self.assertIsInstance(perm['android.permission.INTERNET'], dict) self.assertIn('description', perm['android.permission.INTERNET']) self.assertIn('label', perm['android.permission.INTERNET']) self.assertIn('protectionLevel', perm['android.permission.INTERNET']) self.assertIn('permissionGroup', perm['android.permission.INTERNET'])
def testPermissionLoading(self): """Test if fallbacks for permission lists are working""" from androguard.core.api_specific_resources import load_permissions from androguard.core.androconf import load_api_specific_resource_module, InvalidResourceError, CONF import re root = 'androguard/core/api_specific_resources' levels = filter(lambda x: re.match(r'^permissions_\d+\.json$', x), os.listdir(os.path.join(root, "aosp_permissions"))) levels = list(map(lambda x: int(x[:-5].split('_')[1]), levels)) min_level = min(levels) max_level = max(levels) self.assertGreater(min_level, 0) self.assertGreater(max_level, 0) self.assertNotEqual(load_permissions(min_level), {}) self.assertNotEqual(load_permissions(min_level, 'groups'), {}) self.assertNotEqual(load_permissions(max_level), {}) self.assertNotEqual(load_permissions(max_level, 'groups'), {}) self.assertNotEqual(load_permissions(max_level - 1), {}) self.assertNotEqual(load_permissions(max_level - 1, 'groups'), {}) self.assertNotEqual(load_permissions(min_level + 1), {}) self.assertNotEqual(load_permissions(min_level + 1, 'groups'), {}) self.assertEqual(load_permissions(min_level - 1), load_permissions(min_level)) self.assertEqual(load_permissions(max_level + 1), load_permissions(max_level)) self.assertEqual(load_permissions(0), load_permissions(min_level)) self.assertEqual(load_permissions(1337), load_permissions(max_level)) with self.assertRaises(ValueError): load_permissions(23, 'foobar') with self.assertRaises(InvalidResourceError): load_api_specific_resource_module('blablabla') self.assertEqual(load_permissions(16), load_api_specific_resource_module('aosp_permissions', 16)) self.assertEqual(load_permissions(CONF['DEFAULT_API']), load_api_specific_resource_module('aosp_permissions')) for level in levels: perm = load_permissions(level) self.assertIn('android.permission.INTERNET', perm) self.assertIsInstance(perm, dict) self.assertIsInstance(perm['android.permission.INTERNET'], dict) self.assertIn('description', perm['android.permission.INTERNET']) self.assertIn('label', perm['android.permission.INTERNET']) self.assertIn('protectionLevel', perm['android.permission.INTERNET']) self.assertIn('permissionGroup', perm['android.permission.INTERNET'])
def _apk_analysis(self): """ Run analysis on the APK file. This method is usually called by __init__ except if skip_analysis is False. It will then parse the AndroidManifest.xml and set all fields in the APK class which can be extracted from the Manifest. """ for i in self.zip.namelist(): if i == "AndroidManifest.xml": self.axml[i] = AXMLPrinter(self.zip.read(i)) self.xml[i] = None raw_xml = self.axml[i].get_buff() if len(raw_xml) == 0: log.warning("AXML parsing failed, file is empty") else: try: if self.axml[i].is_packed(): log.warning("XML Seems to be packed, parsing is very likely to fail.") self.xml[i] = self.axml[i].get_xml_obj() except Exception as e: log.warning("reading AXML as XML failed: " + str(e)) if self.xml[i] is not None: self.package = self.xml[i].get("package") self.androidversion["Code"] = self.xml[i].get( NS_ANDROID + "versionCode") self.androidversion["Name"] = self.xml[i].get( NS_ANDROID + "versionName") for item in self.xml[i].findall('uses-permission'): self.permissions.append(item.get(NS_ANDROID + "name")) # getting details of the declared permissions for d_perm_item in self.xml[i].findall('permission'): d_perm_name = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "name"))) d_perm_label = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "label"))) d_perm_description = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "description"))) d_perm_permissionGroup = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "permissionGroup"))) d_perm_protectionLevel = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "protectionLevel"))) d_perm_details = { "label": d_perm_label, "description": d_perm_description, "permissionGroup": d_perm_permissionGroup, "protectionLevel": d_perm_protectionLevel, } self.declared_permissions[d_perm_name] = d_perm_details self.valid_apk = True self.permission_module = androconf.load_api_specific_resource_module( "aosp_permissions", self.get_target_sdk_version())
def main(): for apkfile in files: file_name = os.path.splitext(apkfile)[0] out = AnalyzeAPK(path + '\\' + apkfile) dx = out[2] #api和权限映射 api_perm_filename = os.path.join(out_path, file_name + "_api-perm.txt") api_perm_file = open(api_perm_filename, 'w', encoding='utf-8') permmap = load_api_specific_resource_module('api_permission_mappings') results = [] for meth_analysis in dx.get_methods(): meth = meth_analysis.get_method() name = meth.get_class_name() + "-" + meth.get_name() + "-" + str( meth.get_descriptor()) for k, v in permmap.items(): if name == k: result = str(meth) + ' : ' + str(v) api_perm_file.write(result + '\n') api_perm_file.close()
def get_show_Permissions(vmx): """ Checks for functions that need permissions :param vmx: Analysis object of vm :return: dict of permissions {permission, XrefsFrom} :rtype: dictionary """ permissions = {} permission_dict = load_api_specific_resource_module( "api_permission_mappings", 16) mca_dict = dict() for ca in vmx.get_classes(): for mca in ca.get_methods(): mca_dict["{}-{}-{}".format( ca.orig_class.name, mca.get_method().get_name(), mca.get_method().get_descriptor())] = mca methods = set(permission_dict.keys()) & set(mca_dict.keys()) for method in methods: xrefs_from = list() for ref_class, ref_method, offset in mca_dict[method].get_xref_from(): xrefs_from.append("%s %s->%s%s (0x%x) ---> %s->%s%s" % ( ref_method.get_access_flags_string( ), # Fixme: What was path access flag? dvm.get_type(ref_method.get_class_name()), dvm.get_type(ref_method.get_name()), ref_method.get_descriptor(), offset, dvm.get_type(mca.get_method().get_class_name()), dvm.get_type(mca.get_method().get_name()), dvm.get_type(mca.get_method().get_descriptor()))) for permission in permission_dict[method]: perm_key = permission.replace("android.permission.", "").replace(".", "_") if perm_key not in permissions: permissions[perm_key] = list() permissions[perm_key].extend(xrefs_from) return permissions
def _apk_analysis(self): """ Run analysis on the APK file. This method is usually called by __init__ except if skip_analysis is False. It will then parse the AndroidManifest.xml and set all fields in the APK class which can be extracted from the Manifest. """ i = "AndroidManifest.xml" try: manifest_data = self.zip.read(i) except KeyError: log.warning("Missing AndroidManifest.xml") else: self.axml[i] = AXMLPrinter(manifest_data) self.xml[i] = None raw_xml = self.axml[i].get_buff() if len(raw_xml) == 0: log.warning("AXML parsing failed, file is empty") else: try: if self.axml[i].is_packed(): log.warning("XML Seems to be packed, parsing is very likely to fail.") self.xml[i] = self.axml[i].get_xml_obj() except Exception as e: log.warning("reading AXML as XML failed: " + str(e)) if self.xml[i] is not None: self.package = self.xml[i].get("package") self.androidversion["Code"] = self.xml[i].get( NS_ANDROID + "versionCode") self.androidversion["Name"] = self.xml[i].get( NS_ANDROID + "versionName") for item in self.xml[i].findall('uses-permission'): name = item.get(NS_ANDROID + "name") self.permissions.append(name) maxSdkVersion = None try: maxSdkVersion = int(item.get(NS_ANDROID + 'maxSdkVersion')) except ValueError: log.warning(item.get(NS_ANDROID + 'maxSdkVersion') + 'is not a valid value for <uses-permission> maxSdkVersion') except TypeError: pass self.uses_permissions.append([name, maxSdkVersion]) # getting details of the declared permissions for d_perm_item in self.xml[i].findall('permission'): d_perm_name = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "name"))) d_perm_label = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "label"))) d_perm_description = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "description"))) d_perm_permissionGroup = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "permissionGroup"))) d_perm_protectionLevel = self._get_res_string_value(str( d_perm_item.get(NS_ANDROID + "protectionLevel"))) d_perm_details = { "label": d_perm_label, "description": d_perm_description, "permissionGroup": d_perm_permissionGroup, "protectionLevel": d_perm_protectionLevel, } self.declared_permissions[d_perm_name] = d_perm_details self.valid_apk = True self.permission_module = androconf.load_api_specific_resource_module( "aosp_permissions", self.get_target_sdk_version())