def analyze_apk(apk_path): print("--> {}".format(apk_path)) apk = APK(apk_path) manifest = str( etree.tostring(apk.get_android_manifest_xml(), pretty_print=True, encoding="utf-8")) BAS = "BIND_AUTOFILL_SERVICE" if BAS in manifest: print("[p]", BAS, "permission") archive = zipfile.ZipFile(apk_path, 'r') for name, type in apk.get_files_types().items(): if type == "Android binary XML": bindata = archive.read(name) match = autofill_re.search(bindata) if match is not None: match_str = match.group().decode("utf-8") print("[a]", match_str, 'in "{}"'.format(name)) print("\n")
from androguard.core.bytecodes.axml import ARSCParser ANDROID_SCHEME = "{http://schemas.android.com/apk/res/android}scheme" ANDROID_HOST = "{http://schemas.android.com/apk/res/android}host" ANDROID_NAME = "{http://schemas.android.com/apk/res/android}name" ANDROID_BACKUP = "{http://schemas.android.com/apk/res/android}allowBackup" ANDROID_CLEAR = "{http://schemas.android.com/apk/res/android}usesCleartextTraffic" ANDROID_VALUE = "{http://schemas.android.com/apk/res/android}value" if len(sys.argv) != 2: print("Введите путь к APK\n") exit(400) file = sys.argv[1] apk = APK(file) axml = apk.get_android_manifest_xml() lil_pow = 0 print("Флаги безопасности Manifest'а\n" "а. Установки CleartextTraffic:") guess = axml.find("./application[@{}]".format(ANDROID_CLEAR)) if guess != None: print(guess.attrib.get(ANDROID_CLEAR)) else: print("Не обнаружено.") print("b. Установки allowBackup:") guess = axml.find("./application[@{}]".format(ANDROID_BACKUP)) if guess != None: print(guess.attrib.get(ANDROID_BACKUP))