def grab_graphic_images(d, dx): path_images = './androhunter/report/template/' devnull = open('/dev/null', 'w') subprocess.call(['rm', '-rf', path_images+'cfg']) subprocess.call(['mkdir', path_images+'cfg'], stdout=devnull) print('[+] Creating CFG images...') for classe in d.get_classes(): classe_name = classe.get_name().replace('/', '-').replace(';', '') print('\t[-] ' + classe_name + '...') subprocess.call(['mkdir', path_images + 'cfg/' + classe_name], stdout=devnull) for metodo in classe.get_methods(): metodo_name = metodo.get_name().replace('<', '').replace('>', '') bytecode.method2png(path_images + 'cfg/' + classe_name + '/' + metodo_name + '.png', dx.get_method(metodo))
def __init__(self, methanalysis): """ :param androguard.core.analysis.analysis.MethodAnalysis methanalysis: """ method = methanalysis.get_method() self.method = method self.start_block = next(methanalysis.get_basic_blocks().get(), None) self.cls_name = method.get_class_name() self.name = method.get_name() self.lparams = [] self.var_to_name = defaultdict() self.writer = None self.graph = None self.ast = None self.access = util.get_access_method(method.get_access_flags()) desc = method.get_descriptor() self.type = desc.split(')')[-1] self.params_type = util.get_params_type(desc) self.triple = method.get_triple() self.exceptions = methanalysis.exceptions.exceptions code = method.get_code() if code is None: logger.debug('No code : %s %s', self.name, self.cls_name) else: start = code.registers_size - code.ins_size if 'static' not in self.access: self.var_to_name[start] = ThisParam(start, self.cls_name) self.lparams.append(start) start += 1 num_param = 0 for ptype in self.params_type: param = start + num_param self.lparams.append(param) self.var_to_name[param] = Param(param, ptype) num_param += util.get_type_size(ptype) if not __debug__: from androguard.core import bytecode # TODO: use tempfile to create a correct tempfile (cross platform compatible) bytecode.method2png( '/tmp/dad/graphs/{}#{}.png'.format( self.cls_name.split('/')[-1][:-1], self.name), methanalysis)
def grab_graphic_images(d, dx): path_images = './androhunter/report/template/' devnull = open('/dev/null', 'w') subprocess.call(['rm', '-rf', path_images + 'cfg']) subprocess.call(['mkdir', path_images + 'cfg'], stdout=devnull) print('[+] Creating CFG images...') for classe in d.get_classes(): classe_name = classe.get_name().replace('/', '-').replace(';', '') print('\t[-] ' + classe_name + '...') subprocess.call(['mkdir', path_images + 'cfg/' + classe_name], stdout=devnull) for metodo in classe.get_methods(): metodo_name = metodo.get_name().replace('<', '').replace('>', '') bytecode.method2png( path_images + 'cfg/' + classe_name + '/' + metodo_name + '.png', dx.get_method(metodo))
def __init__(self, methanalysis): """ :param androguard.core.analysis.analysis.MethodAnalysis methanalysis: """ method = methanalysis.get_method() self.method = method self.start_block = next(methanalysis.get_basic_blocks().get(), None) self.cls_name = method.get_class_name() self.name = method.get_name() self.lparams = [] self.var_to_name = defaultdict() self.writer = None self.graph = None self.ast = None self.access = util.get_access_method(method.get_access_flags()) desc = method.get_descriptor() self.type = desc.split(')')[-1] self.params_type = util.get_params_type(desc) self.triple = method.get_triple() self.exceptions = methanalysis.exceptions.exceptions code = method.get_code() if code is None: logger.debug('No code : %s %s', self.name, self.cls_name) else: start = code.registers_size - code.ins_size if 'static' not in self.access: self.var_to_name[start] = ThisParam(start, self.cls_name) self.lparams.append(start) start += 1 num_param = 0 for ptype in self.params_type: param = start + num_param self.lparams.append(param) self.var_to_name[param] = Param(param, ptype) num_param += util.get_type_size(ptype) if not __debug__: from androguard.core import bytecode # TODO: use tempfile to create a correct tempfile (cross platform compatible) bytecode.method2png('/tmp/dad/graphs/{}#{}.png'.format(self.cls_name.split('/')[-1][:-1], self.name), methanalysis)
def __init__(self, methanalysis): method = methanalysis.get_method() self.method = method self.start_block = next(methanalysis.get_basic_blocks().get(), None) self.cls_name = method.get_class_name() self.name = method.get_name() self.lparams = [] self.var_to_name = defaultdict() self.writer = None self.graph = None self.ast = None self.access = util.get_access_method(method.get_access_flags()) desc = method.get_descriptor() self.type = desc.split(")")[-1] self.params_type = util.get_params_type(desc) self.triple = method.get_triple() self.exceptions = methanalysis.exceptions.exceptions code = method.get_code() if code is None: logger.debug("No code : %s %s", self.name, self.cls_name) else: start = code.registers_size - code.ins_size if "static" not in self.access: self.var_to_name[start] = ThisParam(start, self.cls_name) self.lparams.append(start) start += 1 num_param = 0 for ptype in self.params_type: param = start + num_param self.lparams.append(param) self.var_to_name[param] = Param(param, ptype) num_param += util.get_type_size(ptype) if not __debug__: from androguard.core import bytecode bytecode.method2png( "/tmp/dad/graphs/%s#%s.png" % (self.cls_name.split("/")[-1][:-1], self.name), methanalysis )
def __init__(self, methanalysis): method = methanalysis.get_method() self.method = method self.irmethod = None self.start_block = next(methanalysis.get_basic_blocks().get(), None) self.cls_name = method.get_class_name() self.name = method.get_name() self.lparams = [] self.var_to_name = defaultdict() self.offset_to_node = {} self.graph = None self.access = util.get_access_method(method.get_access_flags()) desc = method.get_descriptor() self.type = desc.split(')')[-1] self.params_type = util.get_params_type(desc) self.triple = method.get_triple() self.exceptions = methanalysis.exceptions.exceptions self.curret_block = None self.var_versions = defaultdict(int) code = self.method.get_code() if code: start = code.registers_size - code.ins_size if 'static' not in self.access: self.lparams.append(start) start += 1 num_param = 0 for ptype in self.params_type: param = start + num_param self.lparams.append(param) num_param += util.get_type_size(ptype) if DEBUG: from androguard.core import bytecode bytecode.method2png('graphs/%s#%s.png' % \ (self.cls_name.split('/')[-1][:-1], self.name), methanalysis)
def process(self): util.log('METHOD : %s' % self.name, 'debug') if 0: from androguard.core import bytecode bytecode.method2png('/tmp/graphs/%s#%s.png' % \ (self.method.get_class_name().split('/')[-1][:-1], self.name), self.metha) graph = construct(self.basic_blocks, self.var_to_name, self.exceptions) self.graph = graph if graph is None: return if 0: util.create_png(self.basic_blocks, graph, '/tmp/blocks') #'dad_graphs/blocks') defs, uses = build_def_use(graph, self.lparams) dead_code_elimination(graph, uses, defs) register_propagation(graph, uses, defs) # After the DCE pass, some nodes may be empty, so we can simplify the # graph to delete these nodes. # We start by restructuring the the graph by spliting the conditional # nodes into a pre-header and a header part. # We then simplify the graph by merging multiple statement nodes into # a single statement node when possible. This also delete empty nodes. graph.split_if_nodes() graph.simplify() graph.reset_rpo() idoms = immediate_dominator(graph) identify_structures(graph, idoms) if 0: util.create_png(self.basic_blocks, graph, '/tmp/structured') # 'dad_graphs/structured') self.writer = Writer(graph, self) self.writer.write_method()
def __init__(self, methanalysis): method = methanalysis.get_method() self.start_block = next(methanalysis.get_basic_blocks().get(), None) self.cls_name = method.get_class_name() self.name = method.get_name() self.lparams = [] self.var_to_name = {} self.writer = None self.graph = None access = method.get_access_flags() self.access = [ name for flag, name in util.ACCESS_FLAGS_METHODS.iteritems() if flag & access ] desc = method.get_descriptor() self.type = util.get_type(desc.split(')')[-1]) self.params_type = util.get_params_type(desc) self.exceptions = methanalysis.exceptions.exceptions code = method.get_code() if code is None: logger.debug('No code : %s %s', self.name, self.cls_name) else: start = code.registers_size - code.ins_size if 'static' not in self.access: self.var_to_name[start] = ThisParam(start, self.name) self.lparams.append(start) start += 1 num_param = 0 for ptype in self.params_type: param = start + num_param self.lparams.append(param) self.var_to_name.setdefault(param, Param(param, ptype)) num_param += util.get_type_size(ptype) if 0: from androguard.core import bytecode bytecode.method2png('/tmp/dad/graphs/%s#%s.png' % \ (self.cls_name.split('/')[-1][:-1], self.name), methanalysis)
def __init__(self, methanalysis): method = methanalysis.get_method() self.start_block = next(methanalysis.get_basic_blocks().get(), None) self.cls_name = method.get_class_name() self.name = method.get_name() self.lparams = [] self.var_to_name = {} self.writer = None self.graph = None access = method.get_access_flags() self.access = [flag for flag in util.ACCESS_FLAGS_METHODS if flag & access] desc = method.get_descriptor() self.type = util.get_type(desc.split(')')[-1]) self.params_type = util.get_params_type(desc) self.exceptions = methanalysis.exceptions.exceptions code = method.get_code() if code is None: logger.debug('No code : %s %s', self.name, self.cls_name) else: start = code.registers_size - code.ins_size if 0x8 not in self.access: self.var_to_name[start] = ThisParam(start, self.name) self.lparams.append(start) start += 1 num_param = 0 for ptype in self.params_type: param = start + num_param self.lparams.append(param) self.var_to_name.setdefault(param, Param(param, ptype)) num_param += util.get_type_size(ptype) if 0: from androguard.core import bytecode bytecode.method2png('/tmp/dad/graphs/%s#%s.png' % \ (self.cls_name.split('/')[-1][:-1], self.name), methanalysis)
def __init__(self, methanalysis, adi): method = methanalysis.get_method() self.method = method self.start_block = next(methanalysis.get_basic_blocks().get(), None) self.cls_name = method.get_class_name() self.name = method.get_name() self.lparams = [] self.var_to_name = defaultdict() self.adi = adi self.writer = None self.graph = None self.ast = None self.access = util.get_access_method(method.get_access_flags()) desc = method.get_descriptor() self.type = desc.split(')')[-1] self.params_type = util.get_params_type(desc) self.triple = method.get_triple() self.exceptions = methanalysis.exceptions.exceptions code = method.get_code() if code is None: logger.debug('No code : %s %s', self.name, self.cls_name) else: start = code.registers_size - code.ins_size if 'static' not in self.access: self.var_to_name[start] = ThisParam(start, self.cls_name) self.lparams.append(start) start += 1 num_param = 0 for ptype in self.params_type: param = start + num_param self.lparams.append(param) self.var_to_name[param] = Param(param, ptype) num_param += util.get_type_size(ptype) if self.adi != None: method_idx = method.get_method_idx() method_annotations = [ x.get_annotations_off() for x in self.adi.get_method_annotations() if x.get_method_idx() == method_idx ] param_annotations = [ x for x in self.adi.get_parameter_annotations() if x.get_method_idx() == method_idx ] self.method_annotations = get_annotations(method.CM, method_annotations) if len(param_annotations) > 0: self.param_annotations = get_parameter_annotations( method.CM, param_annotations) if len(self.param_annotations) != len(self.params_type): if len(self.params_type) - len( self.param_annotations) == 1: self.param_annotations.insert(0, []) else: print( "Failed to extract annotation from {} - {}".format( self.cls_name, self.name)) self.param_annotations = [[]] * len(self.params_type) else: self.param_annotations = [[]] * len(self.params_type) else: self.method_annotations = [] self.param_annotations = [[]] * len(self.params_type) if not __debug__: from androguard.core import bytecode # TODO: use tempfile to create a correct tempfile (cross platform compatible) bytecode.method2png( '/tmp/dad/graphs/{}#{}.png'.format( self.cls_name.split('/')[-1][:-1], self.name), methanalysis)