def execute_step_six(droidbox_time, source_folder, step_run_droidbox,
with_color):
"""
STEP 6 - Execute DroidBox
"""
if step_run_droidbox:
print_message("\n\n>>>> AndroPyTool -- STEP 6: Execute DroidBox\n",
with_color, "green")
analyze_with_droidbox(apks_folders=join_dir(source_folder,
APKS_DIRECTORY),
duration=droidbox_time,
output_directory=join_dir(
source_folder, DROIDBOX_RESULTS_FOLDER),
gui=DROIDBOX_GUI_MODE)
parse_droidbox_outputs(
source_folder=join_dir(source_folder, DROIDBOX_RESULTS_FOLDER),
output_droidbox=join_dir(source_folder, DYNAMIC_ANALYSIS_FOLDER,
DYNAMIC_DROIDBOX_ANALYSIS),
output_strace=join_dir(source_folder, DYNAMIC_ANALYSIS_FOLDER,
DYNAMIC_STRACE_ANALYSIS),
output_other=join_dir(source_folder, DROIDBOX_RESULTS_FOLDER))
# DroidBox changes the working directory, so let's set again the original directory:
os.chdir(CURRENT_DIRECTORY)
def execute_andro_py_tool_steps(source_folder,
step_filter_apks,
step_filter_bw_mw,
step_run_flowdroid,
step_run_droidbox,
save_single_analysis,
perform_nocleanup,
package_index,
class_index,
system_commands_index,
export_mongodb,
exportCSV,
with_color,
vt_threshold,
virus_total_api_key=None):
"""
This method is used to launch all the different modules implemented in AndroPyTool.
It generates a folder tree containing all generated reports and features files
Parameters
----------
:param source_folder: Source directory containing apks to extract features and perform analysis
:param step_filter_apks: If apks are filtered between valid or invalid apks using Androguard
:param virus_total_api_Key: VirusTotal service API key
:param step_filter_bw_mw: If apks are filtered between benignware and malware according to the Virustotal report
:param step_run_flowdroid: If flowdroid is executed with all the samples
:param step_run_droidbox: If droidbox is executed with all the samples
:param save_single_analysis: If an individual features report is generated for each sample
:param perform_nocleanup: If unnecesary files generated are removed
:param package_index: File describing Android API packages
:param class_index: File describing Android API classes
:param system_commands_index: File describing Android system commands
"""
################################################
# STEP 1 - Filter valid apks
################################################
if step_filter_apks:
print_message("\n\n>>>> AndroPyTool -- STEP 1: Filtering apks\n",
with_color, "green")
# print messagecolored("\n\n>>>> AndroPyTool -- STEP 1: Filtering apks\n", "green")
filter_valid_apks(
source_directory=source_folder,
valid_apks_directory=join_dir(source_folder, APKS_DIRECTORY),
invalid_apks_directory=join_dir(source_folder,
INVALID_APKS_DIRECTORY),
with_color=with_color)
sleep(1)
else:
# If this step is not executed, all samples must be moved to the /samples/ directory
if not os.path.exists(join_dir(source_folder, APKS_DIRECTORY)):
os.makedirs(join_dir(source_folder, APKS_DIRECTORY))
list_apks = [f for f in listdir(source_folder) if f.endswith(".apk")]
for apk in list_apks:
shutil.move(join_dir(source_folder, apk),
join_dir(source_folder, APKS_DIRECTORY, apk))
################################################
# STEP 2 - Analyse with VirusTotal
################################################
if virus_total_api_key is not None:
print_message(
"\n\n>>>> AndroPyTool -- STEP 2: Analysing with VirusTotal\n",
with_color, "green")
analyse_virustotal(
source_directory=join_dir(source_folder, APKS_DIRECTORY),
vt_analysis_output_folder=join_dir(source_folder,
VIRUSTOTAL_FOLDER),
output_samples_folder=join_dir(source_folder, APKS_DIRECTORY),
with_color=with_color,
vt_api_key=virus_total_api_key)
sleep(1)
################################################
# STEP 3 - Filtering BW & MW
################################################
if step_filter_bw_mw:
print_message("\n\n>>>> AndroPyTool -- STEP 3: Filtering BW and MW\n",
with_color, "green")
filter_apks(source_directory=join_dir(source_folder, APKS_DIRECTORY),
vt_analysis_directory=join_dir(source_folder,
VIRUSTOTAL_FOLDER),
bw_directory_name=join_dir(source_folder, BW_DIRECTORY),
mw_directory_name=join_dir(source_folder, MW_DIRECTORY),
threshold=vt_threshold)
sleep(1)
# NOW APKS ARE CONTAINED IN DIFFERENT SUBFOLDERS
################################################
# STEP 4 - Launch FlowDroid
################################################
if step_run_flowdroid:
print_message("\n\n>>>> AndroPyTool -- STEP 4: Launching FlowDroid\n",
with_color, "green")
run_flowdroid(source_directory=join_dir(source_folder, APKS_DIRECTORY),
output_folder=join_dir(source_folder,
FLOWDROID_RESULTS_FOLDER),
with_color=with_color)
sleep(1)
################################################
# STEP 5 - Process FlowDroid outputs
################################################
if step_run_flowdroid:
print_message(
"\n\n>>>> AndroPyTool -- STEP 5: Processing FlowDroid outputs\n",
with_color, "green")
process_flowdroid_outputs(
flowdroid_analyses_folder=join_dir(source_folder,
FLOWDROID_RESULTS_FOLDER),
output_folder_individual_csv=join_dir(source_folder,
FLOWDROID_PROCESSED_FOLDER),
output_csv_file=join_dir(source_folder, FLOWDROID_PROCESSED_FOLDER,
OUTPUT_GLOBAL_FILE_FLOWDROID),
with_color=with_color)
sleep(1)
################################################
# STEP 6 - Execute DroidBox
################################################
if step_run_droidbox:
print_message("\n\n>>>> AndroPyTool -- STEP 6: Execute DroidBox\n",
with_color, "green")
analyze_with_droidbox(apks_folders=join_dir(source_folder,
APKS_DIRECTORY),
duration=DROIDBOX_ANALYSIS_DURATION,
output_directory=join_dir(
source_folder, DROIDBOX_RESULTS_FOLDER),
gui=DROIDBOX_GUI_MODE)
parse_droidbox_outputs(
source_folder=join_dir(source_folder, DROIDBOX_RESULTS_FOLDER),
output_droidbox=join_dir(source_folder, DYNAMIC_ANALYSIS_FOLDER,
DYNAMIC_DROIDBOX_ANALYSIS),
output_strace=join_dir(source_folder, DYNAMIC_ANALYSIS_FOLDER,
DYNAMIC_STRACE_ANALYSIS),
output_other=join_dir(source_folder, DROIDBOX_RESULTS_FOLDER))
#selectDynamic()
# DroidBox changes the working directory, so let's set again the original directory:
os.chdir(CURRENT_DIRECTORY)
################################################
# STEP 7 - Features extraction
################################################
print_message(
"\n\n>>>> AndroPyTool -- STEP 7: Execute features extraction\n",
with_color, "green")
features_extractor(
apks_directory=join_dir(source_folder, APKS_DIRECTORY),
single_analysis=save_single_analysis,
dynamic_analysis_folder=join_dir(source_folder,
DYNAMIC_ANALYSIS_FOLDER),
virus_total_reports_folder=join_dir(source_folder, VIRUSTOTAL_FOLDER),
flowdroid_folder=join_dir(source_folder, FLOWDROID_PROCESSED_FOLDER),
output_folder=join_dir(source_folder, FEATURES_FILES),
noclean_up=perform_nocleanup,
package_index_file=package_index,
classes_index_file=class_index,
system_commands_file=system_commands_index,
label=None,
avclass=True,
export_mongodb=export_mongodb,
export_csv=exportCSV)
if step_run_flowdroid or step_run_droidbox:
selectStatic(source_folder=source_folder,
features_file=FEATURES_FILES,
flowdroid_resuilts_folder=FLOWDROID_RESULTS_FOLDER,
flowdroid_processed_folder=FLOWDROID_PROCESSED_FOLDER,
select_features_static=SELECT_FEATURES_STATIC)