def check_apk(self, apk):
if self.debug:
print "loading apk..",
sys.stdout.flush()
classes_dex = apk.get_dex()
ret = self._check_dalvik(classes_dex)
return ret
def check_apk(self, apk) :
if self.debug :
print "loading apk..",
sys.stdout.flush()
classes_dex = apk.get_dex()
ret = self._check_dalvik( classes_dex )
return ret
def display_dvm_info(apk) :
vm = dvm.DalvikVMFormat( apk.get_dex() )
vmx = analysis.uVMAnalysis( vm )
print "Native code:", analysis.is_native_code(vmx)
print "Dynamic code:", analysis.is_dyn_code(vmx)
print "Reflection code:", analysis.is_reflection_code(vmx)
for i in vmx.get_methods() :
i.create_tags()
if not i.tags.empty() :
print i.method.get_class_name(), i.method.get_name(), i.tags
def display_dvm_info(apk):
vm = dvm.DalvikVMFormat(apk.get_dex())
vmx = analysis.uVMAnalysis(vm)
print "Native code:", analysis.is_native_code(vmx)
print "Dynamic code:", analysis.is_dyn_code(vmx)
print "Reflection code:", analysis.is_reflection_code(vmx)
for i in vmx.get_methods():
i.create_tags()
if not i.tags.empty():
print i.method.get_class_name(), i.method.get_name(), i.tags
def extract_method_calls(apk): vm = dvm.DalvikVMFormat(apk.get_dex()) vmx = analysis.uVMAnalysis(vm) vmu = analysis.VMAnalysis(vm) apis=dict() for i in vmx.get_methods(): i.create_tags() cla=i.method.get_class_name() met=i.method.get_name() tags = i.tags cla = string.replace(cla[1:len(cla)-2], "/", ".") k=cla+"."+met apis[k]=tags ist = i.method.get_instructions() print k for inst in ist: print "\t", inst.get_name(), inst.get_output() return dict()
def check_apk(self, apk) :
"""
Check if a signature matches the application
@param apk : an L{APK} object
@rtype : None if no signatures match, otherwise the name of the signature
"""
if self.debug :
print "loading apk..",
sys.stdout.flush()
classes_dex = apk.get_dex()
ret, l = self.p._check_dalvik( classes_dex )
if ret == None :
#ret, l1 = self.p._check_bin( apk )
l1 = []
l.extend( l1 )
return ret, l
def check_apk(self, apk):
"""
Check if a signature matches the application
@param apk : an L{APK} object
@rtype : None if no signatures match, otherwise the name of the signature
"""
if self.debug:
print "loading apk..",
sys.stdout.flush()
classes_dex = apk.get_dex()
ret, l = self.p._check_dalvik(classes_dex)
if ret == None:
#ret, l1 = self.p._check_bin( apk )
l1 = []
l.extend(l1)
return ret, l
def get_dex_3byte_grams(apk):
"""
Return dictionary (key: 3-bytes-gram in dex of the given apk, value: this gram's frequency in dex of the given apk)
:param apk: apk file
:type apk: APK
:rtype: a dictionary of {(key: unicode, value: int)
"""
dex = dvm.DalvikVMFormat(apk.get_dex())
dex_strings = dex.get_strings()
trio_freq = {} # key: trio, value: frequency
remainder = u''
for i in range(0, len(dex_strings)):
trio_list = get3chars_list(remainder + dex_strings[i])
remainder = dex_strings[i][-2:]
for trio in trio_list:
if trio_freq.get(trio) != None:
trio_freq[trio] += 1
else:
trio_freq[trio] = 0
return trio_freq