def main(args):
includes = args.includes
# Debug mode
logs.DEBUG = args.d
# logs.DEBUG = DEBUG
smali_dir = None
if logs.DEBUG:
smali_dir = os.path.join(os.path.abspath(os.curdir), 'smali')
else:
smali_dir = tempfile.mkdtemp()
output_dex = None
if args.o:
output_dex = args.o
dex_file = None
# smali dir
if os.path.isdir(args.f):
if args.f.endswith('\\') or args.f.endswith('/'):
smali_dir = args.f[:-1]
else:
smali_dir = args.f
dex_file = smali(smali_dir, os.path.basename(smali_dir) + '.dex')
dexsim_dex(dex_file, smali_dir, includes, output_dex)
elif Magic(args.f).get_type() == 'apk':
apk_path = args.f
if logs.DEBUG:
tempdir = os.path.join(os.path.abspath(os.curdir), 'tmp_dir')
if not os.path.exists(tempdir):
os.mkdir(tempdir)
else:
tempdir = tempfile.mkdtemp()
ptn = re.compile(r'classes\d*.dex')
zipFile = zipfile.ZipFile(apk_path)
for item in zipFile.namelist():
if ptn.match(item):
output_path = zipFile.extract(item, tempdir)
baksmali(output_path, smali_dir)
zipFile.close()
dex_file = os.path.join(tempdir, 'new.dex')
# smali(smali_dir, dex_file)
dexsim_dex(args.f, smali_dir, includes, output_dex)
if not logs.DEBUG:
shutil.rmtree(tempdir)
elif Magic(args.f).get_type() == 'dex':
dex_file = os.path.basename(args.f)
baksmali(dex_file, smali_dir)
dexsim_dex(dex_file, smali_dir, includes, output_dex)
else:
print("Please give smali_dir/dex/apk.")
def main(args):
if os.path.isfile(args.file):
if args.T:
t = Magic(args.file).get_type()
if t != 'apk':
return
trees = APK(args.file).get_trees()
nodes = trees.get(args.T, [])
for node in nodes:
APK.pretty_print(node)
else:
return
if not os.path.isdir(args.file):
return
apks = []
for root, _, files in os.walk(args.file):
for f in files:
path = os.path.join(root, f)
t = Magic(path).get_type()
if t != 'apk':
continue
apks.append(APK(path))
if not apks:
return
ai = APK_Intersection(apks)
if args.m:
ai.intersect_manifest()
if args.s:
ai.intersect_dex_string() # TODO 相同的字符串太多了,反编译删除干扰的数据
if args.t:
ai.intersect_dex_tree()
if args.p:
ai.intersect_apis()
if args.r:
ai.intersect_resources()
def odex_to_dex(args):
if not os.path.exists(args.file):
print(args.file, 'is not exists.')
elif os.path.isfile(args.file):
file_type = Magic(args.file).get_type()
if file_type == 'odex':
odex2dex(args.file, args.o)
else:
print(file_type, 'unsupport')
else:
print('unsupported, please give a odex file.')
def _init_dex_files(self):
self.dex_files = []
try:
with apkfile.ZipFile(self.apk_path, 'r') as z:
for name in z.namelist():
data = z.read(name)
if name.startswith('classes') and name.endswith('.dex') \
and Magic(data).get_type() == 'dex':
dex_file = DexFile(data)
self.dex_files.append(dex_file)
except Exception as ex:
raise ex
def scan(file_path, rules, timeout):
file_type = Magic(file_path).get_type()
try:
if 'apk' == file_type:
scan_apk(file_path, rules, timeout)
else:
match_dict = do_yara(file_path, rules, timeout)
if len(match_dict) > 0:
print_matches(file_path, match_dict)
except yara.Error as e:
print(e)
def main(args):
if args.debug:
set_value("DEBUG_MODE", args.debug)
if args.pname:
set_value("PLUGIN_NAME", args.pname)
includes = args.includes
output_dex = None
if args.o:
output_dex = args.o
if args.s:
if os.path.isdir(args.s):
dexsim_apk(args.f, args.s, includes, output_dex)
return
smali_dir = None
if get_value('DEBUG_MODE'):
smali_dir = os.path.join(os.path.abspath(os.curdir), 'zzz')
else:
smali_dir = tempfile.mkdtemp()
dex_file = None
if Magic(args.f).get_type() == 'apk':
apk_path = args.f
if get_value('DEBUG_MODE'):
tempdir = os.path.join(os.path.abspath(os.curdir), 'tmp_dir')
if not os.path.exists(tempdir):
os.mkdir(tempdir)
else:
tempdir = tempfile.mkdtemp()
ptn = re.compile(r'classes\d*.dex')
zipFile = zipfile.ZipFile(apk_path)
for item in zipFile.namelist():
if ptn.match(item):
output_path = zipFile.extract(item, tempdir)
baksmali(output_path, smali_dir)
zipFile.close()
dex_file = os.path.join(tempdir, 'new.dex')
smali(smali_dir, dex_file)
dexsim_apk(args.f, smali_dir, includes, output_dex)
if not get_value('DEBUG_MODE'):
shutil.rmtree(tempdir)
else:
print("Please give A apk.")
def _init_certs(self):
try:
with apkfile.ZipFile(self.apk_path, mode="r") as zf:
for name in zf.namelist():
if 'META-INF' in name:
data = zf.read(name)
mine = Magic(data).get_type()
if mine != 'txt':
from apkutils.cert import Certificate
cert = Certificate(data)
self.certs = cert.get()
except Exception as e:
raise e
def _init_certs(self, digestalgo):
try:
with apkfile.ZipFile(self.apk_path, mode="r") as zf:
for name in zf.namelist():
if name.startswith('META-INF/') and name.endswith(
('.DSA', '.RSA')):
data = zf.read(name)
mine = Magic(data).get_type()
if mine != 'txt':
from apkutils.cert import Certificate
cert = Certificate(data, digestalgo=digestalgo)
self.certs[digestalgo] = cert.get()
except Exception as e:
raise e
def run(self, input_path, output_path, include_str):
if os.path.isdir(input_path):
return self.sim_dir(input_path, output_path, include_str)
file_type = Magic(input_path).get_type()
print('File type: %s' % file_type)
if file_type == 'apk':
return self.sim_apk(input_path, output_path, include_str)
elif file_type == 'dex':
return self.sim_dex(input_path, output_path, include_str)
print("Please give smali_dir/dex/apk.")
return -1
def disassembles(args):
if not os.path.exists(args.file):
print(args.file, 'is not exists.')
elif os.path.isfile(args.file):
file_type = Magic(args.file).get_type()
if file_type in ['dex', 'apk']:
baksmali('d', args.file, output=args.o)
elif file_type == 'odex':
if args.p:
baksmali('x', args.file, args.p, args.o)
else:
baksmali('x', args.file, droidbox_framework, args.o)
else:
print(file_type, 'unsupport')
else:
print('unsupported, please give a dex/odex/oat file.')
def main(args):
include_str = args.i
print()
smali_tempdir = tempfile.mkdtemp()
output_dex = None
if args.o:
output_dex = args.o
if os.path.isdir(args.f):
if args.f.endswith('\\') or args.f.endswith('/'):
smali_dir = args.f[:-1]
else:
smali_dir = args.f
dex_file = smali(smali_dir, os.path.basename(smali_dir) + '.dex')
dexsim_dex(dex_file, smali_dir, include_str, output_dex)
elif Magic(args.f).get_type() == 'apk':
apk_path = args.f
# 反编译所有的classes\d.dex文件
tempdir = tempfile.mkdtemp()
smali_tempdir = tempfile.mkdtemp()
import re
ptn = re.compile(r'classes\d*.dex')
import zipfile
zipFile = zipfile.ZipFile(apk_path)
for item in zipFile.namelist():
if ptn.match(item):
output_path = zipFile.extract(item, tempdir)
baksmali(output_path, smali_tempdir)
zipFile.close()
# 回编译为临时的dex文件
target_dex = os.path.join(tempdir, 'new.dex')
smali(smali_tempdir, target_dex)
dexsim_dex(target_dex, smali_tempdir, include_str, output_dex)
shutil.rmtree(tempdir)
else:
dex_file = os.path.basename(args.f)
baksmali(dex_file, smali_tempdir)
dexsim_dex(dex_file, smali_tempdir, include_str, output_dex)
def get_elf_files(apk_path):
files = list()
if zipfile.is_zipfile(apk_path):
try:
with zipfile.ZipFile(apk_path, mode="r") as zf:
for name in zf.namelist():
try:
data = zf.read(name)
mime = Magic(data).get_type()
if mime == 'elf':
elf_data = io.BytesIO(data)
elf_file = ELFFile(elf_data)
files.append((name, elf_data, elf_file))
except Exception as ex:
continue
except Exception as ex:
raise ex
return files
def _init_children(self):
self.children = []
try:
with apkfile.ZipFile(self.apk_path, mode="r") as zf:
for name in zf.namelist():
try:
data = zf.read(name)
mine = Magic(data).get_type()
info = zf.getinfo(name)
except Exception as ex:
print(name, ex)
continue
item = {}
item["name"] = name
item["type"] = mine
item["time"] = "%d%02d%02d%02d%02d%02d" % info.date_time
crc = str(hex(info.CRC)).upper()[2:]
crc = '0' * (8 - len(crc)) + crc
item["crc"] = crc
# item["sha1"] = ""
self.children.append(item)
except Exception as e:
raise e
def test_dex(self):
m = Magic(FILES_PATH + 'test.dex')
self.assertEqual(m.get_type(), 'dex')
def test_axml(self):
m = Magic(FILES_PATH + 'test.axml')
self.assertEqual(m.get_type(), 'axml')
def __init__(self, file_path):
if Magic(file_path).get_type() != 'elf':
return
self.elf_data = open(file_path, 'rb')
self.elf_file = ELFFile(self.elf_data)
def test_arsc(self):
m = Magic(FILES_PATH + 'test.arsc')
self.assertEqual(m.get_type(), 'arsc')
def test_elf(self):
m = Magic(FILES_PATH + 'test.so')
self.assertEqual(m.get_type(), 'elf')
def test_png(self):
m = Magic(FILES_PATH + 'test.png')
self.assertEqual(m.get_type(), 'png')
def test_apk(self):
m = Magic(FILES_PATH + 'test.apk')
self.assertEqual(m.get_type(), 'apk')
def istext(self, data):
m = Magic(FILES_PATH + 'test.txt')
self.assertEqual(m.get_type(), 'txt')
def test_zip(self):
m = Magic(FILES_PATH + 'test.zip')
self.assertEqual(m.get_type(), 'zip')
def main(args):
print(Magic(args.p).get_type())
