Python中文网 - 问答频道, 解决您学习工作中的Python难题和Bug
Python常见问题
当我给布谷鸟打补丁的时候发生了这个问题。我不知道怎么了。在
请告诉我怎么修理。在
我整天都在修…..哈。。。在
这只是个小虫子吗?在
版权所有(C)Check Point软件技术有限公司。 此文件是布谷鸟沙盒的一部分-http://www.cuckoosandbox.org 有关复制权限,请参阅文件“docs/LICENSE”。 导入base64 导入hashlib 导入操作系统 导入日志记录 从zipfile导入BadZipfile,zipfile 导入zipfile 从lib.buckoo.api文件.dextumper.dextumper导入字符串转储程序 从lib.buckoo.api文件.androguard_extensions import get_show_NativeMethods,get_show_密码,get_show_权限\ 获取\显示\反射代码、获取\显示\动态编码、获取\方法、获取\扩展接收器、获取\权限 从lib.buckoo.api文件.证书导入获取证书 从lib.buckoo.api文件.intrest\u strings导入查找\u字符串
try:
from androguard.core.bytecodes.apk import APK
from androguard.core.bytecodes.dvm import DalvikVMFormat
from androguard.core.analysis.analysis import uVMAnalysis, PathVar, TAINTED_PACKAGE_CALL, is_crypto_code
from androguard.core.analysis import analysis
from androguard.core.bytecodes.dvm_permissions import DVM_PERMISSIONS
HAVE_ANDROGUARD = True
except ImportError:
HAVE_ANDROGUARD = False
from lib.cuckoo.common.objects import File
from lib.cuckoo.common.abstracts import Processing
from lib.cuckoo.common.exceptions import CuckooProcessingError
def get_apk_icon(filepath):
zfile = zipfile.ZipFile(filepath)
for finfo in zfile.infolist():
if "ic_launcher.png" in finfo.filename or "icon.png" in finfo.filename:
ifile = zfile.open(finfo).read()
return base64.encodestring(ifile)
return None
log = logging.getLogger(__name__)
class ApkInfo(Processing):
"""Static android information about analysis session."""
def __init__(self):
self.key = "apkinfo"
self.files_name_map={}
self.files_name_map["apk"] = []
self.files_name_map["jar"] = []
self.files_name_map["so"] = []
self.files_name_map["ko"] = []
self.files_name_map["dex"] = []
self.files_name_map["exe"] = []
self.files_name_map["arm_exe"] = []
def file_type_check(self, file):
name = file["name"]
fileName, fileExtension = os.path.splitext(name)
type = file["type"]
if "Java Jar" in type:
self.files_name_map["jar"].append(file)
if "apk" not in fileExtension and "jar" not in fileExtension:
return True
elif "Android" in type:
self.files_name_map["apk"].append(file)
if "apk" not in fileExtension and "jar" not in fileExtension:
return True
elif "shared object, ARM" in type:
self.files_name_map["so"].append(file)
if "so" not in fileExtension and "art" not in fileExtension:
return True
elif "executable, ARM" in type:
self.files_name_map["arm_exe"].append(file)
if "" != fileExtension:
return True
elif "relocatable, ARM" in type:
self.files_name_map["ko"].append(file)
if "ko" not in fileExtension:
return True
elif "Dalvik" in type:
if file["name"] != "classes.dex":
self.files_name_map["dex"].append(file)
if "dex" not in fileExtension:
return True
elif "8086" in type or "PE32" in type:
self.files_name_map["exe"].append(file)
if "exe" not in fileExtension:
return True
else:
if ".apk" == fileExtension:
self.files_name_map["apk"].append(file)
elif ".jar" == fileExtension:
self.files_name_map["jar"].append(file)
elif ".so" == fileExtension:
self.files_name_map["so"].append(file)
elif ".ko" == fileExtension:
self.files_name_map["ko"].append(file)
elif ".exe" == fileExtension:
self.files_name_map["exe"].append(file)
elif ".dex" == fileExtension:
if file["name"] != "classes.dex":
self.files_name_map["dex"].append(file)
return False
def check_size(self, file_list):
for file in file_list:
if "classes.dex" in file["name"]:
if("decompilation_threshold" in self.options):
if file["size"] < self.options.decompilation_threshold:
return True
else:
return False
else:
return True
return False
def _apk_files(self, apk):
"""Returns a list of files in the APK."""
ret = []
for fname, filetype in apk.get_files_types().items():
buf = apk.zip.read(fname)
ret.append({
"name": fname,
"md5": hashlib.md5(buf).hexdigest(),
"size": len(buf),
"type": filetype,
})
return ret
def _get_strings(self, apk_path):
list_string = []
for string in string_dumper(apk_path):
try:
list_string.append(str.decode(string, "utf-8"))
except:
pass
return list_string
def run(self):
"""Run androguard to extract static android information
@return: list of static features
"""
self.key = "apkinfo"
apkinfo = {}
if "file" not in self.task["category"] or not HAVE_ANDROGUARD:
return
f = File(self.task["target"])
#if f.get_name().endswith((".zip", ".apk")) or "zip" in f.get_type():
if not os.path.exists(self.file_path):
raise CuckooProcessingError("Sample file doesn't exist: \"%s\"" % self.file_path)
try:
a = APK(self.file_path)
if a.is_valid_APK():
manifest = {}
apkinfo["files"] = self._apk_files(a)
manifest["package"] = a.get_package()
apkinfo["hidden_payload"] = []
for file in apkinfo["files"]:
if self.file_type_check(file):
apkinfo["hidden_payload"].append(file)
apkinfo["files_flaged"] = self.files_name_map
manifest["permissions"]= get_permissions(a)
manifest["main_activity"] = a.get_main_activity()
manifest["activities"] = a.get_activities()
manifest["services"] = a.get_services()
manifest["receivers"] = a.get_receivers()
manifest["receivers_actions"] = get_extended_receivers(a)
manifest["providers"] = a.get_providers()
manifest["libraries"] = a.get_libraries()
apkinfo["manifest"] = manifest
apkinfo["icon"] = get_apk_icon(self.file_path)
certificate = get_certificate(self.file_path)
if certificate:
apkinfo["certificate"] = certificate
#vm = DalvikVMFormat(a.get_dex())
#strings = vm.get_strings()
strings = self._get_strings(self.file_path)
apkinfo["interesting_strings"] = find_strings(strings)
apkinfo["dex_strings"] = strings
static_calls = {}
if self.options.decompilation:
if self.check_size(apkinfo["files"]):
vm = DalvikVMFormat(a.get_dex())
vmx = uVMAnalysis(vm)
static_calls["all_methods"] = get_methods(vmx)
static_calls["is_native_code"] = analysis.is_native_code(vmx)
static_calls["is_dynamic_code"] = analysis.is_dyn_code(vmx)
static_calls["is_reflection_code"] = analysis.is_reflection_code(vmx)
static_calls["is_crypto_code"] = is_crypto_code(vmx)
static_calls["dynamic_method_calls"] = get_show_DynCode(vmx)
static_calls["reflection_method_calls"] = get_show_ReflectionCode(vmx)
static_calls["permissions_method_calls"] = get_show_Permissions(vmx)
static_calls["crypto_method_calls"] = get_show_CryptoCode(vmx)
static_calls["native_method_calls"] = get_show_NativeMethods(vmx)
classes = list()
for cls in vm.get_classes():
classes.append(cls.name)
static_calls["classes"] = classes
else:
log.warning("Dex size bigger than: %s",
self.options.decompilation_threshold)
apkinfo["static_method_calls"] = static_calls
except (IOError, OSError, BadZipfile) as e:
raise CuckooProcessingError("Error opening file %s" % e)
return apkinfo
Tags: nameinselfmapgetreturnifstatic
热门问题
- 我想从用户inpu创建一个类的实例
- 我想从用户导入值,为此
- 我想从用户那里得到一个整数输入,然后让for循环遍历该数字,然后调用一个函数多次
- 我想从用户那里收到一个列表,并在其中执行一些步骤,然后在步骤完成后将其打印回来,但它没有按照我想要的方式工作
- 我想从用户那里获取输入,并将值传递给(average=dict[x]/6),然后在那里获取resu
- 我想从第一个列表中展示第一个词,然后从第二个列表中展示十个词,以此类推- Python
- 我想从第一个空lin开始解析文本文件
- 我想从简历、简历中提取特定部分
- 我想从给定字典(python)的字符串中删除\u00a9、\u201d和类似的字符。
- 我想从给定的网站Lin下载许多文件扩展名相同的Wget或Python文件
- 我想从网上搜集一些关于抵押贷款的数据
- 我想从网站上删除电子邮件地址
- 我想从网站上读取数据该网站包含可下载的文件,然后我想用python脚本把它发送给oracle如何?
- 我想从网站中提取数据,然后将其显示在我的网页上
- 我想从网页上提取统计数据。
- 我想从网页上解析首都城市,并在用户输入国家时在终端上打印它们
- 我想从色彩图中删除前n个颜色,而不丢失原始颜色数
- 我想从课堂上打印字典里的键
- 我想从费用表中获取学生上次支付的费用,其中学生id=id
- 我想从较低的顺序对多重列表进行排序,但我无法在一行中生成结果
热门文章
- Python覆盖写入文件
- 怎样创建一个 Python 列表?
- Python3 List append()方法使用
- 派森语言
- Python List pop()方法
- Python Django Web典型模块开发实战
- Python input() 函数
- Python3 列表(list) clear()方法
- Python游戏编程入门
- 如何创建一个空的set?
- python如何定义(创建)一个字符串
- Python标准库 [The Python Standard Library by Ex
- Python网络数据爬取及分析从入门到精通(分析篇)
- Python3 for 循环语句
- Python List insert() 方法
- Python 字典(Dictionary) update()方法
- Python编程无师自通 专业程序员的养成
- Python3 List count()方法
- Python 网络爬虫实战 [Web Crawler With Python]
- Python Cookbook(第2版)中文版
目前没有回答
相关问题 更多 >
编程相关推荐