def __init__(self, m1, sim) : self.m1 = m1 self.sim = sim self.buff = "" self.entropy = 0.0 self.signature = None #--------- #print m1 #print m1.get_info() #print m1.m code = m1.m.get_code() #print "code1" #print code if code != None : bc = code.get_bc() #print "bc1 " #print bc for i in bc.get_instructions() : self.buff += dvm.clean_name_instruction( i ) self.buff += dvm.static_operand_instruction( i ) #------------ #print "1" #print self.buff self.entropy, _ = sim.entropy( self.buff )
def __init__(self, m1, sim): self.m1 = m1 self.sim = sim self.buff = "" self.entropy = 0.0 self.signature = None #--------- #print m1 #print m1.get_info() #print m1.m code = m1.m.get_code() #print "code1" #print code if code != None: bc = code.get_bc() #print "bc1 " #print bc for i in bc.get_instructions(): self.buff += dvm.clean_name_instruction(i) self.buff += dvm.static_operand_instruction(i) #------------ #print "1" #print self.buff self.entropy, _ = sim.entropy(self.buff)
def __init__(self, m1, sim, use_bytecode=False): """ :param Method m1: :param elsim.similarity.Similarity sim: :param bool use_bytecode: should the bytecode be used instead of Signature module """ self.m1 = m1 self.sim = sim self.buff = "" self.signature = None self.signature_entropy = None # This essentially creates a long string with # all the instructions as names plus their operands in # a human readable form for i in m1.m.get_instructions(): self.buff += dvm.clean_name_instruction(i) self.buff += dvm.static_operand_instruction(i) self.buff = self.buff.encode('UTF-8') self.entropy = sim.entropy(self.buff) if use_bytecode: if self.m1.m.get_code(): self.signature = self.m1.m.get_code().get_bc().get_insn() self.signature_entropy = self.sim.entropy(self.signature) else: self.signature = b'' self.signature_entropy = 0.0 else: self.signature = self.m1.sig.get_method_signature( self.m1.m, predef_sign=sign.PredefinedSignature.L0_4).get_string() self.signature_entropy = self.sim.entropy(self.signature)
def __init__(self, basic_block, sim): self.basic_block = basic_block self.buff = "" for i in self.basic_block.bb.get_instructions(): self.buff += dvm.clean_name_instruction(i) self.buff += dvm.static_operand_instruction(i) #self.hash = hashlib.sha256( self.buff + "%d%d" % (len(basic_block.childs), len(basic_block.fathers)) ).hexdigest() self.hash = hashlib.sha256(self.buff).hexdigest()
def __init__(self, basic_block, sim) : self.basic_block = basic_block self.buff = "" for i in self.basic_block.bb.get_instructions() : self.buff += dvm.clean_name_instruction( i ) self.buff += dvm.static_operand_instruction( i ) #self.hash = hashlib.sha256( self.buff + "%d%d" % (len(basic_block.childs), len(basic_block.fathers)) ).hexdigest() self.hash = hashlib.sha256( self.buff ).hexdigest()
def __init__(self, basic_block, sim): self.basic_block = basic_block self.buff = "" for i in self.basic_block.bb.get_instructions(): self.buff += dvm.clean_name_instruction(i) self.buff += dvm.static_operand_instruction(i) self.buff = self.buff.encode('UTF-8') self.hash = mmh3.hash128(self.buff)
def _get_hex(self, analysis_method): code = analysis_method.get_method().get_code() if code == None: return "" buff = "" for i in code.get_bc().get_instructions(): buff += dvm.clean_name_instruction(i) buff += dvm.static_operand_instruction(i) return buff
def _get_hex(self, analysis_method): code = analysis_method.get_method().get_code() if code == None: return "" buff = "" for i in code.get_bc().get_instructions(): buff += dvm.clean_name_instruction( i ) buff += dvm.static_operand_instruction( i ) return buff
def _get_hex(analysis_method, *args): """ Returns the decoded bytecode as text without any newlines :param androguard.core.analysis.analysis.MethodAnalysis analysis_method: """ buff = "" for i in analysis_method.get_method().get_instructions(): buff += dvm.clean_name_instruction(i) buff += dvm.static_operand_instruction(i) return buff
def __init__(self, m1, sim): self.m1 = m1 self.sim = sim self.buff = "" self.entropy = 0.0 self.signature = None code = m1.m.get_code() if code != None: bc = code.get_bc() for i in bc.get_instructions(): self.buff += dvm.clean_name_instruction(i) self.buff += dvm.static_operand_instruction(i) self.entropy, _ = sim.entropy(self.buff)
def __init__(self, m1, sim) : self.m1 = m1 self.sim = sim self.buff = "" self.entropy = 0.0 self.signature = None code = m1.m.get_code() if code != None : bc = code.get_bc() for i in bc.get_instructions() : self.buff += dvm.clean_name_instruction( i ) self.buff += dvm.static_operand_instruction( i ) self.entropy, _ = sim.entropy( self.buff )
def toString(bb, hS, rS): map_x = {} S = "" idx = 0 nb = 0 for i in bb.get_instructions(): ident = dvm.clean_name_instruction(i) ident += dvm.static_operand_instruction(i) if ident not in hS: hS[ident] = len(hS) rS[chr(hS[ident])] = ident S += chr(hS[ident]) map_x[nb] = idx idx += i.get_length() nb += 1 return S, map_x
def toString( bb, hS, rS ) : map_x = {} S = "" idx = 0 nb = 0 for i in bb.get_instructions() : ident = dvm.clean_name_instruction( i ) ident += dvm.static_operand_instruction( i ) if ident not in hS : hS[ ident ] = len(hS) rS[ chr( hS[ ident ] ) ] = ident S += chr( hS[ ident ] ) map_x[ nb ] = idx idx += i.get_length() nb += 1 return S, map_x