def store_result_dict(self, res_dict):
'''
Store the analysis results from the `res_dict`.
All needed infos for storage will be taken from it.
Parameters
----------
res_dict : dict
See `ResultObject.description_dict`
'''
fastapk = FastApk.load_from_result_dict(res_dict)
script = AndroScript.load_from_result_dict(res_dict, fastapk)
try:
self.create_entry_for_apk(fastapk, update = True)
self.store_result_for_apk(fastapk, script)
except FileSysStoreException as e:
log.warn(e)
res = self.res
# register key
KEY = "Manifest"
res.register_keys([KEY])
# faster way
# # get manifest
# manifest_xml = ""
# for i in apk.zip.namelist():
# if i == "AndroidManifest.xml":
# apk.axml[i] = AXMLPrinter(apk.zip.read(i))
# try:
# manifest_xml = apk.axml[i].get_buff()
# except:
# pass
# more convenient way with pretty priting, but also slower
manifest_str = apk.xml.items()[0][1].toprettyxml(indent=" " * 2)
# replace multiple \n and split into list for better representation in json
manifest_str = re.sub("\n+", "\n", manifest_str)
manifest_list = manifest_str.split("\n")
res.log(KEY, manifest_list)
# if manifest_xml:
# res.log(KEY, manifest_xml.split("\n"))
if __name__ == '__main__':
for res in AndroScript.test(Manifest, ["../../../../../../androguard_playground/apks/ipcinetcall.apk"]):
print res.write_to_json()
(permission_name, method_name, method_analysis))
for permission_name, method_name in method_names:
# log which classes use which permissions
res.log_append_to_enum(permission_name, method_name,
CAT_PERMISSIONS, PERMISSIONS_LISTING)
for permission_name, method_name, method_analysis in method_analysis_objs:
ms = decompile.DvMethod(method_analysis)
ms.process()
source_code = ms.get_source()
# decompile these methods too!
log_val = {method_name: source_code.split("\n")[1:-1]}
res.log_append_to_enum(permission_name, log_val, CAT_PERMISSIONS,
PERMISSIONS_CODE)
def needs_dalvik_vm_format(self):
return True
def needs_vmanalysis(self):
return True
if __name__ == '__main__':
for res in AndroScript.test(CodePermissions,
["../../../../testenv/apks/a2dp.Vol.apk"]):
print res
print res.write_to_json()
res.log_true(key, CAT_SSL)
# run ssl checks
for check_val, check_name in self.CHECKS:
if dx.tainted_packages.search_packages(check_val) != []:
# log
log(check_name.lower())
if is_dyn_code(dx):
res.log_true(CODE_LOADING_DYN, CAT_CODE_LOADING)
if is_native_code(dx):
res.log_true(CODE_LOADING_NATIVE, CAT_CODE_LOADING)
return res
############################################################
#---Script requirements
############################################################
def needs_xref(self):
''' Create cross references '''
return True
def get_DynCode(dx):
return dx.tainted_packages.search_packages( "Ldalvik/system/DexClassLoader")
if __name__ == '__main__':
for res in AndroScript.test(SSL, ["../../../../testenv/apks/a2dp.Vol.apk"]):
print res
print res.write_to_json()
# encoding: utf-8
__author__ = "Nils Tobias Schmidt"
__email__ = "schmidt89 at informatik.uni-marburg.de"
from androlyze.model.script.AndroScript import AndroScript
from androlyze.model.script.ChainedScript import ChainedScript
from androlyze.model.script.impl.manifest.Manifest import Manifest
from androlyze.model.script.impl.manifest.components.ContentProviders import ContentProviders
from androlyze.model.script.impl.manifest.components.PublicContentProviders import PublicContentProviders
class PublicContentProviders_Manifest(ChainedScript):
''' Additionally to `PublicContentProviders` also show all content providers and the manifest '''
VERSION = "0.1"
def chain_scripts(self):
# use the chained_script function to do further grouping
return [PublicContentProviders(), ContentProviders(), Manifest()]
def root_categories(self):
return ('ContentProviderStuff', )
def log_chained_script_meta_infos(self):
return False
# testing code
if __name__ == '__main__':
for res in AndroScript.test(PublicContentProviders_Manifest, ["../../../../../../../androguard_playground/apks/public_content_provider.apk"]):
print res.write_to_json()
def _analyze(self, apk, dalvik_vm_format, vm_analysis, gvm_analysis, *args, **kwargs):
res = self.res
# dvm stuff
# list<ClassDefItem>
classes = dalvik_vm_format.get_classes()
# run over classes
for c in classes:
ROOT_CAT = (CAT_CLASS_DETAILS, c.name)
res.register_keys([CAT_METHODS, CAT_FIELDS], *ROOT_CAT)
# list<EncodedMethod>
methods = c.get_methods()
res.log(CAT_METHODS, [mn.name for mn in methods], *ROOT_CAT)
# list<EncodedField>
fields = c.get_fields()
res.log(CAT_FIELDS, [fn.name for fn in fields], *ROOT_CAT)
############################################################
#---Options
############################################################
def needs_dalvik_vm_format(self):
return True
if __name__ == '__main__':
for res in AndroScript.test(ClassDetails, ["../../../../testenv/apks/a2dp.Vol.apk"]):
print res
print res.write_to_json()
'''
Evaluate the script results.
Parameters
----------
storage : RedundantStorage
'''
# Use either the AndroLyze query API:
# iterate over the results (one result per APK = iteration)
for ordered_dict in self.action_query_result_db():
# do something else than just printing the dictionary
#pprint(dict(ordered_dict))
pass
# Or perform a direct query on the mongodb API:
# get the mongodb singleton
mongodb = storage.result_db_storage
for ordered_dict in mongodb.get_res_coll().find(
{"script meta.name": "ScriptTemplate"}, {"apk meta": 1}):
pprint(dict(ordered_dict))
# testing code
if __name__ == '__main__':
for res in AndroScript.test(ScriptTemplate,
["../../../../testenv/apks/a2dp.Vol.apk"]):
print res
print res.write_to_json()
__email__ = "schmidt89 at informatik.uni-marburg.de"
from androlyze.model.script.AndroScript import AndroScript
from androlyze.model.script.ChainedScript import ChainedScript
from androlyze.model.script.impl.manifest.Manifest import Manifest
from androlyze.model.script.impl.manifest.components.ContentProviders import ContentProviders
from androlyze.model.script.impl.manifest.components.PublicContentProviders import PublicContentProviders
class PublicContentProviders_Manifest(ChainedScript):
''' Additionally to `PublicContentProviders` also show all content providers and the manifest '''
VERSION = "0.1"
def chain_scripts(self):
# use the chained_script function to do further grouping
return [PublicContentProviders(), ContentProviders(), Manifest()]
def root_categories(self):
return ('ContentProviderStuff', )
def log_chained_script_meta_infos(self):
return False
# testing code
if __name__ == '__main__':
for res in AndroScript.test(PublicContentProviders_Manifest, [
"../../../../../../../androguard_playground/apks/public_content_provider.apk"
]):
print res.write_to_json()
def register_structure(self, res):
# register keys
res.register_enum_keys([CAT])
def _analyze(self, apk, dalvik_vm_format, vm_analysis, gvm_analysis, *args, **kwargs):
'''
Parameters
----------
apk: EAndroApk
dalvik_vm_format: DalvikVMFormat
Parsed .dex file.
Only available if `needs_dalvik_vm_format` returns True.
vm_analysis: VMAnalysis
Dex analyzer.
Only available if `needs_vmanalysis` returns True.
gvm_analysis : GVMAnalysis
'''
res = self.res
self.register_structure(res)
public_components = apk.get_manifest_public_components()
for cp in apk.get_providers():
if cp in public_components:
res.log_append_to_enum(CAT, cp)
# testing code
if __name__ == '__main__':
for res in AndroScript.test(PublicContentProviders, ["../../../../../../../androguard_playground/apks/sql_injection.apk", "../../../../../../../androguard_playground/apks/public_content_provider.apk"]):
print res.write_to_json()
# get androguard.core.analysis.analysis.MethodAnalysis
method_analysis = vm_analysis.get_method(encoded_method)
method_analysis_objs.add((permission_name, method_name, method_analysis))
for permission_name, method_name in method_names:
# log which classes use which permissions
res.log_append_to_enum(permission_name, method_name, CAT_PERMISSIONS, PERMISSIONS_LISTING)
for permission_name, method_name, method_analysis in method_analysis_objs:
ms = decompile.DvMethod(method_analysis)
ms.process()
source_code = ms.get_source()
# decompile these methods too!
log_val = {method_name : source_code.split("\n")[1:-1]}
res.log_append_to_enum(permission_name, log_val, CAT_PERMISSIONS, PERMISSIONS_CODE)
def needs_dalvik_vm_format(self):
return True
def needs_vmanalysis(self):
return True
if __name__ == '__main__':
for res in AndroScript.test(CodePermissions, ["../../../../testenv/apks/a2dp.Vol.apk"]):
print res
print res.write_to_json()
ON_SCRIPT = ScriptTemplate
def _evaluate(self, storage):
'''
Evaluate the script results.
Parameters
----------
storage : RedundantStorage
'''
# Use either the AndroLyze query API:
# iterate over the results (one result per APK = iteration)
for ordered_dict in self.action_query_result_db():
# do something else than just printing the dictionary
#pprint(dict(ordered_dict))
pass
# Or perform a direct query on the mongodb API:
# get the mongodb singleton
mongodb = storage.result_db_storage
for ordered_dict in mongodb.get_res_coll().find({"script meta.name" : "ScriptTemplate"}, {"apk meta" : 1}):
pprint(dict(ordered_dict))
# testing code
if __name__ == '__main__':
for res in AndroScript.test(ScriptTemplate, ["../../../../testenv/apks/a2dp.Vol.apk"]):
print res
print res.write_to_json()
