def androsign_main(args_apk, args_hash, args_all, show): from androguard.core.bytecodes.apk import APK from androguard.util import get_certificate_name_string import hashlib import traceback from colorama import Fore, Style from asn1crypto import x509 # Keep the list of hash functions in sync with cli/entry_points.py:sign hashfunctions = dict(md5=hashlib.md5, sha1=hashlib.sha1, sha256=hashlib.sha256, sha512=hashlib.sha512, ) if args_hash.lower() not in hashfunctions: print("Hash function {} not supported!" .format(args_hash.lower()), file=sys.stderr) print("Use one of {}" .format(", ".join(hashfunctions.keys())), file=sys.stderr) sys.exit(1) for path in args_apk: try: a = APK(path) print("{}, package: '{}'".format(os.path.basename(path), a.get_package())) print("Is signed v1: {}".format(a.is_signed_v1())) print("Is signed v2: {}".format(a.is_signed_v2())) certs = set(a.get_certificates_der_v2() + [a.get_certificate_der(x) for x in a.get_signature_names()]) if len(certs) > 0: print("Found {} unique certificates".format(len(certs))) for cert in certs: if show: x509_cert = x509.Certificate.load(cert) print("Issuer:", get_certificate_name_string(x509_cert.issuer, short=True)) print("Subject:", get_certificate_name_string(x509_cert.subject, short=True)) print("Serial Number:", hex(x509_cert.serial_number)) print("Hash Algorithm:", x509_cert.hash_algo) print("Signature Algorithm:", x509_cert.signature_algo) print("Valid not before:", x509_cert['tbs_certificate']['validity']['not_before'].native) print("Valid not after:", x509_cert['tbs_certificate']['validity']['not_after'].native) if not args_all: print("{} {}".format(args_hash.lower(), hashfunctions[args_hash.lower()](cert).hexdigest())) else: for k, v in hashfunctions.items(): print("{} {}".format(k, v(cert).hexdigest())) print() except: print(Fore.RED + "Error in {}".format(os.path.basename(path)) + Style.RESET_ALL, file=sys.stderr) traceback.print_exc(file=sys.stderr) if len(args_apk) > 1: print()
def main(): parser = get_parser() args = parser.parse_args() hashfunctions = dict(md5=hashlib.md5, sha1=hashlib.sha1, sha256=hashlib.sha256, sha512=hashlib.sha512, ) if args.hash.lower() not in hashfunctions: print("Hash function {} not supported!".format(args.hash.lower()), file=sys.stderr) print("Use one of {}".format(", ".join(hashfunctions.keys())), file=sys.stderr) sys.exit(1) for path in args.apk: try: a = APK(path) print("{}, package: '{}'".format(os.path.basename(path), a.get_package())) print("Is signed v1: {}".format(a.is_signed_v1())) print("Is signed v2: {}".format(a.is_signed_v2())) certs = set(a.get_certificates_der_v2() + [a.get_certificate_der(x) for x in a.get_signature_names()]) if len(certs) > 0: print("Found {} unique certificates".format(len(certs))) for cert in certs: if args.show: x509_cert = x509.Certificate.load(cert) print("Issuer:", get_certificate_name_string(x509_cert.issuer, short=True)) print("Subject:", get_certificate_name_string(x509_cert.subject, short=True)) print("Serial Number:", hex(x509_cert.serial_number)) print("Hash Algorithm:", x509_cert.hash_algo) print("Signature Algorithm:", x509_cert.signature_algo) print("Valid not before:", x509_cert['tbs_certificate']['validity']['not_before'].native) print("Valid not after:", x509_cert['tbs_certificate']['validity']['not_after'].native) if not args.all: print("{} {}".format(args.hash.lower(), hashfunctions[args.hash.lower()](cert).hexdigest())) else: for k, v in hashfunctions.items(): print("{} {}".format(k, v(cert).hexdigest())) print() except: print(Fore.RED + "Error in {}".format(os.path.basename(path)) + Style.RESET_ALL, file=sys.stderr) traceback.print_exc(file=sys.stderr) if len(args.apk) > 1: print()
def __init__(self, cert): x509_cert = x509.Certificate.load(cert) self.issuer = get_certificate_name_string(x509_cert.issuer, short=True) self.subject = get_certificate_name_string(x509_cert.subject, short=True) self.serial_num = hex(x509_cert.serial_number) self.hash_algo = x509_cert.hash_algo self.sign_algo = x509_cert.signature_algo self.valid_not_before = x509_cert['tbs_certificate']['validity'][ 'not_before'].native self.valid_not_after = x509_cert['tbs_certificate']['validity'][ 'not_after'].native self.hashes = self.__compute_hashes__(cert)
def androguard_certinfo(app_dir, app_file): """Return certificate information.""" certlist = [] apk_file = os.path.join(app_dir, app_file) hashfunctions = dict( md5=hashlib.md5, sha1=hashlib.sha1, sha256=hashlib.sha256, sha512=hashlib.sha512, ) a = APK(apk_file) certlist.append("v1: {}".format(a.is_signed_v1())) certlist.append("v2: {}".format(a.is_signed_v2())) certlist.append("v3: {}".format(a.is_signed_v3())) certs = set(a.get_certificates_der_v3() + a.get_certificates_der_v2() + [a.get_certificate_der(x) for x in a.get_signature_names()]) pkeys = set(a.get_public_keys_der_v3() + a.get_public_keys_der_v2()) for cert in certs: x509_cert = x509.Certificate.load(cert) certlist.append("Subject: {}".format( get_certificate_name_string(x509_cert.subject, short=True))) certlist.append("Signature Algorithm: {}".format( x509_cert.signature_algo)) certlist.append("Valid From: {}".format( x509_cert['tbs_certificate']['validity']['not_before'].native)) certlist.append("Valid To: {}".format( x509_cert['tbs_certificate']['validity']['not_after'].native)) certlist.append("Issuer: {}".format( get_certificate_name_string(x509_cert.issuer, short=True))) certlist.append("Serial Number: {}".format(hex( x509_cert.serial_number))) certlist.append("Hash Algorithm: {}".format(x509_cert.hash_algo)) for k, v in hashfunctions.items(): certlist.append("{} {}".format(k, v(cert).hexdigest())) for public_key in pkeys: x509_public_key = keys.PublicKeyInfo.load(public_key) certlist.append("PublicKey Algorithm: {}".format( x509_public_key.algorithm)) certlist.append("Bit Size: {}".format(x509_public_key.bit_size)) certlist.append("Fingerprint: {}".format( binascii.hexlify(x509_public_key.fingerprint).decode("utf-8"))) try: certlist.append("Hash Algorithm: {}".format( x509_public_key.hash_algo)) except ValueError as ve: # RSA pkey does not have an hash algorithm pass return '\n'.join(certlist)
def show_Certificate(cert, short=False): """ Print Fingerprints, Issuer and Subject of an X509 Certificate. :param cert: X509 Certificate to print :param short: Print in shortform for DN (Default: False) :type cert: :class:`cryptography.x509.Certificate` :type short: Boolean """ for h in [hashes.MD5, hashes.SHA1, hashes.SHA256, hashes.SHA512]: print("{}: {}".format(h.name, binascii.hexlify(cert.fingerprint(h())).decode("ascii"))) print("Issuer: {}".format(get_certificate_name_string(cert.issuer, short=short))) print("Subject: {}".format(get_certificate_name_string(cert.subject, short=short)))
def show_Certificate(cert, short=False): """ Print Fingerprints, Issuer and Subject of an X509 Certificate. :param cert: X509 Certificate to print :param short: Print in shortform for DN (Default: False) :type cert: :class:`asn1crypto.x509.Certificate` :type short: Boolean """ print("SHA1 Fingerprint: {}".format(cert.sha1_fingerprint)) print("SHA256 Fingerprint: {}".format(cert.sha256_fingerprint)) print("Issuer: {}".format(get_certificate_name_string(cert.issuer.native, short=short))) print("Subject: {}".format(get_certificate_name_string(cert.subject.native, short=short)))
def show_Certificate(cert, short=False): """ Print Fingerprints, Issuer and Subject of an X509 Certificate. :param cert: X509 Certificate to print :param short: Print in shortform for DN (Default: False) :type cert: :class:`asn1crypto.x509.Certificate` :type short: Boolean """ print("SHA1 Fingerprint: {}".format(cert.sha1_fingerprint)) print("SHA256 Fingerprint: {}".format(cert.sha256_fingerprint)) print("Issuer: {}".format(get_certificate_name_string(cert.issuer.native, short=short))) print("Subject: {}".format(get_certificate_name_string(cert.issuer.native, short=short)))
def getSign(): certs = set(targeApk.get_certificates_der_v2() + [ targeApk.get_certificate_der(x) for x in targeApk.get_signature_names() ]) for cert in certs: x509_cert = x509.Certificate.load(cert) Issuer = get_certificate_name_string(x509_cert.issuer.native, short=True) SerialNumber = hex(x509_cert.serial_number).upper().strip("0X") signMd5 = hashlib.md5(cert).hexdigest().upper() signSha1 = hashlib.sha1(cert).hexdigest().upper() return { "Issuer": Issuer, "SerialNumber": SerialNumber, "signMd5": signMd5, "signSha1": signSha1 }
def getSign(): certs = set(targeApk.get_certificates_der_v2() + [ targeApk.get_certificate_der(x) for x in targeApk.get_signature_names() ]) for cert in certs: x509_cert = x509.Certificate.load(cert) #print(x509_cert.issuer.human_friendly) #print("Issuer:", get_certificate_name_string(x509_cert.issuer, short=True)) #rawIssuer = x509_cert['tbs_certificate']['issuer'].native #Issuer="CN="+ rawIssuer['country_name'] +", OU="+rawIssuer["organizational_unit_name"]+", O="+rawIssuer["organization_name"]\ # +", L="+rawIssuer["locality_name"]+", ST="+rawIssuer["state_or_province_name"]+", C="+rawIssuer["country_name"] Issuer = get_certificate_name_string(x509_cert.issuer.native, short=True) SerialNumber = hex(x509_cert.serial_number).upper().strip("0X") signMd5 = hashlib.md5(cert).hexdigest().upper() signSha1 = hashlib.sha1(cert).hexdigest().upper() return { "Issuer": Issuer, "SerialNumber": SerialNumber, "signMd5": signMd5, "signSha1": signSha1 }
def cert_info(app_dir, app_file): """Return certificate information.""" try: logger.info('Reading Code Signing Certificate') manifestfile = None manidat = '' cert_info = '' certlist = [] cert_path = os.path.join(app_dir, 'META-INF/') apk_file = os.path.join(app_dir, app_file) hashfunctions = { 'md5': hashlib.md5, 'sha1': hashlib.sha1, 'sha256': hashlib.sha256, 'sha512': hashlib.sha512, } files = [ f for f in os.listdir(cert_path) if os.path.isfile(os.path.join(cert_path, f)) ] a = APK(apk_file) if a.is_signed(): certlist.append('APK is signed') else: certlist.append('Missing certificate') certlist.append('v1 signature: {}'.format(a.is_signed_v1())) certlist.append('v2 signature: {}'.format(a.is_signed_v2())) certlist.append('v3 signature: {}'.format(a.is_signed_v3())) certs = set( a.get_certificates_der_v3() + a.get_certificates_der_v2() + [a.get_certificate_der(x) for x in a.get_signature_names()]) pkeys = set(a.get_public_keys_der_v3() + a.get_public_keys_der_v2()) if len(certs) > 0: certlist.append('Found {} unique certificates'.format(len(certs))) for cert in certs: x509_cert = x509.Certificate.load(cert) certlist.append('Subject: {}'.format( get_certificate_name_string(x509_cert.subject, short=True))) certlist.append('Signature Algorithm: {}'.format( x509_cert.signature_algo)) certlist.append('Valid From: {}'.format( x509_cert['tbs_certificate']['validity']['not_before'].native)) certlist.append('Valid To: {}'.format( x509_cert['tbs_certificate']['validity']['not_after'].native)) certlist.append('Issuer: {}'.format( get_certificate_name_string(x509_cert.issuer, short=True))) certlist.append('Serial Number: {}'.format( hex(x509_cert.serial_number))) certlist.append('Hash Algorithm: {}'.format(x509_cert.hash_algo)) for k, v in hashfunctions.items(): certlist.append('{}: {}'.format(k, v(cert).hexdigest())) for public_key in pkeys: x509_public_key = asymmetric.load_public_key(public_key) certlist.append('PublicKey Algorithm: {}'.format( x509_public_key.algorithm)) certlist.append('Bit Size: {}'.format(x509_public_key.bit_size)) certlist.append('Fingerprint: {}'.format( binascii.hexlify(x509_public_key.fingerprint).decode('utf-8'))) cert_info = '\n'.join(certlist) if 'MANIFEST.MF' in files: manifestfile = os.path.join(cert_path, 'MANIFEST.MF') if manifestfile: with open(manifestfile, 'r', encoding='utf-8') as manifile: manidat = manifile.read() sha256_digest = bool(re.findall(r'SHA-256-Digest', manidat)) findings = [] if a.is_signed(): findings.append(('good', 'Application is signed with a code ' 'signing certificate')) else: findings.append(('bad', 'Code signing certificate not found')) if a.is_signed_v1(): status = 'bad' if a.is_signed_v2() or a.is_signed_v3(): status = 'warning' findings.append( (status, 'Application is signed with v1 signature scheme, ' 'making it vulnerable to Janus vulnerability on ' 'Android <7.0')) if re.findall(r'CN=Android Debug', cert_info): findings.append( ('bad', 'Application signed with a debug certificate. ' 'Production application must not be shipped ' 'with a debug certificate.')) if re.findall(r'Hash Algorithm: sha1', cert_info): status = 'bad' desc = ('Application is signed with SHA1withRSA. ' 'SHA1 hash algorithm is known to have ' 'collision issues.') if sha256_digest: status = 'warning' desc += (' The manifest file indicates SHA256withRSA' ' is in use.') findings.append((status, desc)) cert_dic = { 'certificate_info': cert_info, 'certificate_findings': findings, } return cert_dic except Exception: logger.exception('Reading Code Signing Certificate') return {}
def androsign_main(args_apk, args_hash, args_all, show): from androguard.core.bytecodes.apk import APK from androguard.util import get_certificate_name_string import hashlib import binascii import traceback from colorama import Fore, Style from asn1crypto import x509, keys from oscrypto import asymmetric # Keep the list of hash functions in sync with cli/entry_points.py:sign hashfunctions = dict(md5=hashlib.md5, sha1=hashlib.sha1, sha256=hashlib.sha256, sha512=hashlib.sha512, ) if args_hash.lower() not in hashfunctions: print("Hash function {} not supported!" .format(args_hash.lower()), file=sys.stderr) print("Use one of {}" .format(", ".join(hashfunctions.keys())), file=sys.stderr) sys.exit(1) for path in args_apk: try: a = APK(path) print("{}, package: '{}'".format(os.path.basename(path), a.get_package())) print("Is signed v1: {}".format(a.is_signed_v1())) print("Is signed v2: {}".format(a.is_signed_v2())) print("Is signed v3: {}".format(a.is_signed_v3())) certs = set(a.get_certificates_der_v3() + a.get_certificates_der_v2() + [a.get_certificate_der(x) for x in a.get_signature_names()]) pkeys = set(a.get_public_keys_der_v3() + a.get_public_keys_der_v2()) if len(certs) > 0: print("Found {} unique certificates".format(len(certs))) for cert in certs: if show: x509_cert = x509.Certificate.load(cert) print("Issuer:", get_certificate_name_string(x509_cert.issuer, short=True)) print("Subject:", get_certificate_name_string(x509_cert.subject, short=True)) print("Serial Number:", hex(x509_cert.serial_number)) print("Hash Algorithm:", x509_cert.hash_algo) print("Signature Algorithm:", x509_cert.signature_algo) print("Valid not before:", x509_cert['tbs_certificate']['validity']['not_before'].native) print("Valid not after:", x509_cert['tbs_certificate']['validity']['not_after'].native) if not args_all: print("{} {}".format(args_hash.lower(), hashfunctions[args_hash.lower()](cert).hexdigest())) else: for k, v in hashfunctions.items(): print("{} {}".format(k, v(cert).hexdigest())) print() if len(certs) > 0: print("Found {} unique public keys associated with the certs".format(len(pkeys))) for public_key in pkeys: if show: x509_public_key = asymmetric.load_public_key(public_key) print("PublicKey Algorithm:", x509_public_key.algorithm) print("Bit Size:", x509_public_key.bit_size) print("Fingerprint:", binascii.hexlify(x509_public_key.fingerprint)) try: print("Hash Algorithm:", hash_algo(x509_public_key)) except ValueError as ve: # RSA pkey does not have an hash algorithm pass print() except: print(Fore.RED + "Error in {}".format(os.path.basename(path)) + Style.RESET_ALL, file=sys.stderr) traceback.print_exc(file=sys.stderr) if len(args_apk) > 1: print()
def main(): parser = get_parser() args = parser.parse_args() hashfunctions = dict( md5=hashlib.md5, sha1=hashlib.sha1, sha256=hashlib.sha256, sha512=hashlib.sha512, ) if args.hash.lower() not in hashfunctions: print("Hash function {} not supported!".format(args.hash.lower()), file=sys.stderr) print("Use one of {}".format(", ".join(hashfunctions.keys())), file=sys.stderr) sys.exit(1) for path in args.apk: try: a = APK(path) print("{}, package: '{}'".format(os.path.basename(path), a.get_package())) print("Is signed v1: {}".format(a.is_signed_v1())) print("Is signed v2: {}".format(a.is_signed_v2())) certs = set( a.get_certificates_der_v2() + [a.get_certificate_der(x) for x in a.get_signature_names()]) if len(certs) > 0: print("Found {} unique certificates".format(len(certs))) for cert in certs: if args.show: x509_cert = x509.Certificate.load(cert) print( "Issuer:", get_certificate_name_string(x509_cert.issuer, short=True)) print( "Subject:", get_certificate_name_string(x509_cert.subject, short=True)) print("Serial Number:", hex(x509_cert.serial_number)) print("Hash Algorithm:", x509_cert.hash_algo) print("Signature Algorithm:", x509_cert.signature_algo) print( "Valid not before:", x509_cert['tbs_certificate'] ['validity']['not_before'].native) print( "Valid not after:", x509_cert['tbs_certificate'] ['validity']['not_after'].native) if not args.all: print("{} {}".format( args.hash.lower(), hashfunctions[args.hash.lower()](cert).hexdigest())) else: for k, v in hashfunctions.items(): print("{} {}".format(k, v(cert).hexdigest())) print() except: print(Fore.RED + "Error in {}".format(os.path.basename(path)) + Style.RESET_ALL, file=sys.stderr) traceback.print_exc(file=sys.stderr) if len(args.apk) > 1: print()
async def main(): all_info = get_all_info("副本.docx") await asyncio.sleep(2) browser = await launch(headless=False) # headless=False,devtools=True shoppage = await browser.newPage() await shoppage.setViewport({'width': 1000, 'height': 1200}) ##### 登记发布页面是否存在 print("选择题开始,请谨慎选择!!\n") for i, info in enumerate(all_info): worksheet.write(i + 1, 0, time.strftime('%Y-%m-%d')) worksheet.write(i + 1, 1, XXbank) try: await shoppage.goto(info[1], waitUntil='documentloaded') except: worksheet.write(i+1, 11, "无") continue await asyncio.sleep(0.5) await shoppage.addScriptTag(path="inject.js") isAvailable = await shoppage.evaluate("() => window.__shi") isAvailable = info[1] if isAvailable else "无" print(isAvailable) worksheet.write(i + 1, 11, isAvailable) await shoppage.close() await browser.close() print("选择题结束,开始逐个下载\n") if os.path.exists("out"): shutil.rmtree("out", ignore_errors=True) else: os.mkdir("out") await asyncio.sleep(1) for i, info in enumerate(all_info): print("开始下载:"+ info[2]) canDown = True try: urlretrieve(info[2], "./out/cur.apk") except: canDown = False print("!!!该链接无法下载!!!\n") worksheet.write(i + 1, 5, info[2]) worksheet.write(i + 1, 6, "!!!待定") worksheet.write(i + 1, 9, "下载链接待人工确定") if canDown: with open("./out/cur.apk", "rb") as f: file = f.read() curapk = apk.APK(file, True) appname = curapk.get_app_name() certs = set(curapk.get_certificates_der_v2() + [curapk.get_certificate_der(x) for x in curapk.get_signature_names()]) Issuer, signMd5 = "", "" for cert in certs: x509_cert = x509.Certificate.load(cert) Issuer = get_certificate_name_string(x509_cert.issuer.native, short=True) signMd5 = hashlib.md5(cert).hexdigest().upper() apkmd5 = hashlib.md5(file).hexdigest().upper() ###文件命名方式: 第几行_应用商店_MD5.apk,方便检索、对比 newname= "./out/" + str(i+2) + "_" + info[0] + "_" + apkmd5 + ".apk" print("###### 当前apk信息 #######") print("\t应用名:" + appname) print("\tMD5:" + apkmd5) print("\t签名:" + Issuer) print("\t签名MD5:" + signMd5) print() os.rename("./out/cur.apk", newname) await asyncio.sleep(0.3) worksheet.write(i + 1, 2, appname) worksheet.write(i + 1, 3, apkmd5) worksheet.write(i + 1, 4, info[0]) worksheet.write(i + 1, 5, info[2]) worksheet.write(i + 1, 6, "是") worksheet.write(i + 1, 10, "是") worksheet.write(i + 1, 12, Issuer) worksheet.write(i + 1, 13, signMd5) workbook.save("最终结果.xls")
def cert_info(app_dir, app_file): """Return certificate information.""" try: logger.info('Reading Code Signing Certificate') issued = '' manidat = '' certlist = [] cert_path = os.path.join(app_dir, 'META-INF/') apk_file = os.path.join(app_dir, app_file) hashfunctions = { 'md5': hashlib.md5, 'sha1': hashlib.sha1, 'sha256': hashlib.sha256, 'sha512': hashlib.sha512, } files = [ f for f in os.listdir(cert_path) if os.path.isfile(os.path.join(cert_path, f)) ] a = APK(apk_file) if a.is_signed(): certlist.append('APK is signed') else: certlist.append('Missing certificate') certlist.append('v1 signature: {}'.format(a.is_signed_v1())) certlist.append('v2 signature: {}'.format(a.is_signed_v2())) certlist.append('v3 signature: {}'.format(a.is_signed_v3())) certs = set( a.get_certificates_der_v3() + a.get_certificates_der_v2() + [a.get_certificate_der(x) for x in a.get_signature_names()]) pkeys = set(a.get_public_keys_der_v3() + a.get_public_keys_der_v2()) if len(certs) > 0: certlist.append('Found {} unique certificates'.format(len(certs))) for cert in certs: x509_cert = x509.Certificate.load(cert) certlist.append('Subject: {}'.format( get_certificate_name_string(x509_cert.subject, short=True))) certlist.append('Signature Algorithm: {}'.format( x509_cert.signature_algo)) certlist.append('Valid From: {}'.format( x509_cert['tbs_certificate']['validity']['not_before'].native)) certlist.append('Valid To: {}'.format( x509_cert['tbs_certificate']['validity']['not_after'].native)) certlist.append('Issuer: {}'.format( get_certificate_name_string(x509_cert.issuer, short=True))) certlist.append('Serial Number: {}'.format( hex(x509_cert.serial_number))) certlist.append('Hash Algorithm: {}'.format(x509_cert.hash_algo)) for k, v in hashfunctions.items(): certlist.append('{}: {}'.format(k, v(cert).hexdigest())) for public_key in pkeys: x509_public_key = keys.PublicKeyInfo.load(public_key) certlist.append('PublicKey Algorithm: {}'.format( x509_public_key.algorithm)) certlist.append('Bit Size: {}'.format(x509_public_key.bit_size)) certlist.append('Fingerprint: {}'.format( binascii.hexlify(x509_public_key.fingerprint).decode('utf-8'))) try: certlist.append('Hash Algorithm: {}'.format( x509_public_key.hash_algo)) except ValueError: pass certlist = '\n'.join(certlist) if a.is_signed(): issued = 'good' else: issued = 'missing' if re.findall(r'CN=Android Debug', certlist): issued = 'bad' if re.findall(r'Hash Algorithm: sha1', certlist): issued = 'bad hash' if 'MANIFEST.MF' in files: manifestfile = os.path.join(cert_path, 'MANIFEST.MF') if manifestfile: with open(manifestfile, 'r', encoding='utf-8') as manifile: manidat = manifile.read() sha256_digest = bool(re.findall(r'SHA-256-Digest', manidat)) cert_dic = { 'cert_info': certlist, 'issued': issued, 'sha256Digest': sha256_digest, } return cert_dic except Exception: logger.exception('Reading Code Signing Certificate')
def analyze(path): try: start = process_time() hashfunctions = dict(md5=hashlib.md5, sha1=hashlib.sha1, sha256=hashlib.sha256, sha512=hashlib.sha512) a = APK(path) certs = set( a.get_certificates_der_v3() + a.get_certificates_der_v2() + [a.get_certificate_der(x) for x in a.get_signature_names()]) for cert in certs: x509_cert = x509.Certificate.load(cert) issuer = { 'commonName': None, 'organizationName': None, 'organizationalUnitName': None, 'countryName': None, 'stateOrProvinceName': None, 'localityName': None } subject = { 'commonName': None, 'organizationName': None, 'organizationalUnitName': None, 'countryName': None, 'stateOrProvinceName': None, 'localityName': None } strIssuer = get_certificate_name_string(x509_cert.issuer, short=False) strSubject = get_certificate_name_string(x509_cert.subject, short=False) arrIssuer = strIssuer.split(',') for i in arrIssuer: if i.lstrip().split('=')[0] == 'commonName': issuer['commonName'] = i.lstrip().split('=')[1] elif i.lstrip().split('=')[0] == 'organizationName': issuer['organizationName'] = i.lstrip().split('=')[1] elif i.lstrip().split('=')[0] == 'organizationalUnitName': issuer['organizationalUnitName'] = i.lstrip().split('=')[1] elif i.lstrip().split('=')[0] == 'countryName': issuer['countryName'] = i.lstrip().split('=')[1] elif i.lstrip().split('=')[0] == 'stateOrProvinceName': issuer['stateOrProvinceName'] = i.lstrip().split('=')[1] elif i.lstrip().split('=')[0] == 'localityName': issuer['localityName'] = i.lstrip().split('=')[1] arrSubject = strSubject.split(',') for i in arrSubject: if i.lstrip().split('=')[0] == 'commonName': subject['commonName'] = i.lstrip().split('=')[1] elif i.lstrip().split('=')[0] == 'organizationName': subject['organizationName'] = i.lstrip().split('=')[1] elif i.lstrip().split('=')[0] == 'organizationalUnitName': subject['organizationalUnitName'] = i.lstrip().split( '=')[1] elif i.lstrip().split('=')[0] == 'countryName': subject['countryName'] = i.lstrip().split('=')[1] elif i.lstrip().split('=')[0] == 'stateOrProvinceName': subject['stateOrProvinceName'] = i.lstrip().split('=')[1] elif i.lstrip().split('=')[0] == 'localityName': subject['localityName'] = i.lstrip().split('=')[1] for k, v in hashfunctions.items(): if k == 'md5': md5 = v(cert).hexdigest() elif k == 'sha1': sha1 = v(cert).hexdigest() elif k == 'sha256': sha256 = v(cert).hexdigest() elif k == 'sha512': sha512 = v(cert).hexdigest() md5 = md5 appName = a.get_app_name() fileSize = os.stat(a.get_filename()).st_size sha1 = sha1 sha256 = sha256 sha512 = sha512 timestamp = time.time() dateTime = datetime.fromtimestamp(timestamp) timeOfSubmit = dateTime.strftime("%Y-%m-%d %H:%M:%S") package = a.get_package() androidversionCode = a.get_androidversion_code() androidversionName = a.get_androidversion_name() minSDKVersion = a.get_min_sdk_version() maxSDKVersion = a.get_max_sdk_version() targetSDKVersion = a.get_target_sdk_version() mainActivity = a.get_main_activity() attributes = { 'validFrom': x509_cert['tbs_certificate']['validity'] ['not_before'].native.strftime("%Y-%m-%d %H:%M:%S"), 'validTo': x509_cert['tbs_certificate']['validity'] ['not_after'].native.strftime("%Y-%m-%d %H:%M:%S"), 'serialNumber': hex(x509_cert.serial_number), 'hashAlgorithm': x509_cert.hash_algo, 'signatureAlgorithm': x509_cert.signature_algo } certificateAttributes = json.dumps(attributes) certificateIssuer = json.dumps(issuer) certificateSubject = json.dumps(subject) declaredPermissions = json.dumps(a.get_declared_permissions()) requestedPermissions = json.dumps(a.get_permissions()) activities = json.dumps(a.get_activities()) services = json.dumps(a.get_services()) receivers = json.dumps(a.get_receivers()) providers = json.dumps(a.get_providers()) stop = process_time() analysisTime = stop - start connect = mysql.connect() cursor = connect.cursor() sql = "INSERT INTO tbl_apkinfo (md5, appName, fileSize, analysisTime, sha1, sha256, sha512, firstSubmission, lastSubmission, package, androidversionCode, androidversionName, minSDKVersion, maxSDKVersion, targetSDKVersion, mainActivity, certificateAttributes, certificateIssuer, certificateSubject, declaredPermissions, requestedPermissions, activities, services, providers, receivers) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)" param = (md5, appName, fileSize, analysisTime, sha1, sha256, sha512, timeOfSubmit, timeOfSubmit, package, androidversionCode, androidversionName, minSDKVersion, maxSDKVersion, targetSDKVersion, mainActivity, certificateAttributes, certificateIssuer, certificateSubject, declaredPermissions, requestedPermissions, activities, services, providers, receivers) cursor.execute(sql, param) connect.commit() connect.close() androaxml_main(path, os.path.join(app.config['OUTPUT_PATH'], md5 + '.xml')) return True except: return False