def create_entropies(vmx, m) : l = [ vmx.get_method_signature(m, predef_sign = DEFAULT_SIGNATURE).get_string(), libsign.entropy( vmx.get_method_signature(m, predef_sign = DEFAULT_SIGNATURE ).get_string() ), libsign.entropy( vmx.get_method_signature(m, "L4", { "L4" : { "arguments" : ["Landroid"] } } ).get_string() ), libsign.entropy( vmx.get_method_signature(m, "L4", { "L4" : { "arguments" : ["Ljava"] } } ).get_string() ), libsign.entropy( vmx.get_method_signature(m, "hex" ).get_string() ), libsign.entropy( vmx.get_method_signature(m, "L2" ).get_string() ), ] return l
def __init__(self, vmx, apk) : self.vmx = vmx self.vm = self.vmx.get_vm() self.__nodes = {} self.__nodes_id = {} self.G = DiGraph() for j in self.vmx.tainted_packages.get_internal_packages() : n1 = self._get_node( j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor() ) n2 = self._get_node( j.get_class_name(), j.get_name(), j.get_descriptor() ) m1 = self.vm.get_method_descriptor( j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor() ) m2 = j.get_method() n1.set_attributes( { "android_api" : libsign.entropy( self.vmx.get_method_signature(m1, "L4", { "L4" : { "arguments" : ["Landroid"] } } ).get_string() ) } ) n2.set_attributes( { "android_api" : libsign.entropy( self.vmx.get_method_signature(m2, "L4", { "L4" : { "arguments" : ["Landroid"] } } ).get_string() ) } ) n1.set_attributes( { "java_api" : libsign.entropy( self.vmx.get_method_signature(m1, "L4", { "L4" : { "arguments" : ["Ljava"] } } ).get_string() ) } ) n2.set_attributes( { "java_api" : libsign.entropy( self.vmx.get_method_signature(m2, "L4", { "L4" : { "arguments" : ["Ljava"] } } ).get_string() ) } ) self.G.add_edge( n1.id, n2.id ) # print "\t %s %s %s %x ---> %s %s %s" % (j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor(), \ # j.get_bb().start + j.get_idx(), \ # j.get_class_name(), j.get_name(), j.get_descriptor()) if apk != None : for i in apk.get_activities() : j = bytecode.FormatClassToJava(i) n1 = self._get_exist_node( j, "onCreate", "(Landroid/os/Bundle;)V" ) if n1 != None : n1.set_attributes( { "type" : "activity" } ) n1.set_attributes( { "color" : ACTIVITY_COLOR } ) n2 = self._get_new_node_from( n1, "ACTIVITY" ) n2.set_attributes( { "color" : ACTIVITY_COLOR } ) self.G.add_edge( n2.id, n1.id ) for i in apk.get_services() : j = bytecode.FormatClassToJava(i) n1 = self._get_exist_node( j, "onCreate", "()V" ) if n1 != None : n1.set_attributes( { "type" : "service" } ) n1.set_attributes( { "color" : SERVICE_COLOR } ) n2 = self._get_new_node_from( n1, "SERVICE" ) n2.set_attributes( { "color" : SERVICE_COLOR } ) self.G.add_edge( n2.id, n1.id ) for i in apk.get_receivers() : j = bytecode.FormatClassToJava(i) n1 = self._get_exist_node( j, "onReceive", "(Landroid/content/Context; Landroid/content/Intent;)V" ) if n1 != None : n1.set_attributes( { "type" : "receiver" } ) n1.set_attributes( { "color" : RECEIVER_COLOR } ) n2 = self._get_new_node_from( n1, "RECEIVER" ) n2.set_attributes( { "color" : RECEIVER_COLOR } ) self.G.add_edge( n2.id, n1.id ) for c in self.vm.get_classes() : #if c.get_superclassname() == "Landroid/app/Service;" : # n1 = self._get_node( c.get_name(), "<init>", "()V" ) # n2 = self._get_node( c.get_name(), "onCreate", "()V" ) # self.G.add_edge( n1.id, n2.id ) if c.get_superclassname() == "Ljava/lang/Thread;" : for i in self.vm.get_method("run") : if i.get_class_name() == c.get_name() : n1 = self._get_node( i.get_class_name(), i.get_name(), i.get_descriptor() ) n2 = self._get_node( i.get_class_name(), "start", i.get_descriptor() ) self.G.add_edge( n1.id, n2.id ) list_permissions = self.vmx.get_permissions( [] ) for x in list_permissions : for j in list_permissions[ x ] : #print "\t %s %s %s %x ---> %s %s %s" % (j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor(), \ # j.get_bb().start + j.get_idx(), \ # j.get_class_name(), j.get_name(), j.get_descriptor()) n1 = self._get_exist_node( j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor() ) if n1 == None : continue n1.set_attributes( { "permissions" : 1 } ) n1.set_attributes( { "permissions_level" : DVM_PERMISSIONS[ "MANIFEST_PERMISSION" ][ x ][0] } ) try : for tmp_perm in PERMISSIONS_RISK[ x ] : if tmp_perm in DEFAULT_RISKS : n2 = self._get_new_node( j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor() + " " + DEFAULT_RISKS[ tmp_perm ][0], DEFAULT_RISKS[ tmp_perm ][0] ) n2.set_attributes( { "color" : DEFAULT_RISKS[ tmp_perm ][1] } ) self.G.add_edge( n2.id, n1.id ) except KeyError : pass for m, _ in self.vmx.tainted_packages.get_packages() : if m.get_info() == "Ldalvik/system/DexClassLoader;" : for path in m.get_paths() : if path.get_access_flag() == TAINTED_PACKAGE_CREATE : n1 = self._get_exist_node( path.get_method().get_class_name(), path.get_method().get_name(), path.get_method().get_descriptor() ) n2 = self._get_new_node( path.get_method().get_class_name(), path.get_method().get_name(), path.get_method().get_descriptor() + " " + "DEXCLASSLOADER", "DEXCLASSLOADER" ) n1.set_attributes( { "dynamic_code" : "true" } ) n2.set_attributes( { "color" : DEXCLASSLOADER_COLOR } ) self.G.add_edge( n2.id, n1.id )
def entropy(self, s) : return libsign.entropy( s )
def __init__(self, vmx, apk): self.vmx = vmx self.vm = self.vmx.get_vm() self.__nodes = {} self.__nodes_id = {} self.G = DiGraph() for j in self.vmx.tainted_packages.get_internal_packages(): n1 = self._get_node(j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor()) n2 = self._get_node(j.get_class_name(), j.get_name(), j.get_descriptor()) m1 = self.vm.get_method_descriptor(j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor()) m2 = j.get_method() n1.set_attributes({ "android_api": libsign.entropy( self.vmx.get_method_signature(m1, "L4", { "L4": { "arguments": ["Landroid"] } }).get_string()) }) n2.set_attributes({ "android_api": libsign.entropy( self.vmx.get_method_signature(m2, "L4", { "L4": { "arguments": ["Landroid"] } }).get_string()) }) n1.set_attributes({ "java_api": libsign.entropy( self.vmx.get_method_signature(m1, "L4", { "L4": { "arguments": ["Ljava"] } }).get_string()) }) n2.set_attributes({ "java_api": libsign.entropy( self.vmx.get_method_signature(m2, "L4", { "L4": { "arguments": ["Ljava"] } }).get_string()) }) self.G.add_edge(n1.id, n2.id) # print "\t %s %s %s %x ---> %s %s %s" % (j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor(), \ # j.get_bb().start + j.get_idx(), \ # j.get_class_name(), j.get_name(), j.get_descriptor()) if apk != None: for i in apk.get_activities(): j = bytecode.FormatClassToJava(i) n1 = self._get_exist_node(j, "onCreate", "(Landroid/os/Bundle;)V") if n1 != None: n1.set_attributes({"type": "activity"}) n1.set_attributes({"color": ACTIVITY_COLOR}) n2 = self._get_new_node_from(n1, "ACTIVITY") n2.set_attributes({"color": ACTIVITY_COLOR}) self.G.add_edge(n2.id, n1.id) for i in apk.get_services(): j = bytecode.FormatClassToJava(i) n1 = self._get_exist_node(j, "onCreate", "()V") if n1 != None: n1.set_attributes({"type": "service"}) n1.set_attributes({"color": SERVICE_COLOR}) n2 = self._get_new_node_from(n1, "SERVICE") n2.set_attributes({"color": SERVICE_COLOR}) self.G.add_edge(n2.id, n1.id) for i in apk.get_receivers(): j = bytecode.FormatClassToJava(i) n1 = self._get_exist_node( j, "onReceive", "(Landroid/content/Context; Landroid/content/Intent;)V") if n1 != None: n1.set_attributes({"type": "receiver"}) n1.set_attributes({"color": RECEIVER_COLOR}) n2 = self._get_new_node_from(n1, "RECEIVER") n2.set_attributes({"color": RECEIVER_COLOR}) self.G.add_edge(n2.id, n1.id) for c in self.vm.get_classes(): #if c.get_superclassname() == "Landroid/app/Service;" : # n1 = self._get_node( c.get_name(), "<init>", "()V" ) # n2 = self._get_node( c.get_name(), "onCreate", "()V" ) # self.G.add_edge( n1.id, n2.id ) if c.get_superclassname() == "Ljava/lang/Thread;": for i in self.vm.get_method("run"): if i.get_class_name() == c.get_name(): n1 = self._get_node(i.get_class_name(), i.get_name(), i.get_descriptor()) n2 = self._get_node(i.get_class_name(), "start", i.get_descriptor()) self.G.add_edge(n1.id, n2.id) list_permissions = self.vmx.get_permissions([]) for x in list_permissions: for j in list_permissions[x]: #print "\t %s %s %s %x ---> %s %s %s" % (j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor(), \ # j.get_bb().start + j.get_idx(), \ # j.get_class_name(), j.get_name(), j.get_descriptor()) n1 = self._get_exist_node(j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor()) if n1 == None: continue n1.set_attributes({"permissions": 1}) n1.set_attributes({ "permissions_level": DVM_PERMISSIONS["MANIFEST_PERMISSION"][x][0] }) try: for tmp_perm in PERMISSIONS_RISK[x]: if tmp_perm in DEFAULT_RISKS: n2 = self._get_new_node( j.get_method().get_class_name(), j.get_method().get_name(), j.get_method().get_descriptor() + " " + DEFAULT_RISKS[tmp_perm][0], DEFAULT_RISKS[tmp_perm][0]) n2.set_attributes( {"color": DEFAULT_RISKS[tmp_perm][1]}) self.G.add_edge(n2.id, n1.id) except KeyError: pass for m, _ in self.vmx.tainted_packages.get_packages(): if m.get_info() == "Ldalvik/system/DexClassLoader;": for path in m.get_paths(): if path.get_access_flag() == TAINTED_PACKAGE_CREATE: n1 = self._get_exist_node( path.get_method().get_class_name(), path.get_method().get_name(), path.get_method().get_descriptor()) n2 = self._get_new_node( path.get_method().get_class_name(), path.get_method().get_name(), path.get_method().get_descriptor() + " " + "DEXCLASSLOADER", "DEXCLASSLOADER") n1.set_attributes({"dynamic_code": "true"}) n2.set_attributes({"color": DEXCLASSLOADER_COLOR}) self.G.add_edge(n2.id, n1.id)