def analyze_apk(apk_path):
print("--> {}".format(apk_path))
apk = APK(apk_path)
manifest = str(
etree.tostring(apk.get_android_manifest_xml(),
pretty_print=True,
encoding="utf-8"))
BAS = "BIND_AUTOFILL_SERVICE"
if BAS in manifest:
print("[p]", BAS, "permission")
archive = zipfile.ZipFile(apk_path, 'r')
for name, type in apk.get_files_types().items():
if type == "Android binary XML":
bindata = archive.read(name)
match = autofill_re.search(bindata)
if match is not None:
match_str = match.group().decode("utf-8")
print("[a]", match_str, 'in "{}"'.format(name))
print("\n")
from androguard.core.bytecodes.axml import ARSCParser
ANDROID_SCHEME = "{http://schemas.android.com/apk/res/android}scheme"
ANDROID_HOST = "{http://schemas.android.com/apk/res/android}host"
ANDROID_NAME = "{http://schemas.android.com/apk/res/android}name"
ANDROID_BACKUP = "{http://schemas.android.com/apk/res/android}allowBackup"
ANDROID_CLEAR = "{http://schemas.android.com/apk/res/android}usesCleartextTraffic"
ANDROID_VALUE = "{http://schemas.android.com/apk/res/android}value"
if len(sys.argv) != 2:
print("Введите путь к APK\n")
exit(400)
file = sys.argv[1]
apk = APK(file)
axml = apk.get_android_manifest_xml()
lil_pow = 0
print("Флаги безопасности Manifest'а\n"
"а. Установки CleartextTraffic:")
guess = axml.find("./application[@{}]".format(ANDROID_CLEAR))
if guess != None:
print(guess.attrib.get(ANDROID_CLEAR))
else:
print("Не обнаружено.")
print("b. Установки allowBackup:")
guess = axml.find("./application[@{}]".format(ANDROID_BACKUP))
if guess != None:
print(guess.attrib.get(ANDROID_BACKUP))
