TODO: Androguard

Π­Ρ‚ΠΎ ΠΎΡ‚Π»ΠΈΡ‡Π½Π΅ΠΉΡˆΠ°Ρ Python-Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ° для парсинга APK, Dex ΠΈ Π΄Ρ€ Ρ„Π°ΠΉΠ»ΠΎΠ², связанных с Android-прилоТСниями. Π•ΡΡ‚ΡŒ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡ‚ΡŒ ΠΏΠΎΠ΄ΠΊΠ»ΡŽΡ‡Π°Ρ‚ΡŒ Ρ€Π°Π·Π»ΠΈΡ‡Π½Ρ‹Π΅ дСкомпиляторы ΠΈ ΡΡ‚Ρ€ΠΎΠΈΡ‚ΡŒ XREF'Ρ‹ Π² ΠΎΠ±Π΅ стороны (Ρ‡Ρ‚ΠΎ класс ΠΈΠ»ΠΈ ΠΌΠ΅Ρ‚ΠΎΠ΄ Π²Ρ‹Π·Ρ‹Π²Π°ΡŽΡ‚, ΠΊΡ‚ΠΎ ΠΈΡ… Π²Ρ‹Π·Ρ‹Π²Π°Π΅Ρ‚).

ΠœΠΈΠ½ΡƒΡΡ‹: Π½Π΅ достаСт ΠΈΠ½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΡŽ ΠΈ статичСских полях.

ΠŸΡ€ΠΈΠΌΠ΅Ρ€

"""
ΠŸΠΎΠ»ΡƒΡ‡Π°Π΅ΠΌ список всСх классов, Ρ‡Ρ‚ΠΎ Ρ€Π΅ΡΡˆΠΈΡ€ΡΡŽΡ‚ (extends) com.google.protobuf.GenerateMessageLite
"""

from androguard.core.bytecodes.apk import APK
from androguard.core.bytecodes.dvm import DalvikVMFormat
from androguard.core.analysis.analysis import Analysis
from androguard.core.analysis.analysis import ClassAnalysis
from androguard.misc import AnalyzeAPK
from pathlib import Path
from androguard.decompiler.decompiler import DecompilerJADX


def ClassToProto(classAnalysis: ClassAnalysis):
    # Androguard Π½Π΅ ΠΌΠΎΠΆΠ΅Ρ‚ Π² статичСскиС поля (((
    # А LIEF Π²ΠΎΠΎΠ±Ρ‰Π΅ Π½Π΅ ΠΌΠΎΠΆΠ΅Ρ‚ Π² поля..

    for fieldClassAnalysis in classAnalysis.get_fields():
        encodedField = fieldClassAnalysis.field
        print(encodedField.name)

    print(classAnalysis.name)


# Π—Π°Π³Ρ€ΡƒΠΆΠ°Π΅ΠΌ APK Π² Androguard
apk_file = Path('my.apk')
BASE_CLASS_NAME = 'Lcom/google/protobuf/GeneratedMessageLite;'


def test_apk():

    apk_info, dex_info_list, analysis = AnalyzeAPK(apk_file)

    # ΠŸΠΎΠ»ΡƒΡ‡Π°Π΅ΠΌ ΠΈΠ½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΡŽ ΠΎ всСх классах, Ρ‡Ρ‚ΠΎ Ρ€Π°ΡΡˆΠΈΡ€ΡΡŽΡ‚ com.google.protobuf.GeneratedMessageLite
    generatedMessageLiteClassAnalysis = analysis.get_class_analysis(BASE_CLASS_NAME)

    res = []

    if generatedMessageLiteClassAnalysis:
        for classAnalysis in generatedMessageLiteClassAnalysis.get_xref_from():
            if classAnalysis.extends == BASE_CLASS_NAME:  # We can extend only one class!
                res.append(classAnalysis.name)
                # ClassToProto(classAnalysis)
                ...
            ...
        ...
    else:
        print('com.google.protobuf.GeneratedMessageLite not found :(')

    # Save classes
    with Path('out/classes.text').open(mode='w') as out_stream:
        out_stream.write('\n'.join(res))


def test_jadx():
    apk_info = APK(apk_file)
    d = DalvikVMFormat(apk_info)
    dx = Analysis(d)

    decompiler = DecompilerJADX(d, dx)

    d.set_decompiler(decompiler)
    d.set_vmanalysis(dx)

    class_ = d.get_class(BASE_CLASS_NAME)
    ...

test_apk()
PreviousDecompilersNextTODO: AndroPyTool

Last updated

Was this helpful?