def specified_set(db): #testing specific APKs viruses = [] #path to singel malware files, for testing for v in viruses: data = getAPIfromPkg(v) entry = parse_data(data,False) insertToDB(entry,db) db.insertRelation(entry.getappId(),uniquate_list(entry.getappToApiRelation())) db.insertAppToPrmRelation(entry.getappId(),uniquate_list(entry.getappToPrmRelation()))
def single_APK(db): # testing one APK # insert path to single malware here data = getAPIfromPkg('path_to_malware') entry = parse_data(data, True) insertToDB(entry, db) db.insertRelation(entry.getappId(), uniquate_list(entry.getappToApiRelation())) db.insertAppToPrmRelation(entry.getappId(), uniquate_list(entry.getappToPrmRelation()))
def reverseAnalysis(sources): db = SafeDroidDB(False) for f in sources: mal = 0 log.info('Application examined path: %s' %f) if (MAL_FOLDER in f): mal = 1 try: data = getAPIfromPkg(f) entry = parse_data(data,mal) if db.exists('APPLICATIONS',entry.getMD5(), entry.getName()): continue insertToDB(entry,db) db.insertRelation(entry.getappId(),uniquate_list(entry.getappToApiRelation())) db.insertAppToPrmRelation(entry.getappId(),uniquate_list(entry.getappToPrmRelation())) except Exception,err: log.critical('%s failed' %f) log.critical(err) pass
def _reverse_Analysis(sources, malicious_directory): db = SafeDroidDB(False) event_log = {} for f in sources: mal = 0 event_log['info'] = 'Application examined: %s' % f if (malicious_directory in f): mal = 1 try: data = getAPIfromPkg(f) entry, event_log['info'] = _parse_data(data, mal) if db.exists('APPLICATIONS', entry.getMD5(), entry.getName()): continue insertToDB(entry, db) db.insertRelation(entry.getappId(), uniquate_list(entry.getappToApiRelation())) db.insertAppToPrmRelation( entry.getappId(), uniquate_list(entry.getappToPrmRelation())) except Exception, err: event_log['critical'] = '%s failed. %s' % (f, err) pass