def scanning(self):
if self.apk is None:
sys.exit(util.writeln("** Undefined package. Exit!", col.FAIL))
util.writeln("\n** Scanning against '%s'" % (self.apk.package),
col.OKBLUE)
self.out_json["package"] = self.apk.package
self.out_json["results"] = []
with open(self.pattern) as regexes:
regex = json.load(regexes)
for name, pattern in regex.items():
if isinstance(pattern, list):
for p in pattern:
try:
thread = threading.Thread(
target=self.extract,
args=(name, util.finder(p, self.tempdir)))
thread.start()
except KeyboardInterrupt:
sys.exit(
util.writeln("\n** Interrupted. Aborting...",
col.FAIL))
else:
try:
thread = threading.Thread(
target=self.extract,
args=(name, util.finder(pattern, self.tempdir)))
thread.start()
except KeyboardInterrupt:
sys.exit(
util.writeln("\n** Interrupted. Aborting...",
col.FAIL))
def decompile(self):
util.writeln("** Decompiling APK...", col.OKBLUE)
args = [self.jadx, self.file, "-d", self.tempdir]
try:
args.extend(re.split(r"\s|=", self.disarg))
except Exception:
pass
comm = "%s" % (" ".join(quote(arg) for arg in args))
os.system(comm)
def cleanup(self):
shutil.rmtree(self.tempdir)
if self.scanned:
self.fileout.write("%s" % (json.dumps(self.out_json, indent=4) if self.json else ""))
self.fileout.close()
print("%s\n** Results saved into '%s%s%s%s'%s." % (col.HEADER, col.ENDC, col.OKGREEN, self.output, col.HEADER, col.ENDC))
else:
os.remove(self.output)
util.writeln("\n** Done with nothing. ¯\\_(ツ)_/¯", col.WARNING)
def dependencies(self): exter = "https://github.com/skylot/jadx/releases/download/v1.2.0/jadx-1.2.0.zip" try: with closing(urlopen(exter)) as jadx: with ZipFile(io.BytesIO(jadx.read())) as zfile: zfile.extractall(os.path.join(str(Path(self.main_dir).parent), "jadx")) os.chmod(self.jadx, 33268) except Exception as error: util.writeln(str(error), col.WARNING) sys.exit()
def extract(self, name, matches):
if len(matches):
stdout = ("[%s]" % (name))
util.writeln("\n" + stdout, col.OKGREEN)
self.fileout.write("%s" % (stdout + "\n" if self.json is False else ""))
for secret in matches:
if name == "LinkFinder" and re.match(r"^.(L[a-z]|application|audio|fonts|image|layout|multipart|plain|text|video).*\/.+", secret) is not None:
continue
stdout = ("- %s" % (secret))
print(stdout)
self.fileout.write("%s" % (stdout + "\n" if self.json is False else ""))
self.fileout.write("%s" % ("\n" if self.json is False else ""))
self.out_json["results"].append({"name": name, "matches": matches})
self.scanned = True
def integrity(self):
if os.path.exists(self.jadx) is False:
util.writeln("Can't find jadx binary.", col.WARNING)
valid = {
"yes": True,
"y": True,
"ye": True,
"no": False,
"n": False
}
while True:
util.write("Do you want to download jadx? (Y/n) ", col.OKBLUE)
try:
choice = input().lower()
if choice == "":
choice = valid["y"]
break
elif choice in valid:
choice = valid[choice]
break
else:
util.writeln(
"\nPlease respond with 'yes' or 'no' (or 'y' or 'n').",
col.WARNING)
except KeyboardInterrupt:
sys.exit(
util.writeln("\n** Interrupted. Aborting.", col.FAIL))
if choice:
util.writeln("\n** Downloading jadx...\n", col.OKBLUE)
self.dependencies()
else:
sys.exit(util.writeln("\n** Aborted.", col.FAIL))
if os.path.isfile(self.file):
try:
self.apk = self.apk_info()
except Exception as error:
util.writeln(str(error), col.WARNING)
sys.exit()
else:
return self.apk
else:
sys.exit(util.writeln("It's not a valid file!", col.WARNING))
def decompile(self):
util.writeln("** Decompiling APK...", col.OKBLUE)
args = [self.jadx, self.file, "-d", self.tempdir]
args.extend(self.disarg)
comm = "%s" % (" ".join(quote(arg) for arg in args))
os.system(comm)
