def __init__(self, path): #obj = UnzipAPK(r"g:\sample\com.snda.youni_181843.apk") obj = UnzipAPK(path) self.manifest_info = obj.unpackxml() self.packagename = "" self.minSdkVersion = 0 #获取packagename、minSdkVersion self.get_manifest_info() obj.deleteTmpDirs()
def check_protectflag(self): self.protectflag = "" obj = UnzipAPK(self.apkPath) dir_name = {} file_name = {} activites = self.getactivity(self.apkPath) class_names = obj.getclassname() all_file_name, all_dir_name = obj.getallname() for file in all_file_name: file_name[file] = "" for dir in all_dir_name: dir_name[dir] = "" for key in self.protectflag_dict.keys(): if file_name.has_key(key): self.protectflag = self.protectflag + self.protectflag_dict[key] if file_name.has_key("key.dat") and all_dir_name.has_key( "apkprotect.com"): if self.protectflag == "" or (_translate("ProtectDictionary", "APKProtect加固", None) not in self.protectflag): self.protectflag = self.protectflag + _translate( "ProtectDictionary", "APKProtect加固", None) if self.protectflag != "": return self.protectflag else: self.flag = 0 for activity in activites.keys(): # self.flag = 0 if class_names.has_key(activity): pass else: self.flag = 1 if self.protectflag == "" and self.flag == 1: self.protectflag = _translate("ProtectDictionary", "疑似未知加密", None) if self.protectflag == "": self.protectflag = _translate("ProtectDictionary", "该APK未加密", None) return self.protectflag
def check_protectflag(self): self.protectflag = "" obj = UnzipAPK(self.apkPath) dir_name = {} file_name = {} activites = self.getactivity(self.apkPath) class_names = obj.getclassname() all_file_name, all_dir_name = obj.getallname() for file in all_file_name: file_name[file] = "" for dir in all_dir_name: dir_name[dir] = "" for key in self.protectflag_dict.keys(): if file_name.has_key(key): self.protectflag = self.protectflag + self.protectflag_dict[key] if file_name.has_key("key.dat") and all_dir_name.has_key("apkprotect.com"): if self.protectflag == "" or (_translate("ProtectDictionary", "APKProtect加固", None) not in self.protectflag): self.protectflag = self.protectflag + _translate("ProtectDictionary", "APKProtect加固", None) if self.protectflag != "": return self.protectflag else: self.flag = 0 for activity in activites.keys(): # self.flag = 0 if class_names.has_key(activity): pass else: self.flag = 1 if self.protectflag == "" and self.flag == 1: self.protectflag = _translate("ProtectDictionary", "疑似未知加密", None) if self.protectflag == "": self.protectflag = _translate("ProtectDictionary", "该APK未加密", None) return self.protectflag
def __init__(self, apk_path, unzip_path): self.apk_path = apk_path self.unzip_path = unzip_path self.protectflag = "Unprocessed" self.protectflag_dict = { "libsecexe.so": "Bangcle", "libAPKProtect.so": "APKProtect", "libprotectClass.so": "360", "libNSaferOnly.so": "PayEgis", "libnqshield.so": "Netqin", "libshell.so": "Tencent", "ijiami.dat": "ijiami", "libddog.so": "Nagain", "libmobisec.so": "Ali", "libbaiduprotect.so": "Baidu", } self.standard_ratio = 0.6 self.unzip_apk_obj = UnzipAPK(self.apk_path, self.unzip_path) self.package_name = self.unzip_apk_obj.get_package_name() self.check_protectflag()
class CheckProtect: def __init__(self, apk_path, unzip_path): self.apk_path = apk_path self.unzip_path = unzip_path self.protectflag = "Unprocessed" self.protectflag_dict = { "libsecexe.so": "Bangcle", "libAPKProtect.so": "APKProtect", "libprotectClass.so": "360", "libNSaferOnly.so": "PayEgis", "libnqshield.so": "Netqin", "libshell.so": "Tencent", "ijiami.dat": "ijiami", "libddog.so": "Nagain", "libmobisec.so": "Ali", "libbaiduprotect.so": "Baidu", } self.standard_ratio = 0.6 self.unzip_apk_obj = UnzipAPK(self.apk_path, self.unzip_path) self.package_name = self.unzip_apk_obj.get_package_name() self.check_protectflag() def check_protectflag(self): self.protectflag = "" activities = self.unzip_apk_obj.get_activities() class_names = self.unzip_apk_obj.get_class_name() all_file_name, all_dir_name = self.unzip_apk_obj.get_all_name() hints = self.protectflag_dict.keys() self.protectflag += " ".join([self.protectflag_dict[hint] for hint in hints if hint in all_file_name]) if "com.qihoo.util.StubApplication" in class_names: if self.protectflag == "": self.protectflag = "Qihoo" else: self.protectflag = self.protectflag + " " + "Qihoo" if "key.dat" in all_file_name and "apkprotect.com" in all_dir_name: if "APKProtect" not in self.protectflag: self.protectflag = " ".join([self.protectflag, "APKProtect"]) class_set = set(class_names) activity_set = set(activities) exclude_set = activity_set - class_set print exclude_set class_num = len(class_set) activity_num = len(activity_set) exclude_num = len(exclude_set) if activity_num != 0: exclude_ratio = round(exclude_num/activity_num, 3) else: exclude_ratio = 1 self.ratio = exclude_ratio self.class_num = class_num self.exclude_num = exclude_num self.activity_num = activity_num print "--------------------------------------------------------" print "class number :", class_num print "activity number :", activity_num print "out-class activity number : ", exclude_num print "exclude ratio :", exclude_ratio print "standard ratio :", self.standard_ratio """ for activity in exclude_set: print activity include_set_num = len([1 for act in activities if any([1 for cls in class_names if cls in act])]) include_ratio = round(include_set_num/activity_num, 3) print "THE ratio :", exclude_ratio print "OTHER ratio :", 1-include_ratio """ if self.protectflag == "": if exclude_ratio > self.standard_ratio: self.protectflag = "Suspicious-Protection" else: self.protectflag = "No-Protection-Detected" def get_protector_name(self): return self.protectflag def get_record(self): return [self.unzip_apk_obj.apk_name, self.package_name, str(self.class_num), str(self.activity_num), str(self.exclude_num), str(self.standard_ratio), str(self.ratio), self.protectflag] def get_dict(self): return { "cls_num" : str(self.class_num), "act_num" : str(self.activity_num), "ratio" : str(self.ratio), "flag" : str(self.protectflag) }
class CheckProtect: def __init__(self, apk_path, unzip_path): self.apk_path = apk_path self.unzip_path = unzip_path self.protectflag = "Unprocessed" self.protectflag_dict = { "libsecexe.so": "Bangcle", "libAPKProtect.so": "APKProtect", "libprotectClass.so": "360", "libNSaferOnly.so": "PayEgis", "libnqshield.so": "Netqin", "libshell.so": "Tencent", "ijiami.dat": "ijiami", "libddog.so": "Nagain", "libmobisec.so": "Ali", "libbaiduprotect.so": "Baidu", } self.standard_ratio = 0.6 self.unzip_apk_obj = UnzipAPK(self.apk_path, self.unzip_path) self.package_name = self.unzip_apk_obj.get_package_name() self.check_protectflag() def check_protectflag(self): self.protectflag = "" activities = self.unzip_apk_obj.get_activities() class_names = self.unzip_apk_obj.get_class_name() all_file_name, all_dir_name = self.unzip_apk_obj.get_all_name() hints = self.protectflag_dict.keys() self.protectflag += " ".join([ self.protectflag_dict[hint] for hint in hints if hint in all_file_name ]) if "com.qihoo.util.StubApplication" in class_names: if self.protectflag == "": self.protectflag = "Qihoo" else: self.protectflag = self.protectflag + " " + "Qihoo" if "key.dat" in all_file_name and "apkprotect.com" in all_dir_name: if "APKProtect" not in self.protectflag: self.protectflag = " ".join([self.protectflag, "APKProtect"]) class_set = set(class_names) activity_set = set(activities) exclude_set = activity_set - class_set print exclude_set class_num = len(class_set) activity_num = len(activity_set) exclude_num = len(exclude_set) if activity_num != 0: exclude_ratio = round(exclude_num / activity_num, 3) else: exclude_ratio = 1 self.ratio = exclude_ratio self.class_num = class_num self.exclude_num = exclude_num self.activity_num = activity_num print "--------------------------------------------------------" print "class number :", class_num print "activity number :", activity_num print "out-class activity number : ", exclude_num print "exclude ratio :", exclude_ratio print "standard ratio :", self.standard_ratio """ for activity in exclude_set: print activity include_set_num = len([1 for act in activities if any([1 for cls in class_names if cls in act])]) include_ratio = round(include_set_num/activity_num, 3) print "THE ratio :", exclude_ratio print "OTHER ratio :", 1-include_ratio """ if self.protectflag == "": if exclude_ratio > self.standard_ratio: self.protectflag = "Suspicious-Protection" else: self.protectflag = "No-Protection-Detected" def get_protector_name(self): return self.protectflag def get_record(self): return [ self.unzip_apk_obj.apk_name, self.package_name, str(self.class_num), str(self.activity_num), str(self.exclude_num), str(self.standard_ratio), str(self.ratio), self.protectflag ] def get_dict(self): return { "cls_num": str(self.class_num), "act_num": str(self.activity_num), "ratio": str(self.ratio), "flag": str(self.protectflag) }