Exemplo n.º 1
0
    def _analyze(self) :
        for i in self.__files :
            #print "processing ", i
            if ".class" in i :
                bc = jvm.JVMFormat( self.__orig_raw[ i ] )
            elif ".jar" in i :
                x = jvm.JAR( i )
                bc = x.get_classes()
            elif ".dex" in i :
                bc = dvm.DalvikVMFormat( self.__orig_raw[ i ] )
            elif ".apk" in i :
                x = apk.APK( i )
                bc = dvm.DalvikVMFormat( x.get_dex() )
            else :
                ret_type = androconf.is_android( i )
                if ret_type == "APK" :
                    x = apk.APK( i )
                    bc = dvm.DalvikVMFormat( x.get_dex() )
                elif ret_type == "DEX" : 
                    bc = dvm.DalvikVMFormat( open(i, "rb").read() )  
                else :
                    raise( "Unknown bytecode" )

            if isinstance(bc, list) :
                for j in bc :
                    self.__bc.append( (j[0], BC( jvm.JVMFormat(j[1]) ) ) )
            else :
                self.__bc.append( (i, BC( bc )) )
Exemplo n.º 2
0
def open_dex(raw):
    d = dvm.DalvikVMFormat(raw)
    return d
Exemplo n.º 3
0
sys.path.append(PATH_INSTALL + "./core")
sys.path.append(PATH_INSTALL + "./core/bytecodes")
sys.path.append(PATH_INSTALL + "./core/analysis")

import apk, dvm, analysis, msign

if __name__ == "__main__":
    #    a = apk.APK( PATH_INSTALL + "examples/android/TestsAndroguard/bin/TestsAndroguard.apk" )
    #    a = apk.APK( PATH_INSTALL + "apks/drweb-600-android-beta.apk" )
    #    a = apk.APK( PATH_INSTALL + "debug/062d5e38dc4618a8b1c6bf3587dc2016a3a3db146aea0d82cc227a18ca21ad13")
    a = apk.APK(PATH_INSTALL + "apks/malwares/kungfu/sample2.apk")

    t1 = time.time()

    if len(sys.argv) > 1:
        d = dvm.DalvikVMFormat(a.get_dex(), engine=["python"])
    else:
        d = dvm.DalvikVMFormat(a.get_dex())

    t2 = time.time()
    x = analysis.VMAnalysis(d)

    t3 = time.time()
    print('-> %0.8f %0.8f %0.8f' % ((t2 - t1, t3 - t2, t3 - t1)))

    sys.exit(0)

    for method in d.get_methods():
        print(method.get_class_name(), method.get_name(),
              method.get_descriptor())
Exemplo n.º 4
0
#!/usr/bin/env python

import sys

PATH_INSTALL = "./"
sys.path.append(PATH_INSTALL + "/core")
sys.path.append(PATH_INSTALL + "/core/bytecodes")
sys.path.append(PATH_INSTALL + "/core/analysis")

import dvm, analysis

TEST = "./examples/android/Test/bin/classes.dex"
#TEST = "examples/android/Hello_Kitty/classes.dex"

j = dvm.DalvikVMFormat(open(TEST).read())
x = analysis.VMAnalysis(j)

# SHOW CLASSES (verbose and pretty)
#j.pretty_show( x )

# SHOW METHODS
for i in j.get_methods():
    i.pretty_show(x)
Exemplo n.º 5
0
#!/usr/bin/env python

import sys

PATH_INSTALL = "./"
sys.path.append(PATH_INSTALL + "/core")
sys.path.append(PATH_INSTALL + "/core/bytecodes")

import dvm, apk

TEST = "./examples/android/TC/bin/TC-debug.apk"

a = apk.APK(TEST)
a.show()

j = dvm.DalvikVMFormat(a.get_dex())

# SHOW CLASS (verbose)
#j.show()