Пример #1
0
def getFields(ifields_, mapList):
    fields = OrderedDict()
    [g, objOff] = art.fromPointer(ifields_, mapList)
    g.seek(objOff)
    size = unpack_int(g)
    counter = 0

    declaring_class_index = get_index("Field", "declaring_class_")
    access_flags_index = get_index("Field", "access_flags_")
    dex_field_index = get_index("Field", "dex_field_index_")
    offset_index = get_index("Field", "offset_")

    while counter < size:
        #declaring_class_ = hex(struct.unpack("<I", g.read(4))[0])
        declaring_class_ = hex(unpack_uint(g))
        access_flags_ = unpack_int(g)
        dex_field_index_ = unpack_int(g)
        offset_ = unpack_int(g)
        fields.update({
            counter: [
                cls.resolveName(declaring_class_, mapList), access_flags_,
                dex_field_index_, offset_
            ]
        })
        counter += 1
    g.close()
    return fields
Пример #2
0
def findThreadGCRoot(refs, lstList, mapList):
    ref = '0x0'
    [start, end] = art.getSE(lstList)
    if refs:
        for ref in refs:
            [klass, kmonitor, refFile, refOff] = cls.getOKlass(ref, mapList)
            name = cls.resolveName(klass, mapList)
            if name == 'android.app.ActivityThread$ApplicationThread':
                break
    return ref
Пример #3
0
def printRefs(refs, lstList, mapList):
    [start, end] = art.getSE(lstList)
    if refs:
        for ref in refs:
            [klass, monitor, refFile, refOff] = cls.getOKlass(ref, mapList)
            name = cls.resolveName(klass, mapList)
            if not name in notList:
                #print ref
                [aPath, offset] = art.getOffset(ref, mapList)
                addr = art.getFhandle(aPath)
                dumpRefs(ref, addr, ref, offset)
Пример #4
0
def getFields(dexCache, ifields_, mapList):
	fields= OrderedDict()
	[g, objOff] = art.fromPointer(ifields_, mapList)
	g.seek(objOff)
	size = struct.unpack("<i", g.read(4))[0]
	counter=1;
	while counter<=size:
		declaring_class_ = hex(struct.unpack("<I", g.read(4))[0])		
		access_flags_ = struct.unpack("<i", g.read(4))[0]
		dex_field_index_ = struct.unpack("<i", g.read(4))[0]
		offset_ =struct.unpack("<i", g.read(4))[0]
		fields[counter] = [cls.resolveName(declaring_class_, mapList),access_flags_,dex_field_index_,offset_]
		counter+=1
	return fields
Пример #5
0
def dumpRefs(ref, addr, address, off):
    addr.seek(off + 4)
    monitor = hex(unpack_int(addr.read(4))[0])
    [klass, kmonitor, refFile, refOff] = cls.getOKlass(ref, mapList)
    if klass == '0x0':
        #print "++++++++++++++++++++++++++++++++++++++++++++"
        #print "Invalid address for class"
        #print "\n"
        objSize = 8
        return objSize
    name = cls.resolveName(klass, mapList)
    fDict = OrderedDict()
    objSize = 0
    #print name
    if ('java.lang.Class' in name) and not name.startswith('['):
        #print "++++++++++++++++++++++++++++++++++++++++++++"
        #print "Reference Class is a Class Instance"
        [cname, objSize] = getClsObj(ref, refFile, refOff, fDict, addr, off)
        if (objSize < 8):
            objSize = 8
        if cname:
            name = name + " - " + cname
        else:
            name = name + " - Object cannot be derefenced"
        #print "\n"
    elif ('java.lang.String' in name):
        #print "++++++++++++++++++++++++++++++++++++++++++++"
        #print "Reference Class is String"
        #prettyName=''
        '''addr.seek(off+8)
		count = unpack_dec(addr.read(4))[0]
		l = count >> 1
		if (l >0):
			addr.seek(addr.tell()+4)
			prettyName = addr.read(l)
			print prettyName
		else:
			print "Null String"
		objSize = 8+8+l #8 = object inheritance, 8=count+hash, l = length of string'''
        refFile.seek(refOff + 8)
        count = unpack_dec(refFile.read(4))[0]
        l = count >> 1
        '''if (l >0):
			refFile.seek(refFile.tell()+4)
			prettyName = refFile.read(l)
			print prettyName
		else:
			print "Null String"'''
        objSize = 8  #8 = object inheritance, 8=count+hash, l = length of string
        #print "\n"
    elif (name and name.startswith('[')):
        #print "++++++++++++++++++++++++++++++++++++++++++++"
        #print "Reference Class is an "+ name +" Array "
        arrData = []
        #[i, arrayObjOff] = art.fromPointer(ref, mapList)
        #addr.seek(off+8)
        refFile.seek(refOff + 8)
        arrSize = unpack_dec(refFile.read(4))[0]
        #print "Array size is "+str(arrSize)
        #print "here"
        arrData = checkArray(name, arrSize, refFile, arrData)
        '''if arrData:
			print "The array data for "+name +" is " +str(arrData)'''
        #objSize = 8+4+len(arrData)#8 = object inheritance, 4=position for length of array, len = length of array data
        objSize = 8
        #print "\n"
    elif (len(name) == 1):
        obj = getPrimitive(name, refFile)
        #print "++++++++++++++++++++++++++++++++++++++++++++"
        #print "Reference Class is a Primitive"
        #print obj
        #objSize=len(str(obj))
        objSize = 8
    else:
        #print "++++++++++++++++++++++++++++++++++++++++++++"
        #address = ref
        #print ref+" " +name +" "+ monitor
        #print "\n"
        #[cname, objSize] = getClsObj(ref, refFile, refOff,fDict, addr, off)
        objSize = 8
    if (name):
        if ('?' in name):
            print "Address " + address + " " + monitor + " " + str(objSize)
        else:
            print "Address " + address + " " + monitor + " " + name + " " + str(
                objSize)
    else:
        print "Address " + address + " " + monitor + " " + str(objSize)
    refFile.close()
    return objSize
    #get class, monitor
    #If primitive render data
    #If Array render
    #Class, get fields and methods and print

    #if len(sys.argv)==2:
    #	refs = mainRefs("Globals")
    #	printRefs (refs)
    #elif (sys.argv[2]=="-d"):
    #	ref = sys.argv[3]
    #	searchRef(ref)
    #	objSize = dumpRefs(ref)

    #cls.getClsFlag(klass, mapList) +" "+ cls.getType(klass, mapList)
    #if ('java.lang.Class' in name):
    #	[dexCache, classFlag, ifields_,methods_, sfields_, name] = getClassObj(ref, mapList)
    #	print "jClass "+ name
    #	print ifields_ +" "+methods_+" "+sfields_
    #	if ifields_!="0x0":
    #		print getFields(dexCache, ifields_)
    #if sfields_!="0x0":
    #	print getFields(sfields_)
    #if methods_!="0x0":
    #	print getMethods(methods_)
    #elif ('java.lang.String' in name):
    #	stringClassOff= refOff+8
    #	print "jString "
    #getStringClass(stringClassOff, refFile)
    #else:
    #	print "jObect "
    #for i in refs:
    #[klass, monitor]=getOKlass(i)
    #name = resolveName(klass)
    #out[i] = name
    #print i, name
    #return out
    #print i, name
    #if ('java.lang.Class' in name):
    #print "Resolved Class Name is == "+getClassClass(i)
    #print monitor
    #	if ('java.lang.String' in name):
    #		[fHandle, strOff] = fromPointer(i, mapList)
    #		print i
    #		print "The data in String == "+getStringClass(strOff, fHandle)

    #print "Reference \t JType"
    #for key, value in out.items():
    #	print key+"\t"+value

    #print getLibsOffset(vmPath, offset)
    #print "Object Size " + str(objSize)
    #print "Is ClassClass "+name
    '''if (l >0):
			addr.seek(addr.tell()+4)
			prettyName = addr.read(l)
			print "The data for "+name +" is " +prettyName
		else:
			print "Null String"'''
    #print art.getStringClass(off, addr)
    '''elif(name):#&& classFlag==kClassFlagNormal
		print name+" "+classFlag #+" "+ primType #+" "+ ifields_+" "+ methods_+" "+ sfields_+" "+ dexCache
		print "Object Size " + str(objSize)
		if ifields_!="0x0":
			fields = fld.getFields(dexCache, ifields_, mapList)
			for key, values in fields.items():
				fieldIdx = values[2]
				cl,type ,fname = dx.getMeta(dexCache,fieldIdx,mapList, memList)			
				#print "FieldName - "+name+ " - "+type+" offset "+str(values[3])
				fDict[values[3]] = [fname,type]
			if fDict:
				fld.getValue(fDict, addr, off)
		else:
			print "No Fields for the object"
		oSize = objSize
	else:
		#print "Object is either null or cannot be dereferenced"
		oSize=8	'''
    #print fld.getValue(ref, iIndex+values[3], mapList, type)
    '''if sfields_!="0x0":
Пример #6
0
def printRefs(refs):
    if refs:
        for ref in refs:
            [klass, monitor, refFile, refOff] = cls.getOKlass(ref, mapList)
            print ref + " " + cls.resolveName(klass, mapList) + " " + monitor
Пример #7
0
def dumpRefs(ref, addr, off):
    ret = []
    [klass, monitor, refFile, refOff] = cls.getOKlass(ref, mapList)
    ret.append(monitor)
    if klass == '0x0':
        ret.append("++++++++++++++++++++++++++++++++++++++++++++")
        ret.append("Invalid address for class")
        ret.append("\n")
        objSize = 8
        return objSize
    name = cls.resolveName(klass, mapList)
    fDict = OrderedDict()
    objSize = 0
    #print name
    if ('java.lang.Class' in name):
        ret.append("++++++++++++++++++++++++++++++++++++++++++++")
        ret.append("Reference Class is a Class Instance")
        objSize, r = getClsObj(ref, refFile, refOff, fDict, addr, off)
        [ret.append(i) for i in r]
        ret.append("\n")
    elif ('java.lang.String' in name):
        ret.append("++++++++++++++++++++++++++++++++++++++++++++")
        ret.append("Reference Class is String")
        prettyName = ''
        '''addr.seek(off+8)
		count = unpack_dec(addr.read(4))[0]
		l = count >> 1
		if (l >0):
			addr.seek(addr.tell()+4)
			prettyName = addr.read(l)
			print prettyName
		else:
			print "Null String"
		objSize = 8+8+l #8 = object inheritance, 8=count+hash, l = length of string'''
        refFile.seek(refOff + 8)
        count = unpack_int(refFile)
        l = count >> 1
        if l > 65536:
            l = 0
        if (l > 0):
            refFile.seek(refFile.tell() + 4)
            prettyName = refFile.read(l)
            ret.append(prettyName)
        else:
            ret.append("Null String")
        refFile.close()
        objSize = 8  #8 = object inheritance, 8=count+hash, l = length of string
        print "\n"
    elif (name and name.startswith('[')):
        #count number of [ and loop through
        ret.append("++++++++++++++++++++++++++++++++++++++++++++")
        print "Reference Class is an " + name + " Array "
        arrData = []
        #[i, arrayObjOff] = art.fromPointer(ref, mapList)
        #addr.seek(off+8)
        refFile.seek(refOff + 8)
        arrSize = unpack_int(refFile)
        ret.append("Array size is " + str(arrSize))
        arrData = checkArray(name, arrSize, refFile, arrData)
        if arrData:
            ret.append("The array data for " + name + " is " + str(arrData))
        #objSize = 8+4+len(arrData)#8 = object inheritance, 4=position for length of array, len = length of array data
        objSize = 8
        refFile.close()
        ret.append("\n")
    elif (len(name) == 1):
        obj = getPrimitive(name, addr)
        ret.append("++++++++++++++++++++++++++++++++++++++++++++")
        ret.append("Reference Class is a Primitive")
        ret.append(obj)
        objSize = len(str(obj))
    else:
        ret.append("++++++++++++++++++++++++++++++++++++++++++++")
        objSize = 8
        if ('?' in name):
            ret.append(ref + " Cannot Be Resolved " + str(objSize))
        else:
            ret.append(ref + " " + name + " " + monitor)
        ret.append("\n")
    refFile.close()
    return objSize, ret