def test_parse_when_dex_parser_fails(self, mock_zipfile, mock_mkdtemp,
mock_rmtree, mock_file_parser,
mock_manifest_parser,
mock_cert_parser, mock_dex_parser):
tmp_directory = Mock()
file = any_file(filename="any-apk-file")
manifest = any_file(filename="any-manifest-file-name")
cert = any_file(filename="any-cert-file-name")
mock_zipfile.return_value.__enter__.return_value.namelist.return_value = [
"any-manifest-file-name", "any-cert-file-name", "any-dex-file-name"
]
mock_mkdtemp.return_value = tmp_directory
mock_file_parser.is_zip_file.return_value = True
mock_file_parser.return_value.parse.return_value = file
mock_manifest_parser.looks_like_manifest.side_effect = [
True, False, False
]
mock_manifest_parser.return_value.parse.return_value = manifest
mock_cert_parser.looks_like_cert.side_effect = [True, False]
mock_cert_parser.return_value.parse.return_value = cert
mock_dex_parser.looks_like_dex.side_effect = [True]
mock_dex_parser.return_value.parse.side_effect = FileParsingError()
with self.assertRaises(ApkParsingError):
ApkParser().parse("any-file-path", extended_processing=True)
mock_rmtree.assert_called_with(tmp_directory)
def test_parse_fails_when_keytool_fails(self, mock_file_parser, mock_popen):
mock_file_parser.return_value = any_file_parser(file=any_file())
mock_popen.return_value = any_popen(b"keytool error")
with self.assertRaises(CertParsingError):
self.sut.parse("any-file-path", "any-file-name")
assert_popen_called_once_with(mock_popen, "keytool -printcert -file any-file-path")
def test_parse_when_zipfile_fails(self, mock_file_parser, mock_zipfile):
mock_file_parser.is_zip_file.return_value = True
mock_file_parser.return_value.parse.return_value = any_file()
mock_zipfile.side_effect = BadZipFile()
with self.assertRaises(BadZipFile):
ApkParser().parse("any-file-path", extended_processing=False)
def test_parse_without_filename(
self,
mock_file,
mock_isfile,
mock_access,
mock_getsize,
mock_md5,
mock_sha1,
mock_sha256,
mock_sha512
):
mock_isfile.return_value = True
mock_access.return_value = True
mock_getsize.return_value = self.ANY_FILE_SIZE
mock_md5.return_value.hexdigest.return_value = self.ANY_FILE_MD5
mock_sha1.return_value.hexdigest.return_value = self.ANY_FILE_SHA1
mock_sha256.return_value.hexdigest.return_value = self.ANY_FILE_SHA256
mock_sha512.return_value.hexdigest.return_value = self.ANY_FILE_SHA512
file = self.sut.parse("any-file-path")
mock_file.assert_called_with("any-file-path", "rb")
assert_file_equal(
self,
expected=any_file(
filename="any-file-path",
size=self.ANY_FILE_SIZE,
md5=self.ANY_FILE_MD5,
sha1=self.ANY_FILE_SHA1,
sha256=self.ANY_FILE_SHA256,
sha512=self.ANY_FILE_SHA512
),
actual=file
)
def test_parse_with_extended_processing(self, mock_zipfile, mock_mkdtemp,
mock_rmtree, mock_file_parser,
mock_manifest_parser,
mock_cert_parser, mock_dex_parser,
mock_aapt):
tmp_directory = Mock()
file = any_file(filename="any-apk-file")
manifest = any_file(filename="any-manifest-file-name")
cert = any_file(filename="any-cert-file-name")
dex = any_file(filename="any-dex-file-name")
resource = any_file(filename="any-resource-file")
mock_zipfile.return_value.__enter__.return_value.namelist.return_value = [
"any-manifest-file-name", "any-cert-file-name",
"any-dex-file-name", "any-resource-file", "any-resource-directory"
]
mock_mkdtemp.return_value = tmp_directory
mock_file_parser.is_zip_file.return_value = True
mock_file_parser.is_directory.side_effect = [False, True]
mock_file_parser.return_value.parse.side_effect = [file, resource]
mock_manifest_parser.looks_like_manifest.side_effect = [
True, False, False, False, False
]
mock_manifest_parser.return_value.parse.return_value = manifest
mock_cert_parser.looks_like_cert.side_effect = [
True, False, False, False
]
mock_cert_parser.return_value.parse.return_value = cert
mock_dex_parser.looks_like_dex.side_effect = [True, False, False]
mock_dex_parser.return_value.parse.return_value = dex
mock_aapt.get_app_name.return_value = "any-app-name"
apk = ApkParser().parse("any-file-path", extended_processing=True)
mock_mkdtemp.assert_called_with(".ninjadroid")
mock_zipfile.assert_called_with("any-file-path")
mock_rmtree.assert_called_with(tmp_directory)
assert_file_equal(self, expected=file, actual=apk)
self.assert_apk_equal(apk=apk,
app_name="any-app-name",
manifest=manifest,
cert=cert,
dex_files=[dex],
other_files=[resource])
def test_parse_when_no_file_present(self, mock_file_parser, mock_zipfile,
mock_mkdtemp, mock_rmtree):
tmp_directory = Mock()
mock_file_parser.is_zip_file.return_value = True
mock_file_parser.return_value.parse.return_value = any_file()
mock_zipfile.return_value.__enter__.return_value.namelist.return_value = []
mock_mkdtemp.return_value = tmp_directory
with self.assertRaises(ApkParsingError):
ApkParser().parse("any-file-path", extended_processing=False)
mock_rmtree.assert_called_with(tmp_directory)
def test_parse_when_minidom_fails_without_apk_path(self, mock_file,
mock_file_parser,
mock_minidom):
file = any_file(filename="AndroidManifest.xml")
mock_parser_instance = any_file_parser(file=file)
mock_file_parser.return_value = mock_parser_instance
mock_minidom.parse.side_effect = ExpatError()
with self.assertRaises(AndroidManifestParsingError):
self.sut.parse(filepath="any-file-path",
binary=False,
apk_path=None,
extended_processing=False)
def test_parse_when_minidom_fails_with_apk_path_and_extended_processing(
self, mock_file, mock_file_parser, mock_minidom, mock_aapt):
file = any_file(filename="AndroidManifest.xml")
mock_parser_instance = any_file_parser(file=file)
mock_file_parser.return_value = mock_parser_instance
mock_minidom.parse.side_effect = ExpatError()
mock_aapt.get_apk_info.return_value = self.any_aapt_apk_info(
package_name="any-package-name",
version_code=1,
version_name="any-version-name",
sdk_max="20",
sdk_min="10",
sdk_target="15")
mock_aapt.get_app_permissions.return_value = [
"any-permission-0", "any-permission-1", "any-permission-2"
]
mock_aapt.get_manifest_info.return_value = self.any_aapt_manifest_info(
activities=["any-activity-name"],
services=["any-service-name"],
receivers=["any-broadcast-receiver-name"])
manifest = self.sut.parse(filepath="any-file-path",
binary=False,
apk_path="any_apk_path",
extended_processing=True)
assert_file_parser_called_once_with(mock_parser_instance,
filepath="any-file-path",
filename="AndroidManifest.xml")
mock_file.assert_called_with("any-file-path", "rb")
mock_minidom.parse.assert_called_with("any-file-path")
mock_aapt.get_apk_info.assert_called_with("any_apk_path")
mock_aapt.get_app_permissions.assert_called_with("any_apk_path")
mock_aapt.get_manifest_info.assert_called_with("any_apk_path")
assert_file_equal(self, expected=file, actual=manifest)
self.assert_manifest_equal(
manifest=manifest,
package_name="any-package-name",
version=AppVersion(code=1, name="any-version-name"),
sdk=AppSdk(min_version="10", target_version="15",
max_version="20"),
permissions=[
"any-permission-0", "any-permission-1", "any-permission-2"
],
activities=[AppActivity(name="any-activity-name")],
services=[AppService(name="any-service-name")],
receivers=[
AppBroadcastReceiver(name="any-broadcast-receiver-name")
])
def test_file_as_dict(self):
file = any_file(filename="any-file-name",
size=10,
md5="any-file-md5",
sha1="any-file-sha1",
sha256="any-file-sha256",
sha512="any-file-sha512")
result = file.as_dict()
self.assertEqual(
{
"file": "any-file-name",
"size": 10,
"md5": "any-file-md5",
"sha1": "any-file-sha1",
"sha256": "any-file-sha256",
"sha512": "any-file-sha512",
}, result)
def test_parse_binary(self, mock_file, mock_file_parser, mock_axmlprinter,
mock_minidom):
file = any_file(filename="AndroidManifest.xml")
mock_parser_instance = any_file_parser(file=file)
mock_file_parser.return_value = mock_parser_instance
mock_axmlprinter.return_value = self.any_axmlprinter()
mock_minidom.parseString.return_value = self.any_axmlprinter_xml(
package_name="any-package-name",
version_code="1",
version_name="any-version-name",
sdk_max="20",
sdk_min="10",
sdk_target="15",
permissions=[
"any-permission-1", "any-permission-2", "any-permission-0"
])
manifest = self.sut.parse(filepath="any-file-path",
binary=True,
apk_path=None,
extended_processing=False)
assert_file_parser_called_once_with(mock_parser_instance,
filepath="any-file-path",
filename="AndroidManifest.xml")
mock_file.assert_called_with("any-file-path", "rb")
mock_axmlprinter.assert_called_with(ANY)
mock_minidom.parseString.assert_called_with("any-axml-raw-value")
assert_file_equal(self, expected=file, actual=manifest)
self.assert_manifest_equal(manifest=manifest,
package_name="any-package-name",
version=AppVersion(code=1,
name="any-version-name"),
sdk=AppSdk(min_version="10",
target_version="15",
max_version="20"),
permissions=[
"any-permission-0", "any-permission-1",
"any-permission-2"
],
activities=[],
services=[],
receivers=[])
def test_parse(self, mock_file_parser, mock_popen, mock_uri_signature,
mock_shell_signature):
file = any_file()
mock_parser_instance = any_file_parser(file=file)
mock_file_parser.return_value = mock_parser_instance
mock_popen.return_value = any_popen(
b"any-string\nany-url\nany-command")
mock_uri_signature.return_value = self.any_signature(
matches=[(None, False), ("any-url", True), (None, False)])
mock_shell_signature.return_value = self.any_signature(
matches=[(None, False), (None, False), ("any-command", True)])
dex = DexParser().parse("any-file-path", "any-file-name")
assert_file_parser_called_once_with(mock_parser_instance,
filepath="any-file-path",
filename="any-file-name")
assert_popen_called_once_with(mock_popen, "strings any-file-path")
assert_file_equal(self, expected=file, actual=dex)
self.assertEqual(["any-command", "any-string", "any-url"],
dex.get_strings())
self.assertEqual(["any-url"], dex.get_urls())
self.assertEqual(["any-command"], dex.get_shell_commands())
self.assertEqual([], dex.get_custom_signatures())
def test_init(self, mock_file_parser, mock_get_localzone, mock_popen):
file = any_file()
mock_parser_instance = any_file_parser(file=file)
mock_file_parser.return_value = mock_parser_instance
mock_popen.return_value = any_popen(
response=b"Owner: CN=OwnerName, OU=OwnerUnit, O=OwnerOrganization, L=OwnerCity, ST=OwnerState, C=OwnerCountry\n" \
b"Issuer: CN=IssuerName, OU=IssuerUnit, O=IssuerOrganization, L=IssuerCity, ST=IssuerState, C=IssuerCountry\n" \
b"Serial number: 558e7595\n" \
b"Valid from: Sat Jun 27 12:06:13 CEST 2015 until: Tue Feb 26 11:06:13 CET 2515\n" \
b"Certificate fingerprints:\n" \
b"\t MD5: 90:22:EF:0C:DB:C3:78:87:7B:C3:A3:6C:5A:68:E6:45\n" \
b"\t SHA1: 5A:C0:6C:32:63:7F:5D:BE:CA:F9:38:38:4C:FA:FF:ED:20:52:43:B6\n" \
b"\t SHA256: E5:15:CC:BC:5E:BF:B2:9D:A6:13:03:63:CF:19:33:FA:CE:AF:DC:ED:5D:2F:F5:98:7C:CE:37:13:64:4A:CF:77\n" \
b"Signature algorithm name: SHA1withRSA\n" \
b"Subject Public Key Algorithm: 1024-bit RSA key\n" \
b"Version: 3"
)
mock_get_localzone.return_value.localize.side_effect = ValueError()
cert = self.sut.parse("any-file-path", "any-file-name")
assert_file_parser_called_once_with(mock_parser_instance, filepath="any-file-path", filename="any-file-name")
assert_popen_called_once_with(mock_popen, "keytool -printcert -file any-file-path")
assert_file_equal(self, expected=file, actual=cert)
self.assertEqual("558e7595", cert.get_serial_number())
self.assertEqual(
CertValidity(valid_from="Sat Jun 27 12:06:13 CEST 2015", valid_to="Tue Feb 26 11:06:13 CET 2515"),
cert.get_validity()
)
self.assertEqual(
CertFingerprint(
md5="90:22:EF:0C:DB:C3:78:87:7B:C3:A3:6C:5A:68:E6:45",
sha1="5A:C0:6C:32:63:7F:5D:BE:CA:F9:38:38:4C:FA:FF:ED:20:52:43:B6",
sha256="E5:15:CC:BC:5E:BF:B2:9D:A6:13:03:63:CF:19:33:FA:CE:AF:DC:ED:5D:2F:F5:98:7C:CE:37:13:64:4A:CF:77",
signature="SHA1withRSA",
version="3"
),
cert.get_fingerprint()
)
self.assertEqual(
CertParticipant(
name="OwnerName",
email="",
unit="OwnerUnit",
organization="OwnerOrganization",
city="OwnerCity",
state="OwnerState",
country="OwnerCountry",
domain=""
),
cert.get_owner()
)
self.assertEqual(
CertParticipant(
name="IssuerName",
email="",
unit="IssuerUnit",
organization="IssuerOrganization",
city="IssuerCity",
state="IssuerState",
country="IssuerCountry",
domain=""
),
cert.get_issuer()
)
def test_apk_as_dict(self):
apk = APK(
filename="any-apk-file-name",
size=10,
md5hash="any-apk-file-md5",
sha1hash="any-apk-file-sha1",
sha256hash="any-apk-file-sha256",
sha512hash="any-apk-file-sha512",
app_name="any-app-name",
cert=Cert(
filename="any-cert-file-name",
size=20,
md5hash="any-cert-file-md5",
sha1hash="any-cert-file-sha1",
sha256hash="any-cert-file-sha256",
sha512hash="any-cert-file-sha512",
serial_number="any-cert-serial-number",
validity=CertValidity(
valid_from="any-cert-validity-from",
valid_to="any-cert-validity-to"
),
fingerprint=CertFingerprint(
md5="any-cert-fingerprint-md5",
sha1="any-cert-fingerprint-sha1",
sha256="any-cert-fingerprint-sha256",
signature="any-cert-fingerprint-signature",
version="any-cert-fingerprint-version"
),
owner=CertParticipant(
name="any-cert-owner-name",
email="any-cert-owner-email",
unit="any-cert-owner-unit",
organization="any-cert-owner-organization",
city="any-cert-owner-city",
state="any-cert-owner-state",
country="any-cert-owner-country",
domain="any-cert-owner-domain"
),
issuer=CertParticipant(
name="any-cert-issuer-name",
email="any-cert-issuer-email",
unit="any-cert-issuer-unit",
organization="any-cert-issuer-organization",
city="any-cert-issuer-city",
state="any-cert-issuer-state",
country="any-cert-issuer-country",
domain="any-cert-issuer-domain"
)
),
manifest=AndroidManifest(
filename="any-manifest-file-name",
size=30,
md5hash="any-manifest-file-md5",
sha1hash="any-manifest-file-sha1",
sha256hash="any-manifest-file-sha256",
sha512hash="any-manifest-file-sha512",
package_name="any-package-name",
version=AppVersion(code=1, name="any-version-name"),
sdk=AppSdk(min_version="10", target_version="15", max_version="20"),
permissions=[],
activities=[],
services=[],
receivers=[]
),
dex_files=[
Dex(
filename="any-dex-file-name",
size=40,
md5hash="any-dex-file-md5",
sha1hash="any-dex-file-sha1",
sha256hash="any-dex-file-sha256",
sha512hash="any-dex-file-sha512",
strings=[],
urls=[],
shell_commands=[],
custom_signatures=[]
)
],
other_files=[
any_file(
filename="any-resource-file-name",
size=50,
md5="any-resource-file-md5",
sha1="any-resource-file-sha1",
sha256="any-resource-file-sha256",
sha512="any-resource-file-sha512"
)
]
)
result = apk.as_dict()
self.assertEqual(
{
"file": "any-apk-file-name",
"size": 10,
"md5": "any-apk-file-md5",
"sha1": "any-apk-file-sha1",
"sha256": "any-apk-file-sha256",
"sha512": "any-apk-file-sha512",
"name": "any-app-name",
"cert": {
"file": "any-cert-file-name",
"size": 20,
"md5": "any-cert-file-md5",
"sha1": "any-cert-file-sha1",
"sha256": "any-cert-file-sha256",
"sha512": "any-cert-file-sha512",
"serial_number": "any-cert-serial-number",
"validity": {
"from": "any-cert-validity-from",
"until": "any-cert-validity-to"
},
"fingerprint": {
"md5": "any-cert-fingerprint-md5",
"sha1": "any-cert-fingerprint-sha1",
"sha256": "any-cert-fingerprint-sha256",
"signature": "any-cert-fingerprint-signature",
"version": "any-cert-fingerprint-version"
},
"owner": {
"name": "any-cert-owner-name",
"email": "any-cert-owner-email",
"unit": "any-cert-owner-unit",
"organization": "any-cert-owner-organization",
"city": "any-cert-owner-city",
"state": "any-cert-owner-state",
"country": "any-cert-owner-country",
"domain": "any-cert-owner-domain"
},
"issuer": {
"name": "any-cert-issuer-name",
"email": "any-cert-issuer-email",
"unit": "any-cert-issuer-unit",
"organization": "any-cert-issuer-organization",
"city": "any-cert-issuer-city",
"state": "any-cert-issuer-state",
"country": "any-cert-issuer-country",
"domain": "any-cert-issuer-domain"
}
},
"manifest": {
"file": "any-manifest-file-name",
"size": 30,
"md5": "any-manifest-file-md5",
"sha1": "any-manifest-file-sha1",
"sha256": "any-manifest-file-sha256",
"sha512": "any-manifest-file-sha512",
"package": "any-package-name",
"version": {
"code": 1,
"name": "any-version-name"
},
"sdk": {
"min": "10",
"target": "15",
"max": "20"
},
"permissions": []
},
"dex": [
{
"file": "any-dex-file-name",
"size": 40,
"md5": "any-dex-file-md5",
"sha1": "any-dex-file-sha1",
"sha256": "any-dex-file-sha256",
"sha512": "any-dex-file-sha512",
"strings": [],
"urls": [],
"shell_commands": []
}
],
"other": [
{
"file": "any-resource-file-name",
"size": 50,
"md5": "any-resource-file-md5",
"sha1": "any-resource-file-sha1",
"sha256": "any-resource-file-sha256",
"sha512": "any-resource-file-sha512",
}
]
},
result
)
