def main():
parser = ArgumentParser(description="Create a call graph based on the data"
"of Analysis and export it into a graph format.")
parser.add_argument("APK", nargs=1, help="The APK to analyze")
parser.add_argument("--output", "-o", default="callgraph.gml",
help="Filename of the output file, the extension is used to decide which format to use (default callgraph.gml)")
parser.add_argument("--show", "-s", action="store_true", default=False,
help="instead of saving the graph, print it with mathplotlib (you might not see anything!")
parser.add_argument("--verbose", "-v", action="store_true", default=False,
help="Print more output")
parser.add_argument("--classname", default=".*", help="Regex to filter by classname")
parser.add_argument("--methodname", default=".*", help="Regex to filter by methodname")
parser.add_argument("--descriptor", default=".*", help="Regex to filter by descriptor")
parser.add_argument("--accessflag", default=".*", help="Regex to filter by accessflags")
parser.add_argument("--no-isolated", default=False, action="store_true",
help="Do not store methods which has no xrefs")
args = parser.parse_args()
if args.verbose:
show_logging(logging.INFO)
a, d, dx = AnalyzeAPK(args.APK[0])
entry_points = map(FormatClassToJava, a.get_activities() + a.get_providers() + a.get_services() + a.get_receivers())
entry_points = list(entry_points)
log.info("Found The following entry points by search AndroidManifest.xml: {}".format(entry_points))
CG = generate_graph(dx,
args.classname,
args.methodname,
args.descriptor,
args.accessflag,
args.no_isolated,
entry_points,
)
write_methods = dict(gml=_write_gml,
gexf=nx.write_gexf,
gpickle=nx.write_gpickle,
graphml=nx.write_graphml,
yaml=nx.write_yaml,
net=nx.write_pajek,
)
if args.show:
plot(CG)
else:
writer = args.output.rsplit(".", 1)[1]
if writer in ["bz2", "gz"]:
writer = args.output.rsplit(".", 2)[1]
if writer not in write_methods:
print("Could not find a method to export files to {}!".format(writer))
sys.exit(1)
write_methods[writer](CG, args.output)
def main():
parser = ArgumentParser(description="Create a call graph based on the data"
"of Analysis and export it into a graph format.")
parser.add_argument("APK", nargs=1, help="The APK to analyze")
parser.add_argument("--output", "-o", default="callgraph.gml",
help="Filename of the output file, the extension is used to decide which format to use (default callgraph.gml)")
parser.add_argument("--show", "-s", action="store_true", default=False,
help="instead of saving the graph, print it with mathplotlib (you might not see anything!")
parser.add_argument("--verbose", "-v", action="store_true", default=False,
help="Print more output")
parser.add_argument("--classname", default=".*", help="Regex to filter by classname")
parser.add_argument("--methodname", default=".*", help="Regex to filter by methodname")
parser.add_argument("--descriptor", default=".*", help="Regex to filter by descriptor")
parser.add_argument("--accessflag", default=".*", help="Regex to filter by accessflags")
parser.add_argument("--no-isolated", default=False, action="store_true",
help="Do not store methods which has no xrefs")
args = parser.parse_args()
if args.verbose:
show_logging(logging.INFO)
a, d, dx = AnalyzeAPK(args.APK[0])
entry_points = map(FormatClassToJava, a.get_activities() + a.get_providers() + a.get_services() + a.get_receivers())
entry_points = list(entry_points)
log.info("Found The following entry points by search AndroidManifest.xml: {}".format(entry_points))
CG = dx.get_call_graph(args.classname,
args.methodname,
args.descriptor,
args.accessflag,
args.no_isolated,
entry_points,
)
write_methods = dict(gml=_write_gml,
gexf=nx.write_gexf,
gpickle=nx.write_gpickle,
graphml=nx.write_graphml,
yaml=nx.write_yaml,
net=nx.write_pajek,
)
if args.show:
plot(CG)
else:
writer = args.output.rsplit(".", 1)[1]
if writer in ["bz2", "gz"]:
writer = args.output.rsplit(".", 2)[1]
if writer not in write_methods:
print("Could not find a method to export files to {}!".format(writer))
sys.exit(1)
write_methods[writer](CG, args.output)
def androcg_main(verbose,
APK,
classname,
methodname,
descriptor,
accessflag,
no_isolated,
show,
output):
from androguard.core.androconf import show_logging
from androguard.core.bytecode import FormatClassToJava
from androguard.misc import AnalyzeAPK
import networkx as nx
import logging
log = logging.getLogger("androcfg")
if verbose:
show_logging(logging.INFO)
a, d, dx = AnalyzeAPK(APK)
entry_points = map(FormatClassToJava,
a.get_activities() + a.get_providers() +
a.get_services() + a.get_receivers())
entry_points = list(entry_points)
log.info("Found The following entry points by search AndroidManifest.xml: "
"{}".format(entry_points))
CG = dx.get_call_graph(classname,
methodname,
descriptor,
accessflag,
no_isolated,
entry_points,
)
write_methods = dict(gml=_write_gml,
gexf=nx.write_gexf,
gpickle=nx.write_gpickle,
graphml=nx.write_graphml,
yaml=nx.write_yaml,
net=nx.write_pajek,
)
if show:
plot(CG)
else:
writer = output.rsplit(".", 1)[1]
if writer in ["bz2", "gz"]:
writer = output.rsplit(".", 2)[1]
if writer not in write_methods:
print("Could not find a method to export files to {}!"
.format(writer))
sys.exit(1)
write_methods[writer](CG, output)
def androcg_main(verbose,
APK,
classname,
methodname,
descriptor,
accessflag,
no_isolated,
show,
output):
from androguard.core.androconf import show_logging
from androguard.core.bytecode import FormatClassToJava
from androguard.misc import AnalyzeAPK
import networkx as nx
import logging
log = logging.getLogger("androcfg")
if verbose:
show_logging(logging.INFO)
a, d, dx = AnalyzeAPK(APK)
entry_points = map(FormatClassToJava,
a.get_activities() + a.get_providers() +
a.get_services() + a.get_receivers())
entry_points = list(entry_points)
log.info("Found The following entry points by search AndroidManifest.xml: "
"{}".format(entry_points))
CG = dx.get_call_graph(classname,
methodname,
descriptor,
accessflag,
no_isolated,
entry_points,
)
write_methods = dict(gml=_write_gml,
gexf=nx.write_gexf,
gpickle=nx.write_gpickle,
graphml=nx.write_graphml,
yaml=nx.write_yaml,
net=nx.write_pajek,
)
if show:
plot(CG)
else:
writer = output.rsplit(".", 1)[1]
if writer in ["bz2", "gz"]:
writer = output.rsplit(".", 2)[1]
if writer not in write_methods:
print("Could not find a method to export files to {}!"
.format(writer))
sys.exit(1)
write_methods[writer](CG, output)
def get_call_graph(self, apk):
a, d, dx = AnalyzeAPK(apk)
entry_points = map(
FormatClassToJava,
a.get_activities() + a.get_providers() + a.get_services() +
a.get_receivers())
entry_points = list(entry_points)
#TODO make these Configurable
# args.classname,
# args.methodname,
# args.descriptor,
# args.accessflag,
# args.no_isolated,
CG = dx.get_call_graph(entry_points=entry_points)
# write_methods = dict(gml=_write_gml,
# gexf=nx.write_gexf,
# gpickle=nx.write_gpickle,
# graphml=nx.write_graphml,
# yaml=nx.write_yaml,
# net=nx.write_pajek,
return CG
for action,intent_name in a.get_intent_filters(itemtype, name).items():
for intent in intent_name:
alista.append(intent)
return alista
i = 0
while i < 1200:
file = (data.iloc[i][0])
numero = (data.iloc[i][1])
try:
a, d, dx = AnalyzeAPK(file)
print ("===> "+ file + " <===")
perms = (a.get_permissions())
prov = (a.get_providers())
serv = (a.get_services())
sint = helper(serv,'service')
receivers = a.get_receivers()
r = []
for x in receivers: r.append(x)
rint = helper(receivers,'receiver')
writer.writerow((numero,file,perms,prov,serv,sint,r,rint))
csv_base.flush()
except zipfile.BadZipFile: # WiNDOWS FILE
print ('THEY TRY 2 GET ME' + str(numero) )
except KeyError: # DIC ERROR
print('F**K ====>' + str(numero))
except TypeError:
print ('Really ====>' + str(numero))
def api_check(folder, APKname):
if os.path.exists("result/" + folder + APKname + 'data/'):
print(APKname + " Already scanned")
return
print("Starting apk:" + APKname)
apk_start_time = time.time()
RESULTdict = dict.fromkeys(RESULT_PARAMS, 0)
##отдельные словари для фич
OtherDict = dict.fromkeys(('obfuscation', 'database'), 0)
APIdict = dict.fromkeys((API_CALLS + API_ClASS), 0)
permission_dict = dict.fromkeys(PERMISSIONS, 0)
strings_dict = dict.fromkeys(API_SYSTEM_COMMANDS, 0)
groupAPI_dict = dict.fromkeys(APIGROUPS, 0)
##№№№
#a-APK d[0]-DalvikVMFormat dx-Analysis
try:
a, d, dx = AnalyzeAPK(folder + APKname)
except:
print(" ERROR: Androguard parse error, skipping file")
return
###
temp = a.get_details_permissions()
temp2 = a.get_declared_permissions_details()
temp3 = a.get_uses_implied_permission_list()
# ########TODO почитать про использование пермишинсов без запросов
####
RESULTdict["APP_Name"] = APKname
RESULTdict['folder'] = folder
#methods = []
#подозрительные строки
RESULTdict["warn_strings"] = []
strings = dx.get_strings_analysis()
#w=d[0].get_strings()
list_system_commands = read_system_commands(strings, API_SYSTEM_COMMANDS)
for i in list_system_commands:
#print(i)
RESULTdict["warn_strings"].append(i)
for i in list_system_commands:
strings_dict[i] += 1
### общая информация
RESULTdict['permissions'] = a.get_permissions()
RESULTdict['activities'] = a.get_activities()
RESULTdict['providers'] = a.get_providers()
RESULTdict['services'] = a.get_services()
RESULTdict['libraries'] = a.get_libraries()
RESULTdict['is_obfuscation'] = 1 if is_ascii_obfuscation(d[0]) else 0
RESULTdict['is_database'] = 1 if d[0].get_regex_strings(DB_REGEX) else 0
#TODO intents_analysis from new.py
OtherDict['obfuscation'] = RESULTdict['is_obfuscation']
OtherDict['database'] = RESULTdict['is_database']
#permissions
RESULTdict['warn_permissions'] = []
#RESULTdict['feature_vectors']['permissions'] = []
for permission in PERMISSIONS:
if permission in RESULTdict['permissions']:
RESULTdict['warn_permissions'].append(permission)
permission_dict[permission] = 1
###########################################################################
#TODO подсчет групп АПИ и системных команд для вектора фич
###########################################################################
#API
RESULTdict['API_groups'] = []
external_classes = dx.get_external_classes()
for i in external_classes:
class_name = i.get_vm_class()
methods_list = class_name.get_methods()
for method in methods_list:
a = '%s' % method.get_class_name().replace(';', '')
b = '%s' % method.get_name()
c = '%s' % method.get_descriptor()
#TODO permission_api_name https://androguard.readthedocs.io/en/latest/api/androguard.core.analysis.html?highlight=permission#androguard.core.analysis.analysis.ExternalMethod.permission_api_name
if b in API_CALLS:
APIdict[b] += 1
###TODO !!!нужна нормализация данных
if a in API_ClASS:
APIdict[a] += 1
temp = GroupAPI_Checker.checkAPIGroup(a.replace('/', '.')[1:], b)
if (temp != None):
groupAPI_dict[temp] += 1
RESULTdict['API_groups'].append(temp)
##запись общих параметров
with open("result/" + 'API_CALLS.csv', 'a', encoding='utf8') as csvfile:
fieldnames = (('APP_Name', 'folder') + API_CALLS + API_ClASS)
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
#writer.writeheader()
tempDict = APIdict.copy()
tempDict['APP_Name'] = APKname
tempDict['folder'] = folder
writer.writerow(tempDict)
with open("result/" + 'OtherDict.csv', 'a', encoding='utf8') as csvfile:
fieldnames = 'APP_Name', 'folder', 'obfuscation', 'database'
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
#writer.writeheader()
tempDict = OtherDict.copy()
tempDict['APP_Name'] = APKname
tempDict['folder'] = folder
writer.writerow(tempDict)
with open("result/" + 'permission_dict.csv', 'a',
encoding='utf8') as csvfile:
fieldnames = ('APP_Name', 'folder') + PERMISSIONS
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
#writer.writeheader()
tempDict = permission_dict.copy()
tempDict['APP_Name'] = APKname
tempDict['folder'] = folder
writer.writerow(tempDict)
with open("result/" + 'strings_dict.csv', 'a', encoding='utf8') as csvfile:
fieldnames = ('APP_Name', 'folder') + API_SYSTEM_COMMANDS
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
#writer.writeheader()
tempDict = strings_dict.copy()
tempDict['APP_Name'] = APKname
tempDict['folder'] = folder
writer.writerow(tempDict)
with open("result/" + 'groupAPI_dict.csv', 'a',
encoding='utf8') as csvfile:
fieldnames = ('APP_Name', 'folder') + APIGROUPS
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
#writer.writeheader()
tempDict = groupAPI_dict.copy()
tempDict['APP_Name'] = APKname
tempDict['folder'] = folder
writer.writerow(tempDict)
with open("result/" + 'RESULTdict.csv', 'a', encoding='utf8') as csvfile:
fieldnames = RESULT_PARAMS
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
#writer.writeheader()
writer.writerow(RESULTdict)
##запись параметров данного приложения
try:
if os.path.exists("result/" + folder):
os.mkdir('result/' + folder + APKname + 'data')
else:
os.mkdir('result/' + folder)
os.mkdir('result/' + folder + APKname + 'data')
except OSError:
print("Создать директорию %s не удалось" %
('result/' + folder + APKname + 'data'))
else:
with open("result/" + folder + APKname + 'data/RESULT.csv',
'w',
encoding='utf8') as csvfile:
fieldnames = RESULT_PARAMS
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
writer.writeheader()
writer.writerow(RESULTdict)
with open("result/" + folder + APKname + 'data/OtherDict.csv',
'w',
encoding='utf8') as csvfile:
fieldnames = 'obfuscation', 'database'
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
writer.writeheader()
writer.writerow(OtherDict)
with open("result/" + folder + APKname + 'data/APIdict.csv',
'w',
encoding='utf8') as csvfile:
fieldnames = API_CALLS + API_ClASS
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
writer.writeheader()
writer.writerow(APIdict)
with open("result/" + folder + APKname + 'data/permission_dict.csv',
'w',
encoding='utf8') as csvfile:
fieldnames = PERMISSIONS
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
writer.writeheader()
writer.writerow(permission_dict)
with open("result/" + folder + APKname + 'data/strings_dict.csv',
'w',
encoding='utf8') as csvfile:
fieldnames = API_SYSTEM_COMMANDS
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
writer.writeheader()
writer.writerow(strings_dict)
with open("result/" + folder + APKname + 'data/groupAPI_dict.csv',
'w',
encoding='utf8') as csvfile:
fieldnames = APIGROUPS
writer = csv.DictWriter(csvfile,
fieldnames=fieldnames,
delimiter=";",
lineterminator="\n")
writer.writeheader()
writer.writerow(groupAPI_dict)
print("APK done:{} ".format(time.time() - apk_start_time))
sys.exit(1)
ret_type = androconf.is_android(args.APK)
if ret_type != "APK":
print("Not an APK file")
sys.exit(1)
apk, dex, dexes = AnalyzeAPK(args.APK)
res = {
'app_name':
apk.get_app_name(),
'package_name':
apk.get_package(),
'providers':
apk.get_providers(),
'new_permissions':
extract_new_permissions(apk.get_permissions()),
'filters':
get_intent_filers(apk),
'certificate': {},
'wearable':
apk.is_wearable(),
'max_sdk_version': (apk.get_max_sdk_version()),
'min_sdk_version':
int(apk.get_min_sdk_version()),
'version_code':
apk.xml['AndroidManifest.xml'].get(
'{http://schemas.android.com/apk/res/android}versionCode'),
'libraries':
list(apk.get_libraries()),
class AndroidPackage(object):
"""Static android information."""
def __init__(self, filepath):
self.filepath = filepath
self.apk = None
self.analysis = None
def _get_detailed_permissions(self):
"""Return a list of all permission requests by the application."""
perms = []
for k, v in self.apk.get_details_permissions().items():
perms.append({
"name": k,
"protection_level": v[0],
"description": v[2]
})
return perms
def _enumerate_services(self):
"""Return a list of all services with their actions"""
services = []
for _service in self.apk.get_services():
service = {}
service["name"] = _service
service["action"] = []
intent_filters = self.apk.get_intent_filters("service", _service)
if "action" in intent_filters:
service["action"] = intent_filters["action"]
services.append(service)
return services
def _enumerate_receivers(self):
"""Return a list of all BroadcastReceiver's with their actions"""
receivers = []
for _receiver in self.apk.get_receivers():
receiver = {}
receiver["name"] = _receiver
receiver["action"] = []
intent_filters = self.apk.get_intent_filters("receiver", _receiver)
if "action" in intent_filters:
receiver["action"] = intent_filters["action"]
receivers.append(receiver)
return receivers
def _enumerate_apk_files(self):
"""Return a list of files in the APK."""
files = []
for filename, filetype in self.apk.get_files_types().items():
buf = self.apk.zip.read(filename)
files.append({
"name": filename,
"md5": hashlib.md5(buf).hexdigest(),
"size": len(buf),
"type": filetype,
})
return files
def _enumerate_encrypted_assets(self):
"""Returns a list of files in the APK assets that have high entropy."""
files = []
for filename, filetype in self.apk.get_files_types().items():
if "assets" in filename:
buf = self.apk.zip.read(filename)
file_entropy = entropy.shannon_entropy(buf)
if file_entropy > 0.9:
files.append({
"name": filename,
"entropy": file_entropy,
"size": len(buf),
"type": filetype,
})
return files
def _get_certificates_info(self):
"""Return a list of APK certificates"""
certficates = []
for cert in self.apk.get_certificates():
not_valid_after = cert['tbs_certificate']['validity'][
'not_after'].native
not_valid_before = cert['tbs_certificate']['validity'][
'not_before'].native
certficates.append({
"sha1":
cert.sha1.encode("hex"),
"sha256":
cert.sha256.encode("hex"),
"issuer":
cert.issuer.human_friendly,
"subject":
cert.subject.human_friendly,
"not_valid_after":
not_valid_after.strftime("%Y-%m-%d %H:%M:%S"),
"not_valid_before":
not_valid_before.strftime("%Y-%m-%d %H:%M:%S"),
"public_key_algorithm":
cert.public_key.algorithm,
"public_key_size":
"%d bit" % cert.public_key.bit_size,
"signature_algorithm":
cert.signature_algo + " with " + cert.hash_algo,
"signature":
cert.signature.encode("hex"),
"serial_number":
str(cert.serial_number)
})
return certficates
def _enumerate_native_methods(self):
"""Return a list of all methods compiled in the application"""
methods = []
for mca in self.analysis.get_methods():
if mca.is_external():
continue
if not mca.get_method().get_access_flags() & 0x0100:
continue
methods.append(self._get_pretty_method(mca))
return methods
def _get_pretty_method(self, mca):
"""Return a string representation of an API method.
@param mca: MethodClassAnalysis object.
"""
class_name = mca.get_method().get_class_name().replace("/", ".")[1:-1]
method_name = mca.get_method().get_name()
return "%s.%s%s" % (class_name, method_name, mca.descriptor)
def _enumerate_api_calls(self):
"""Return a dictionary of all APIs with their xrefs."""
classes = []
exclude_pattern = re.compile(
"^(Lcom/google/|Landroid|Ljava|Lcom/sun/|Lorg/apache/|"
"Lorg/spongycastle|Lmyjava/|Lkotlin/)")
for ca in self.analysis.get_classes():
if ca.is_external():
continue
if exclude_pattern.match(ca.name):
continue
classes.append(ca.name)
calls = []
for class_name in classes:
for mca in self.analysis.find_methods(class_name):
xrefs_to = []
for _, m, _ in mca.get_xref_to():
callee_class = m.get_class_name().replace("/", ".")[1:-1]
callee_api = "%s.%s" % (callee_class, m.get_name())
xrefs_to.append(callee_api)
if not xrefs_to:
continue
api = {}
api["name"] = self._get_pretty_method(mca)
api["callees"] = xrefs_to
calls.append(api)
return calls
def run(self):
"""Run androguard to extract static APK information
@return: dict of static features.
"""
from androguard.misc import AnalyzeAPK
logging.getLogger("androguard.dvm").setLevel(logging.WARNING)
logging.getLogger("androguard.analysis").setLevel(logging.WARNING)
logging.getLogger("androguard.misc").setLevel(logging.WARNING)
logging.getLogger("androguard.apk").setLevel(logging.CRITICAL)
try:
self.apk, _, self.analysis = AnalyzeAPK(self.filepath)
except (OSError, zipfile.BadZipfile) as e:
log.error("Error parsing APK file: %s", e)
return None
manifest = {}
if self.apk.is_valid_APK():
manifest["package"] = self.apk.get_package()
manifest["services"] = self._enumerate_services()
manifest["receivers"] = self._enumerate_receivers()
manifest["providers"] = self.apk.get_providers()
manifest["activities"] = self.apk.get_activities()
manifest["main_activity"] = self.apk.get_main_activity()
manifest["permissions"] = self._get_detailed_permissions()
apkinfo = {}
apkinfo["manifest"] = manifest
apkinfo["files"] = self._enumerate_apk_files()
apkinfo["encrypted_assets"] = self._enumerate_encrypted_assets()
apkinfo["is_signed_v1"] = self.apk.is_signed_v1()
apkinfo["is_signed_v2"] = self.apk.is_signed_v2()
apkinfo["certificates"] = self._get_certificates_info()
apkinfo["native_methods"] = self._enumerate_native_methods()
apkinfo["api_calls"] = self._enumerate_api_calls()
return apkinfo
def run(self):
app.logger.info('new analysis')
s = Session()
self.status = 'Analyzing APK'
a, d, dx = AnalyzeAPK(self.target_file,
session=s) #APK,list[DalvikVMFormat],Analysis
print(type(a), type(d[0]), type(dx))
#cache activities, receivers, services, and providers, because for some reason, saving the Session causes a bug, breaking getters
"""i.e. bytecodes/apk.py", line 582, in get_elements
for item in self.xml[i].findall('.//' + tag_name):
TypeError: string indices must be integers """
activities = a.get_activities()
receivers = a.get_receivers()
services = a.get_services()
providers = a.get_providers()
self.main_activity = a.get_main_activity()
if self.session_save_file:
sys.setrecursionlimit(100000000)
self.status = 'Saving session file'
Save(s, self.session_save_file)
cached_analyses.append({'md5': self.md5, 'analysis': (a, d, dx)})
#gather all classes from dexs 'd'
#classes = get_all_classes_from_dexs(d)
classes = dx.classes
total_num = len(classes)
done = 0 #num of done classes
#result_classes contains the completed analysis info for each class run through the ClassAnalysis object
result_classes = []
analysis_start_time = time.time()
self.status = 'Getting all classes'
for c_name, c_analysis in classes.items():
ca = ClassAnalysis(c_name, c_analysis, activities, receivers,
services, providers)
ca_result = ca.run()
result_classes.append(ca_result)
done += 1
if done % ceil(total_num / 100) == 0:
self.progress += 1
#app.logger.info(self.progress)
# with app.test_request_context('/'):
# socketio.emit('newstatus', {'data':self.progress}, namespace='/status')
analysis_end_time = time.time()
analysis_total_time = analysis_end_time - analysis_start_time
#debugging:
self.status = 'Writing beforenetworkx debugging JSON'
with open(self.graph_out_path + '.beforenetworkx', 'w') as f:
json.dump(result_classes,
f,
indent=4,
separators=(',', ': '),
sort_keys=True)
#create a networkx graph given the completed analyses in result_classess
create_graph_start_time = time.time()
self.status = 'Creating graph out of {} classes analyzed'.format(
len(result_classes))
graph = create_graph(classes=result_classes)
create_graph_end_time = time.time()
create_graph_total_time = create_graph_end_time - create_graph_start_time
#write graph to file: graph_out_path
write_graph_start_time = time.time()
self.status = 'Writing graph to disk'
write_graph(graph, self.graph_out_path)
write_graph_end_time = time.time()
write_graph_total_time = write_graph_end_time - write_graph_start_time
#build and write another graph that contains only providers,receivers,activities, and services
if self.component_subgraph_out_path:
component_names = []
self.status = 'Getting component nodes from graph'
for node in graph:
node_tmp = graph.node[node]
if node_tmp[
'component_type'] != NonComponentType.EXTERNAL and node_tmp[
'component_type'] != NonComponentType.INTERNAL:
component_names.append(node_tmp['name'])
self.status = 'Creating subgraph containing only components'
subgraph = get_class_subgraph(graph, class_names=component_names)
self.status = 'Writing subgraph to disk'
write_graph(subgraph, self.component_subgraph_out_path)
#app metadata for misc/debugging
apk_size = os.path.getsize(self.target_file)
self.status = 'Writing metadata'
self.write_app_metadata(result_classes, a, analysis_total_time,
apk_size, create_graph_total_time,
write_graph_total_time)
#debugging
# with open(self.graph_out_path+'.runmetrics', 'w') as f:
# json.dump()
self.progress = 100
self.status = 'Done'
self.paused.wait(
) #wait for caller to collect last status and reset event before finishing
app.logger.info('done')
from androguard.misc import AnalyzeAPK
a, d, dx = AnalyzeAPK('Virus0e69af88dcbb469e30f16609b10c926c.apk')
activity = a.get_activities()
service = a.get_services()
provider = a.get_providers()
receiver = a.get_receivers()
permission = a.get_permissions()
print(activity)
print(service)
print(provider)
print(receiver)
print(permission)
'''
['com.security.service.MainActivity']
[]
[]
['com.security.service.receiver.ActionReceiver', 'com.security.service.receiver.SmsReceiver', 'com.security.service.receiver.RebootReceiver']
['android.permission.RECEIVE_SMS', 'android.permission.SEND_SMS']
'''
# MY helper to extrac intents
def helper(obj,itemtype):
alista =[]
for name in obj:
for action,intent_name in apk.get_intent_filters(itemtype, name).items():
for intent in intent_name:
alista.append(intent)
return alista
# Intent filters
print(apk.get_providers())
print('=======================')
services = apk.get_services()
print (services)
print("MY =============INTENTS===")
print(helper(services,'service'))
receivers = apk.get_receivers()
r = []
for i in receivers:
r.append(i)
print(r)
