408/notes_estom
1
0
Fork 0
mirror of https://github.com/Estom/notes.git synced 2026-02-03 10:33:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

androguard学习完成

Browse Source
This commit is contained in:
yinkanglong
2021-12-16 09:58:17 +08:00
parent b694534b7c
commit 549127ce01
56 changed files with 1820 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
Python/androguard/analyze.ipynb → Python/androguard/1 androd编译原理.ipynb
View File

@@ -71,57 +71,54 @@
"cell_type": "markdown",
"metadata": {},
"source": [
"## 2 DVM讲解Android运行时虚拟环境\n",
"\n",
"## 常用的命令行工具\n",
"* androguard:所有工具的集合\n",
" * androguard analyze交互式命令行Ipython工具\n",
" * androguard cz:create a call graph调用图工具\n",
" * androguard gui:图形界面工具\n",
" * androguard sign:证书管理工具\n",
" * androguard axml:manifest解析工具\n",
" * androguard arsc:resource解析工具\n",
" * androguard decompile:反编译工具并创建cfg\n",
" * androguard dissassemple:dex反编译工具\n",
"> 来自于王还是那个的一篇文章 https://blog.csdn.net/iblade/article/details/78959750\n",
"\n",
"它本身是一个ipython分析工具既可以作为命令行工具执行也可以嵌入到Python脚本中用于分析Python文件。以上命令都会开启一个ipython交互式命令行。"
"### jvm与dvm对比\n",
"![](2021-12-15-14-53-19.png)\n",
"\n",
"1. JVM Java virtual machineJava的虚拟机\n",
" 1. 基于栈,指令会更多。\n",
" 2. .java文件编译成.class文件然后打包成jar文件。\n",
" 3. JVM加载.jar文件时回家再所有的.class文件。\n",
"2. DVM Dalvik virtual machine Android的虚拟机\n",
" 1. 基于寄存器,指令更长,但指令更少。\n",
" 2. .java文件编译成.class文件汇编成.dex文件然后打包成apk文件\n",
" 3. DVM加载apk文件时只加载一个经过优化后的.dex文件。\n",
" 4. 每一个应用都运行在一个独立的DVM实例当中每一个DVM实例都运行在一个独立的进程空间中。\n",
"\n",
"### dvm静态架构\n",
"\n",
"DVM的源码位于dalvik/目录下其中dalvik/vm目录下的内容是DVM的具体实现部分它会被编译成libdvm.sodalvik/libdex会被编译成libdex.a静态库作为dex工具使用dalvik/dexdump是.dex文件的反编译工具DVM的可执行程序位于dalvik/dalvikvm中将会被编译成dalvikvm可执行程序。DVM架构如下图所示。\n",
"\n",
"![](2021-12-15-14-58-53.png)\n",
"\n",
"### dvm运行时堆\n",
"\n",
"DVM的运行时堆主要由两个Space以及多个辅助数据结构组成两个Space分别是Zygote SpaceZygote Heap和Allocation SpaceActive Heap。Zygote Space用来管理Zygote进程在启动过程中预加载和创建的各种对象Zygote Space中不会触发GC所有进程都共享该区域比如系统资源。Allocation Space是在Zygote进程fork第一个子进程之前创建的它是一种私有进程Zygote进程和fock的子进程在Allocation Space上进行对象分配和释放。\n",
"除了这两个Space还包含以下数据结构\n",
"\n",
"* Card Table 用于DVM Concurrent GC当第一次进行垃圾标记后记录垃圾信息。\n",
"* Heap Bitmap 有两个Heap Bitmap一个用来记录上次GC存活的对象另一个用来记录这次GC存活的对象。\n",
"* Mark Stack DVM的运行时堆使用标记-清除Mark-Sweep算法进行GC不了解标记-清除算法的同学查看Java虚拟机垃圾收集算法这篇文章。Mark Stack就是在GC的标记阶段使用的它用来遍历存活的对象。\n",
"\n",
"### ART虚拟机\n",
"\n",
"ART(Android Runtime)是Android 4.4发布的用来替换Dalvik虚拟Android 4.4默认采用的还是DVM系统会提供一个选项来开启ART。在Android 5.0时默认采用ARTDVM从此退出历史舞台。\n",
"\n",
"### ART与DVM的区别\n",
"1. DVM中的应用每次运行时字节码都需要通过即时编译器JITjust in time转换为机器码这会使得应用的运行效率降低。而在ART中系统在安装应用时会进行一次预编译AOTahead of time,将字节码预先编译成机器码并存储在本地,这样应用每次运行时就不需要执行编译了,运行效率也大大提升。\n",
"2. ART占用空间比Dalvik大字节码变为机器码之后可能会增加10%-20%),这就是“时间换空间大法”。\n",
"3. 预编译也可以明显改善电池续航,因为应用程序每次运行时不用重复编译了,从而减少了 CPU 的使用频率,降低了能耗。\n",
"### ART的运行时堆\n",
"与DVM的GC不同的是ART的GC类型有多种主要分为Mark-Sweep GC和Compacting GC。ART的运行时堆的空间根据不同的GC类型也有着不同的划分如果采用的是Mark-Sweep GC运行时堆主要是由四个Space和多个辅助数据结构组成四个Space分别是Zygote Space、Allocation Space、Image Space和Large Object Space。Zygote Space、Allocation Space和DVM中的作用是一样的。Image Space用来存放一些预加载类Large Object Space用来分配一些大对象默认大小为12k。其中Zygote Space和Image Space是进程间共享的。\n"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## androguard使用教程\n",
"> 官方使用教程"
]
},
{
"cell_type": "code",
"execution_count": 20,
"metadata": {},
"outputs": [],
"source": [
"from androguard import misc\n",
"a,d,dx = misc.AnalyzeAPK('1.apk')"
]
},
{
"cell_type": "code",
"execution_count": 21,
"metadata": {},
"outputs": [],
"source": [
"dx.get_classes()\n",
"axml = a.get_android_manifest_xml()"
]
},
{
"cell_type": "code",
"execution_count": 23,
"metadata": {},
"outputs": [],
"source": [
"from androguard import cli"
]
"source": []
}
],
"metadata": {

31
Python/androguard/10 androguard源码阅读.ipynb Normal file
View File

@@ -0,0 +1,31 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 1 调用逻辑说明\n",
"\n",
"1. python脚本、命令行脚本。\n",
"2. androguard.cli模块包含各个脚本的python逻辑代码接受脚本的参数然后加载androguard.core内容完成具体的不同的main的操作。如axml_main,arsc_main等。\n",
"3. androguard.core如果自己定制的内容比较核心的话可以直接导入该包下的内容进行恶意软件的分析工作。可以进行更细粒度的控制。而不是基于官方给出的main方法进行控制。\n",
"\n",
"\n",
"建议模仿andorguard中提供的cli命令的main逻辑直接调用androguard.core中的模块进行恶意软件分析写成python脚本。"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": []
}
],
"metadata": {
"language_info": {
"name": "python"
},
"orig_nbformat": 4
},
"nbformat": 4,
"nbformat_minor": 2
}

13
Python/androguard/androguard_lesson.ipynb → Python/androguard/2 androguard网络教程.ipynb
View File

@@ -47,6 +47,7 @@
"source": [
"## 2 一个网络教程——作为python的模块使用\n",
"> 这是一个新版本的应用教程 https://blog.csdn.net/vitA_gsm/article/details/104791870?utm_medium=distribute.pc_aggpage_search_result.none-task-blog-2~aggregatepage~first_rank_ecpm_v1~rank_v31_ecpm-9-104791870.pc_agg_new_rank&utm_term=androguard+python&spm=1000.2123.3001.4430 \n",
"> \n",
"> 这是一个老版本的教程,需要手动引入很多库文件。可以完全用这种方式进行分析。 https://blog.csdn.net/ybdesire/article/details/52280303"
]
},
@@ -123,6 +124,7 @@
"source": [
"## 3 一个网络教程——作为命令行脚本启动\n",
"> 这是一个使用命令行分析的详细的教程,能够脚本获取自己所需要的内容。 https://blog.csdn.net/qq_40644809/article/details/106814146?utm_medium=distribute.pc_aggpage_search_result.none-task-blog-2~aggregatepage~first_rank_ecpm_v1~rank_v31_ecpm-20-106814146.pc_agg_new_rank&utm_term=androguard+python&spm=1000.2123.3001.4430\n",
"> \n",
"> 这是详解a.d.dx.misc.axml.asrc等一系列对象的内置方法的文件。 https://www.jianshu.com/p/079e40800ef4"
]
},
@@ -188,8 +190,17 @@
}
],
"metadata": {
"interpreter": {
"hash": "6166d1592bf002ea476aa46ec8b9d5902134a5387368bb80238f621c412f8518"
},
"kernelspec": {
"display_name": "Python 3.8.10 64-bit ('pytorch': virtualenv)",
"language": "python",
"name": "python3"
},
"language_info": {
"name": "python"
"name": "python",
"version": "3.8.10"
},
"orig_nbformat": 4
},

BIN
Python/androguard/2021-12-15-14-53-19.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 75 KiB

BIN
Python/androguard/2021-12-15-14-58-53.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 21 KiB

453
Python/androguard/3 androguard 入门.ipynb Normal file
View File

@@ -0,0 +1,453 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"\n",
"## 1 常用的命令行工具\n",
"* androguard:所有工具的集合\n",
" * androguard analyze交互式命令行Ipython工具\n",
" * androguard cz:create a call graph调用图工具\n",
" * androguard gui:图形界面工具\n",
" * androguard sign:证书管理工具\n",
" * androguard axml:manifest解析工具\n",
" * androguard arsc:resource解析工具\n",
" * androguard decompile:反编译工具并创建cfg\n",
" * androguard dissassemple:dex反编译工具\n",
"\n",
"它本身是一个ipython分析工具既可以作为命令行工具执行也可以嵌入到Python脚本中用于分析Python文件。以上命令都会开启一个ipython交互式命令行。"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 2 androguard安装教程\n",
"> 官方使用教程\n",
"\n",
"### 使用python工具安装\n",
"```\n",
"pip install androguard\n",
"```\n",
"* androguard作为python工具可以被系统的命令行调用。而且有大量相关的子命令不需要运行整个分析程序可以进行部分分析既可以作为androguard的子命令也可以作为单独的脚本执行。可以模仿这些脚本进行android程序的局部分析工作。\n",
"* androguard作为python模块可以在python代码中通过import引入\n",
"\n",
"### 使用apt包管理工具安装\n",
"```\n",
"sudo apt-get install androguard\n",
"```\n",
"* androguard作为系统工具能够直接执行androguard的子命令。"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 3 androguard入门\n",
"\n",
"### 以下使用命令行工具尝试了一些基础的功能\n",
"\n",
"```\n",
"ykl@ykl-OptiPlex-3070:~/gitee/notes/Python/androguard/apk$ androguard analyze 5.apk\n",
"Please be patient, this might take a while.\n",
"Found the provided file is of type 'APK'\n",
"[INFO ] androguard.analysis: End of creating cross references (XREF)\n",
"[INFO ] androguard.analysis: run time: 0min 00s\n",
"Added file to session: SHA256::00d878739873b7ef94786acbd3fa334f3c038e1b0370e2428cb476d836fb9b2c\n",
"Loaded APK file...\n",
">>> a\n",
"<androguard.core.bytecodes.apk.APK object at 0x7f06657ce3d0>\n",
">>> d\n",
"[<androguard.core.bytecodes.dvm.DalvikVMFormat object at 0x7f0664251670>]\n",
">>> dx\n",
"<analysis.Analysis VMs: 1, Classes: 596, Strings: 1462>\n",
"\n",
"Androguard version 3.3.5 started\n",
"In [1]: a.get_permissions\n",
"Out[1]: <bound method APK.get_permissions of <androguard.core.bytecodes.apk.APK object at 0x7f06657ce3d0>>\n",
"\n",
"In [2]: a.get_permissions()\n",
"Out[2]: \n",
"['android.permission.ACCESS_COARSE_LOCATION',\n",
" 'android.permission.INTERNET',\n",
" 'android.permission.ACCESS_LOCATION_EXTRA_COMMANDS',\n",
" 'android.permission.READ_PHONE_STATE',\n",
" 'android.permission.ACCESS_WIFI_STATE',\n",
" 'android.permission.ACCESS_NETWORK_STATE',\n",
" 'android.permission.ACCESS_FINE_LOCATION',\n",
" 'android.permission.WRITE_EXTERNAL_STORAGE',\n",
" 'android.permission.READ_EXTERNAL_STORAGE']\n",
"\n",
"In [3]: a.get_activities()\n",
"Out[3]: \n",
"['com.gp.lights..ALuces',\n",
" 'com.gp.lights..AJuego',\n",
" 'com.gp.lights..AHelp',\n",
" 'com.gp.lights..AScores',\n",
" 'cn.domob.android.ads.DomobActivity',\n",
" 'com.adwo.adsdk.AdwoAdBrowserActivity']\n",
"\n",
"In [4]: a.get_package()\n",
"Out[4]: 'com.gp.lights'\n",
"\n",
"In [5]: a.get_app_name()\n",
"Out[5]: 'On/Off'\n",
"\n",
"In [6]: a.get_app_icon()\n",
"Out[6]: 'res/drawable-hdpi/animacion_encendida.png'\n",
"\n",
"In [8]: a.get_androidversion_code()\n",
"Out[8]: '7'\n",
"\n",
"In [9]: a.get_androidversion_name()\n",
"Out[9]: '1.4.2'\n",
"\n",
"In [10]: a.get_min_sdk_version()\n",
"\n",
"In [11]: a.get_max_sdk_version()\n",
"\n",
"In [12]: a.get_target_sdk_version()\n",
"\n",
"In [13]: a.get_effective_target_sdk_version()\n",
"Out[13]: 1\n",
"\n",
"In [14]: a.get_android_manifest_axml().get_xml()\n",
"Out[14]: b'<manifest xmlns:android=\"http://schemas.android.com/apk/res/android\" android:versionCode=\"7\" android:versionName=\"1.4.2\" package=\"com.gp.lights\">\\n <application android:label=\"@7F060000\" android:icon=\"@7F020001\" android:description=\"@7F060003\">\\n <activity android:label=\"@7F060000\" android:name=\".ALuces\" android:screenOrientation=\"1\">\\n <intent-filter>\\n <action android:name=\"android.intent.action.MAIN\"/>\\n <category android:name=\"android.intent.category.LAUNCHER\"/>\\n </intent-filter>\\n </activity>\\n <activity android:name=\".AJuego\" android:screenOrientation=\"1\"/>\\n <activity android:label=\"@7F060001\" android:name=\".AHelp\" android:screenOrientation=\"1\"/>\\n <activity android:label=\"@7F060002\" android:name=\".AScores\" android:screenOrientation=\"1\"/>\\n <activity android:theme=\"@android:0103000F\" android:name=\"cn.domob.android.ads.DomobActivity\"/>\\n <activity android:label=\"@7F060000\" android:name=\"com.adwo.adsdk.AdwoAdBrowserActivity\"/>\\n <meta-data android:name=\"ADMOGO_KEY\" android:value=\"d54f3319297749ad85347544ba51ea51\"/>\\n </application>\\n <uses-permission android:name=\"android.permission.INTERNET\"/>\\n <uses-permission android:name=\"android.permission.READ_EXTERNAL_STORAGE\"/>\\n <uses-permission android:name=\"android.permission.READ_PHONE_STATE\"/>\\n <uses-permission android:name=\"android.permission.ACCESS_COARSE_LOCATION\"/>\\n <uses-permission android:name=\"android.permission.ACCESS_FINE_LOCATION\"/>\\n <uses-permission android:name=\"android.permission.ACCESS_NETWORK_STATE\"/>\\n <uses-permission android:name=\"android.permission.ACCESS_LOCATION_EXTRA_COMMANDS\"/>\\n <uses-permission android:name=\"android.permission.WRITE_EXTERNAL_STORAGE\"/>\\n <uses-permission android:name=\"android.permission.ACCESS_WIFI_STATE\"/>\\n <uses-sdk>\\n <minSdkVersion>2.1</minSdkVersion>\\n </uses-sdk>\\n <supports-screens android:anyDensity=\"true\" android:smallScreens=\"true\" android:normalScreens=\"true\" android:largeScreens=\"true\"/>\\n</manifest>\\n'\n",
"\n",
"In [15]: dx.get_classes()\n",
"Out[15]: dict_values([<analysis.ClassAnalysis LI/I;>, <analysis.ClassAnalysis Landroid/luces/builder/Tablero;>, <analysis.ClassAnalysis Landroid/luces/utils/DeviceValues;>, <analysis.ClassAnalysis Landroid/luces/utils/GlobalValues;>, <analysis.ClassAnalysis Landroid/luces/utils/Highscore;>, <analysis.ClassAnalysis Landroid/luces/utils/Navigation;>, <analysis.ClassAnalysis Lcn/domob/android/a/a$a;>, <analysis.ClassAnalysis Lcn/domob/android/a/a$b;>, <analysis.ClassAnalysis Lcn/domob/android/a/a;>, <analysis.ClassAnalysis Lcn/domob/android/a/b;>, <analysis.ClassAnalysis Lcn/domob/android/a/c;>, <analysis.ClassAnalysis Lcn/domob/android/a/d$a;>, <analysis.ClassAnalysis Lcn/domob/android/a/d;>, <analysis.ClassAnalysis Lcn/domob/android/a/e;>, <analysis.ClassAnalysis Lcn/domob/android/a/f;>, ...])\n",
"\n",
"In [16]: list(dx.get_classes())[30]\n",
"Out[16]: <analysis.ClassAnalysis Lcn/domob/android/ads/a/b;>\n",
"\n",
"In [17]: list(dx.get_classes())[50]\n",
"Out[17]: <analysis.ClassAnalysis Lcn/domob/android/ads/g$6$1;>\n",
"\n",
"In [18]: list(dx.get_classes())[80]\n",
"Out[18]: <analysis.ClassAnalysis Lcn/domob/android/ads/o$6;>\n",
"\n",
"In [19]: list(dx.get_classes())[100]\n",
"Out[19]: <analysis.ClassAnalysis Lcom/admogo/AdMogoLayout$RotateAdRunnable;>\n",
"\n",
"In [20]: list(dx.get_classes())[200]\n",
"Out[20]: <analysis.ClassAnalysis Lcom/adwo/adsdk/x;>\n",
"\n",
"In [21]: list(dx.get_classes())[400]\n",
"Out[21]: <analysis.ClassAnalysis Landroid/graphics/Matrix; EXTERNAL>\n",
"\n",
"In [22]: list(dx.get_classes())[400].get_vm_class()\n",
"Out[22]: <analysis.ExternalClass Landroid/graphics/Matrix;>\n",
"\n",
"```"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### 以下使用misc但没有开启会话尝试了一些基础的功能"
]
},
{
"cell_type": "code",
"execution_count": 10,
"metadata": {},
"outputs": [],
"source": [
"from androguard import misc\n",
"a,d,dx = misc.AnalyzeAPK('apk/5.apk')"
]
},
{
"cell_type": "code",
"execution_count": 11,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"['android.permission.READ_PHONE_STATE', 'android.permission.ACCESS_FINE_LOCATION', 'android.permission.WRITE_EXTERNAL_STORAGE', 'android.permission.ACCESS_NETWORK_STATE', 'android.permission.ACCESS_WIFI_STATE', 'android.permission.READ_EXTERNAL_STORAGE', 'android.permission.ACCESS_COARSE_LOCATION', 'android.permission.INTERNET', 'android.permission.ACCESS_LOCATION_EXTRA_COMMANDS']\n",
"<analysis.ExternalClass Landroid/graphics/Matrix;>\n"
]
}
],
"source": [
"print(a.get_permissions())\n",
"axml = a.get_android_manifest_xml()\n",
"print(list(dx.get_classes())[400].get_vm_class())\n"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 4 API参考文档\n",
"\n",
"* a一个APK对象.\n",
"\n",
"* d一个DalvikVMFormat对象数组\n",
"\n",
"* dx一个Analysis对象\n",
"### 对象a的方法和属性\n",
"```\n",
"dir(a)\n",
" 'androidversion',\n",
" 'arsc',\n",
" 'axml',\n",
" 'declared_permissions',\n",
" 'filename',\n",
" 'files',\n",
" 'files_crc32',\n",
" 'find_tags',\n",
" 'find_tags_from_xml',\n",
" 'get_activities',\n",
" 'get_all_attribute_value',\n",
" 'get_all_dex',\n",
" 'get_android_manifest_axml',\n",
" 'get_android_manifest_xml',\n",
" 'get_android_resources',\n",
" 'get_androidversion_code',\n",
" 'get_androidversion_name',\n",
" 'get_app_icon',\n",
" 'get_app_name',\n",
" 'get_attribute_value',\n",
" 'get_certificate',\n",
" 'get_certificate_der',\n",
" 'get_certificates',\n",
" 'get_certificates_der_v2',\n",
" 'get_certificates_der_v3',\n",
" 'get_certificates_v1',\n",
" 'get_certificates_v2',\n",
" 'get_certificates_v3',\n",
" 'get_declared_permissions',\n",
" 'get_declared_permissions_details',\n",
" 'get_details_permissions',\n",
" 'get_dex',\n",
" 'get_dex_names',\n",
" 'get_effective_target_sdk_version',\n",
" 'get_element',\n",
" 'get_elements',\n",
" 'get_features',\n",
" 'get_file',\n",
" 'get_filename',\n",
" 'get_files',\n",
" 'get_files_crc32',\n",
" 'get_files_information',\n",
" 'get_files_types',\n",
" 'get_intent_filters',\n",
" 'get_libraries',\n",
" 'get_main_activities',\n",
" 'get_main_activity',\n",
" 'get_max_sdk_version',\n",
" 'get_min_sdk_version',\n",
" 'get_package',\n",
" 'get_permissions',\n",
" 'get_providers',\n",
" 'get_public_keys_der_v2',\n",
" 'get_public_keys_der_v3',\n",
" 'get_public_keys_v2',\n",
" 'get_public_keys_v3',\n",
" 'get_raw',\n",
" 'get_receivers',\n",
" 'get_requested_aosp_permissions',\n",
" 'get_requested_aosp_permissions_details',\n",
" 'get_requested_permissions',\n",
" 'get_requested_third_party_permissions',\n",
" 'get_services',\n",
" 'get_signature',\n",
" 'get_signature_name',\n",
" 'get_signature_names',\n",
" 'get_signatures',\n",
" 'get_target_sdk_version',\n",
" 'get_uses_implied_permission_list',\n",
" 'get_value_from_tag',\n",
" 'is_androidtv',\n",
" 'is_leanback',\n",
" 'is_multidex',\n",
" 'is_signed',\n",
" 'is_signed_v1',\n",
" 'is_signed_v2',\n",
" 'is_signed_v3',\n",
" 'is_tag_matched',\n",
" 'is_valid_APK',\n",
" 'is_wearable',\n",
" 'new_zip',\n",
" 'package',\n",
" 'parse_signatures_or_digests',\n",
" 'parse_v2_signing_block',\n",
" 'parse_v2_v3_signature',\n",
" 'parse_v3_signing_block',\n",
" 'permission_module',\n",
" 'permissions',\n",
" 'read_uint32_le',\n",
" 'show',\n",
" 'uses_permissions',\n",
" 'valid_apk',\n",
" 'xml',\n",
" 'zip']\n",
"\n",
"```"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### 对象d的方法和属性\n",
"d本身是一个列表这里显示的是其中的对象的方法\n",
"\n",
"```\n",
"dir(d[0])\n",
" 'add_idx',\n",
" 'api_version',\n",
" 'classes',\n",
" 'classes_names',\n",
" 'codes',\n",
" 'colorize_operands',\n",
" 'config',\n",
" 'create_python_export',\n",
" 'debug',\n",
" 'disassemble',\n",
" 'end',\n",
" 'fields',\n",
" 'fix_checksums',\n",
" 'get_BRANCH_DVM_OPCODES',\n",
" 'get_all_fields',\n",
" 'get_api_version',\n",
" 'get_buff',\n",
" 'get_class',\n",
" 'get_class_manager',\n",
" 'get_classes',\n",
" 'get_classes_def_item',\n",
" 'get_classes_names',\n",
" 'get_cm_field',\n",
" 'get_cm_method',\n",
" 'get_cm_string',\n",
" 'get_cm_type',\n",
" 'get_codes_item',\n",
" 'get_debug_info_item',\n",
" 'get_determineException',\n",
" 'get_determineNext',\n",
" 'get_field',\n",
" 'get_field_descriptor',\n",
" 'get_fields',\n",
" 'get_fields_class',\n",
" 'get_fields_id_item',\n",
" 'get_format',\n",
" 'get_format_type',\n",
" 'get_header_item',\n",
" 'get_idx',\n",
" 'get_len_methods',\n",
" 'get_method',\n",
" 'get_method_by_idx',\n",
" 'get_method_descriptor',\n",
" 'get_methods',\n",
" 'get_methods_class',\n",
" 'get_methods_descriptor',\n",
" 'get_methods_id_item',\n",
" 'get_operand_html',\n",
" 'get_regex_strings',\n",
" 'get_string_data_item',\n",
" 'get_strings',\n",
" 'get_strings_unicode',\n",
" 'get_vmanalysis',\n",
" 'header',\n",
" 'length_buff',\n",
" 'list_classes_hierarchy',\n",
" 'map_list',\n",
" 'methods',\n",
" 'peek',\n",
" 'print_classes_hierarchy',\n",
" 'read',\n",
" 'readNullString',\n",
" 'read_at',\n",
" 'read_b',\n",
" 'readat',\n",
" 'save',\n",
" 'set_buff',\n",
" 'set_decompiler',\n",
" 'set_idx',\n",
" 'set_vmanalysis',\n",
" 'show',\n",
" 'size',\n",
" 'strings',\n",
" 'tell']\n",
"```"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### 对象dx的方法\n",
"\n",
"\n",
"```\n",
"dir(dx)\n",
" 'add',\n",
" 'classes',\n",
" 'create_ipython_exports',\n",
" 'create_xref',\n",
" 'find_classes',\n",
" 'find_fields',\n",
" 'find_methods',\n",
" 'find_strings',\n",
" 'get_call_graph',\n",
" 'get_class_analysis',\n",
" 'get_classes',\n",
" 'get_external_classes',\n",
" 'get_field_analysis',\n",
" 'get_fields',\n",
" 'get_internal_classes',\n",
" 'get_method',\n",
" 'get_method_analysis',\n",
" 'get_method_analysis_by_name',\n",
" 'get_method_by_name',\n",
" 'get_methods',\n",
" 'get_strings',\n",
" 'get_strings_analysis',\n",
" 'is_class_present',\n",
" 'methods',\n",
" 'strings',\n",
" 'vms'\n",
"```"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 5 一些启发\n",
"1. 在.virtualenv/pytorch/bin中有androguard命令执行androguard分析的时候会使用这个命令。\n",
"2. 在.virtualenv/pytorch/bin中有androaxml,androarsc,androsign,androcg等python脚本可以模仿这些脚本在python代码中使用androguard进行据不分析而不需要进行完整的分析得到a,d,dx三个对象这样会浪费大量的时间。"
]
}
],
"metadata": {
"interpreter": {
"hash": "5ef0042cb263260037aa2928643ae94e240dd3afaec7872ebebe4f07619ddd0c"
},
"kernelspec": {
"display_name": "Python 3.8.8 64-bit ('ml': conda)",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.10"
},
"orig_nbformat": 4
},
"nbformat": 4,
"nbformat_minor": 2
}

213
Python/androguard/4 androguard 进阶.ipynb Normal file
View File

@@ -0,0 +1,213 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 1 xref交叉引用\n",
"\n",
"是androguard分析的主要内容。能够提供谁调用了这个方法这个方法调用了谁。xref_from xref_to \n",
"\n",
"\n",
"dx提供了三种对象的分析工作。包括类、方法和字符串。其中类和方法有被引用和引用关系字符串只有被引用关系。\n",
"\n",
"analysis.Analysis类下边有三个子类\n",
"analysis.ClassAnalysis, analysis.MethodAnalysis, analysis.StringAnalysis三个分析类。dx可以得到各个分析类的列表。针对每一个分析类都有一系列的方法可以使用。\n",
"另外还有一些补充的分析FiledAnalysis等。\n",
"\n",
"### 获取方法的外部参照\n",
"```py\n",
"In [10]: for meth in dx.classes['Ltests/androguard/TestActivity;'].get_methods():\n",
" ...: print(\"inside method {}\".format(meth.name))\n",
" ...: for _, call, _ in meth.get_xref_to():\n",
" ...: print(\" calling -> {} -- {}\".format(call.class_name, call.name))\n",
" ...:\n",
"inside method testCall1\n",
" calling -> Ljava/lang/StringBuilder; -- toString\n",
" calling -> Ljava/lang/StringBuilder; -- append\n",
" calling -> Ljava/lang/StringBuilder; -- <init>\n",
" calling -> Ljava/io/PrintStream; -- println\n",
"inside method testCalls\n",
" calling -> Ljava/lang/Object; -- getClass\n",
" calling -> Ljava/io/PrintStream; -- println\n",
" calling -> Ltests/androguard/TestIfs; -- testIF\n",
" calling -> Ltests/androguard/TestActivity; -- testCall2\n",
"[...]\n",
"```\n",
"\n",
"### 获取字符串的外部参照\n",
"\n",
"```py\n",
"In [14]: for _, meth in dx.strings['boom'].get_xref_from():\n",
" ...: print(\"Used in: {} -- {}\".format(meth.class_name, meth.name))\n",
" ...:\n",
"Used in: Ltests/androguard/TestActivity; -- test_base\n",
"```\n",
"\n",
"### 获取字段的外部参照\n",
"\n",
"```py\n",
"In [25]: for field in dx.find_fields(classname='Ltests/androguard/TestActivity;', fieldname='^value$'):\n",
" ...: print(\"Field: {}\".format(field.name))\n",
" ...: for _, meth in field.get_xref_read():\n",
" ...: print(\" read in {} -- {}\".format(meth.class_name, meth.name))\n",
" ...: for _, meth in field.get_xref_write():\n",
" ...: print(\" write in {} -- {}\".format(meth.class_name, meth.name))\n",
" ...:\n",
"Field: value\n",
" read in Ltests/androguard/TestActivity; -- pouet\n",
" read in Ltests/androguard/TestActivity; -- test1\n",
" read in Ltests/androguard/TestActivity; -- test_base\n",
" read in Ltests/androguard/TestActivity; -- testVars\n",
" write in Ltests/androguard/TestActivity; -- <init>\n",
" write in Ltests/androguard/TestActivity; -- pouet2\n",
" write in Ltests/androguard/TestActivity; -- <init>\n",
" write in Ltests/androguard/TestActivity; -- <init>\n",
"```"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 2 生成控制流图\n",
"反编译android源代码并生成控制流图。\n",
"默认会生成所有内部类的控制流图。还会输出反编译的Android代码。\n",
"\n",
"```sh\n",
"$ androguard decompile -d output_folder -f jpg --limit \"LTestDefaultPackage.*\" examples/android/TestsAndroguard/bin/TestActivity.apk\n",
"[INFO ] androguard.analysis: End of creating cross references (XREF)\n",
"[INFO ] androguard.analysis: run time: 0min 00s\n",
"Dump information examples/android/TestsAndroguard/bin/TestActivity.apk in output_folder\n",
"Create directory output_folder\n",
"Decompilation ... End\n",
"Dump LTestDefaultPackage$TestInnerClass$TestInnerInnerClass; <init> (LTestDefaultPackage$TestInnerClass; I I)V ... jpg ... source codes ... bytecodes ...\n",
"Dump LTestDefaultPackage$TestInnerClass$TestInnerInnerClass; <init> (LTestDefaultPackage$TestInnerClass; I I LTestDefaultPackage$TestInnerClass$TestInnerInnerClass;)V ... jpg ... bytecodes ...\n",
"Dump LTestDefaultPackage$TestInnerClass$TestInnerInnerClass; Test (I)V ... jpg ... bytecodes ...\n",
"Dump LTestDefaultPackage$TestInnerClass; <init> (LTestDefaultPackage; I I)V ... jpg ... source codes ... bytecodes ...\n",
"Dump LTestDefaultPackage$TestInnerClass; <init> (LTestDefaultPackage; I I LTestDefaultPackage$TestInnerClass;)V ... jpg ... bytecodes ...\n",
"Dump LTestDefaultPackage$TestInnerClass; access$1 (LTestDefaultPackage$TestInnerClass;)I ... jpg ... bytecodes ...\n",
"Dump LTestDefaultPackage$TestInnerClass; Test (I)V ... jpg ... bytecodes ...\n",
"Dump LTestDefaultPackage; <init> ()V ... jpg ... source codes ... bytecodes ...\n",
"Dump LTestDefaultPackage; main ([Ljava/lang/String;)V ... jpg ... bytecodes ...\n",
"```\n",
"\n",
"\n",
"### 控制流图的实例\n",
"\n",
"![](image/control_flow.jpg)\n"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 3 指令和字节码\n",
"\n",
"### 获取原始字节码\n",
"\n",
"这里是获取一个方法对应的原始字节码\n",
"\n",
"```py\n",
"for method in dx.get_methods():\n",
" if method.is_external():\n",
" continue\n",
" # Need to get the EncodedMethod from the MethodClassAnalysis object\n",
" m = method.get_method()\n",
" if m.get_code():\n",
" # get_code() returns None or a DalvikCode object\n",
" # get_bc() returns a DCode object\n",
" # get_raw() returns bytearray\n",
" print(m.get_code().get_bc().get_raw())\n",
"```\n",
"\n",
"\n",
"### 获取反编译后的源代码\n",
"\n",
"\n",
"```\n",
"m.get_source()\n",
"for method in dx.get_methods():\n",
" if method.is_external():\n",
" continue\n",
" m = method.get_method()\n",
" print(m.source())\n",
"```\n",
"\n",
"\n"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 4 调用图call_graph\n",
"\n",
"使用命令行生成调用图。\n",
"\n",
"使用gephi读取图像\n",
"\n",
"但问题是这个图像生成工具貌似存在bug和问题。无法很好的显示结果。\n",
"\n",
"```sh\n",
"Usage: androguard cg [OPTIONS] APK\n",
"\n",
" Create a call graph and export it into a graph format.\n",
"\n",
" The default is to create a file called callgraph.gml in the current\n",
" directory!\n",
"\n",
" classnames are found in the type \"Lfoo/bar/bla;\".\n",
"\n",
" Example:\n",
"\n",
" $ androguard cg examples/tests/hello-world.apk\n",
"\n",
"Options:\n",
" -o, --output TEXT Filename of the output file, the extension is\n",
" used to decide which format to use [default:\n",
" callgraph.gml]\n",
" -s, --show instead of saving the graph, print it with\n",
" mathplotlib (you might not see anything!)\n",
" -v, --verbose Print more output\n",
" --classname TEXT Regex to filter by classname [default: .*]\n",
" --methodname TEXT Regex to filter by methodname [default: .*]\n",
" --descriptor TEXT Regex to filter by descriptor [default: .*]\n",
" --accessflag TEXT Regex to filter by accessflags [default: .*]\n",
" --no-isolated / --isolated Do not store methods which has no xrefs\n",
" --help Show this message and exit.\n",
"```"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": []
}
],
"metadata": {
"interpreter": {
"hash": "6166d1592bf002ea476aa46ec8b9d5902134a5387368bb80238f621c412f8518"
},
"kernelspec": {
"display_name": "Python 3.8.10 64-bit ('pytorch': virtualenv)",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.10"
},
"orig_nbformat": 4
},
"nbformat": 4,
"nbformat_minor": 2
}

340
Python/androguard/5 androguard 高级.ipynb Normal file
View File

@@ -0,0 +1,340 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 1 使用会话\n",
"\n",
"### 会话的目的\n",
"1. 同一时间加载大量的apk用于后续分析工作\n",
"2. 将当前分析出来的内容保存到磁盘上进行持久化,后续加载进行分析。\n",
"\n",
"### 使用教程"
]
},
{
"cell_type": "code",
"execution_count": 1,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"APKs in Session: 1\n",
"\t00c8de6b31090c32b65f8c30d7227488d2bce5353b31bedf5461419ff463072d: [<androguard.core.bytecodes.apk.APK object at 0x7f54d41fc6d0>]\n",
"DEXs in Session: 1\n",
"\t91e949e16b99523c80a8a345907b9525cb7dc8fab5bd2e048558ff582363c8df: <androguard.core.bytecodes.dvm.DalvikVMFormat object at 0x7f54b57d49a0>\n",
"Analysis in Session: 2\n",
"\t00c8de6b31090c32b65f8c30d7227488d2bce5353b31bedf5461419ff463072d: <analysis.Analysis VMs: 1, Classes: 97, Strings: 112>\n",
"\t91e949e16b99523c80a8a345907b9525cb7dc8fab5bd2e048558ff582363c8df: <analysis.Analysis VMs: 1, Classes: 97, Strings: 112>\n"
]
}
],
"source": [
"from androguard import misc\n",
"from androguard import session\n",
"\n",
"# get a default session\n",
"sess = misc.get_default_session()\n",
"\n",
"# Use the session\n",
"a, d, dx = misc.AnalyzeAPK(\"apk/2.apk\", session=sess)\n",
"\n",
"# Show the current Session information\n",
"sess.show()\n",
"\n",
"# Do stuff...\n",
"\n",
"# Save the session to disk\n",
"session.Save(sess, \"androguard_session.ag\")\n",
"\n",
"# Load it again\n",
"sess = session.Load(\"androguard_session.ag\")"
]
},
{
"cell_type": "code",
"execution_count": 4,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"APKs in Session: 1\n",
"\t00ceaa5f8f9be7a9ce5ffe96b5b6fb2e7e73ad87c2f023db9fa399c40ac59b62: [<androguard.core.bytecodes.apk.APK object at 0x7f54d41c90d0>]\n",
"DEXs in Session: 1\n",
"\t778391a68ef9f48c228e90afd530dfb456e1ded416bbae05047f6700715eebe4: <androguard.core.bytecodes.dvm.DalvikVMFormat object at 0x7f54d41fccd0>\n",
"Analysis in Session: 2\n",
"\t00ceaa5f8f9be7a9ce5ffe96b5b6fb2e7e73ad87c2f023db9fa399c40ac59b62: <analysis.Analysis VMs: 1, Classes: 1151, Strings: 1994>\n",
"\t778391a68ef9f48c228e90afd530dfb456e1ded416bbae05047f6700715eebe4: <analysis.Analysis VMs: 1, Classes: 1151, Strings: 1994>\n",
"androguard_session_2021-12-15_152620.ag\n"
]
}
],
"source": [
"from androguard.session import Session\n",
"\n",
"s = Session()\n",
"sha256 = s.add(\"apk/3.apk\")\n",
"\n",
"a, d, dx = s.get_objects_apk(digest=sha256)\n",
"\n",
"s.show()\n",
"\n",
"# When no filename is given, the Session will be saved at the current directory\n",
"saved_file = s.save()\n",
"# ... and return the filename of the Session file\n",
"print(saved_file)"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"> 建议不要在自动化环境中使用会话,在这种环境中加载了成百上千的 APK。"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 2 使用JADX作为反编译器\n",
"\n",
"androidguard提供了不同的反编译器。\n",
"\n",
"## 3 Android签名的证书\n",
"\n",
"感觉这个似乎并不是很有用。记得在看过的文章中将此类android分类方法视为提取外部信息。\n"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 4 XML和resource文件的解析\n",
"resources.arsc. 底层格式是基于块的,能够存储多种不同的信息。\n",
"\n",
"最常见的 AXML 文件是AndroidManifest.xml. 该文件必须是每个 APK 的一部分,并包含有关包的元信息。\n",
"\n",
"Androguard 能够解码此类文件,并且存在两种不同的解码工具:\n",
"\n",
"* androguard arsc用于解码resources.arsc。\n",
"\n",
"* androguard axml用于解码AndroidManifest.xml和所有其他 XML 文件\n"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### manifest文件解析\n",
"```xml\n",
"ykl@ykl-OptiPlex-3070:~/gitee/notes/Python/androguard/apk$ androguard axml 4.apk\n",
"<manifest xmlns:android=\"http://schemas.android.com/apk/res/android\" android:versionCode=\"5\" android:versionName=\"1.1.5\" package=\"ru.atools.sytrant\">\n",
" <application android:label=\"@7F040000\" android:icon=\"@7F020001\">\n",
" <meta-data android:name=\"ADMOB_PUBLISHER_ID\" android:value=\"a14bb4ac80ceddc\"/>\n",
" <activity android:theme=\"@android:01030006\" android:label=\"@7F040000\" android:name=\".Sytrant\" android:configChanges=\"0x000000A0\">\n",
" <intent-filter>\n",
" <action android:name=\"android.intent.action.MAIN\"/>\n",
" <category android:name=\"android.intent.category.LAUNCHER\"/>\n",
" </intent-filter>\n",
" </activity>\n",
" <activity android:theme=\"@android:0103000B\" android:label=\"@7F040008\" android:name=\".About\"/>\n",
" <activity android:label=\"@7F04000B\" android:name=\".Settings\"/>\n",
" <service android:name=\".SyncService\"/>\n",
" <receiver android:name=\".BootUpReceiver\" android:permission=\"android.permission.RECEIVE_BOOT_COMPLETED\" android:enabled=\"true\">\n",
" <intent-filter>\n",
" <action android:name=\"android.intent.action.BOOT_COMPLETED\"/>\n",
" <category android:name=\"android.intent.category.DEFAULT\"/>\n",
" </intent-filter>\n",
" </receiver>\n",
" <service android:name=\".UpdateCheck\"/>\n",
" <meta-data android:name=\"MYAD_PID\" android:value=\"SSsytrant\"/>\n",
" </application>\n",
" <uses-permission android:name=\"android.permission.INTERNET\"/>\n",
" <uses-permission android:name=\"android.permission.ACCESS_NETWORK_STATE\"/>\n",
" <uses-permission android:name=\"android.permission.ACCESS_WIFI_STATE\"/>\n",
" <uses-permission android:name=\"android.permission.READ_PHONE_STATE\"/>\n",
" <uses-permission android:name=\"android.permission.ACCESS_COARSE_LOCATION\"/>\n",
" <uses-sdk android:minSdkVersion=\"3\"/>\n",
" <supports-screens android:anyDensity=\"true\" android:smallScreens=\"true\" android:normalScreens=\"true\" android:largeScreens=\"true\" android:resizeable=\"true\"/>\n",
" <uses-permission android:name=\"android.permission.ACCESS_FINE_LOCATION\"/>\n",
" <uses-permission android:name=\"android.permission.RECEIVE_BOOT_COMPLETED\"/>\n",
"</manifest>\n",
"\n",
"```"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### resource文件解析\n",
"```xml\n",
"ykl@ykl-OptiPlex-3070:~/gitee/notes/Python/androguard/apk$ androguard arsc 4.apk\n",
"<resources>\n",
"<public type=\"attr\" name=\"placement\" id=\"0x7f010000\"/>\n",
"<public type=\"attr\" name=\"mediaType\" id=\"0x7f010001\"/>\n",
"<public type=\"attr\" name=\"displayMode\" id=\"0x7f010002\"/>\n",
"<public type=\"attr\" name=\"adInterval\" id=\"0x7f010003\"/>\n",
"<public type=\"attr\" name=\"animation\" id=\"0x7f010004\"/>\n",
"<public type=\"attr\" name=\"siteId\" id=\"0x7f010005\"/>\n",
"<public type=\"attr\" name=\"publisherId\" id=\"0x7f010006\"/>\n",
"<public type=\"attr\" name=\"defaultAdImage\" id=\"0x7f010007\"/>\n",
"<public type=\"attr\" name=\"defaultAdClickThru\" id=\"0x7f010008\"/>\n",
"<public type=\"attr\" name=\"section\" id=\"0x7f010009\"/>\n",
"<public type=\"attr\" name=\"adEventListenerClass\" id=\"0x7f01000a\"/>\n",
"<public type=\"attr\" name=\"testMode\" id=\"0x7f01000b\"/>\n",
"<public type=\"attr\" name=\"renderAdOnCreate\" id=\"0x7f01000c\"/>\n",
"<public type=\"attr\" name=\"requestMode\" id=\"0x7f01000d\"/>\n",
"<public type=\"attr\" name=\"bgColor\" id=\"0x7f01000e\"/>\n",
"<public type=\"attr\" name=\"textColor\" id=\"0x7f01000f\"/>\n",
"<public type=\"attr\" name=\"backgroundColor\" id=\"0x7f010010\"/>\n",
"<public type=\"attr\" name=\"primaryTextColor\" id=\"0x7f010011\"/>\n",
"<public type=\"attr\" name=\"secondaryTextColor\" id=\"0x7f010012\"/>\n",
"<public type=\"attr\" name=\"keywords\" id=\"0x7f010013\"/>\n",
"<public type=\"attr\" name=\"refreshInterval\" id=\"0x7f010014\"/>\n",
"<public type=\"drawable\" name=\"icon\" id=\"0x7f020001\"/>\n",
"<public type=\"drawable\" name=\"bg\" id=\"0x7f020000\"/>\n",
"<public type=\"drawable\" name=\"icon\" id=\"0x7f020001\"/>\n",
"<public type=\"drawable\" name=\"icon\" id=\"0x7f020001\"/>\n",
"<public type=\"layout\" name=\"about\" id=\"0x7f030000\"/>\n",
"<public type=\"layout\" name=\"main\" id=\"0x7f030001\"/>\n",
"<public type=\"layout\" name=\"settings\" id=\"0x7f030002\"/>\n",
"<public type=\"layout\" name=\"main\" id=\"0x7f030001\"/>\n",
"<public type=\"string\" name=\"app_name\" id=\"0x7f040000\"/>\n",
"<public type=\"string\" name=\"server_address\" id=\"0x7f040001\"/>\n",
"<public type=\"string\" name=\"gmt_label\" id=\"0x7f040002\"/>\n",
"<public type=\"string\" name=\"gmt_offset\" id=\"0x7f040003\"/>\n",
"<public type=\"string\" name=\"minutes_label\" id=\"0x7f040004\"/>\n",
"<public type=\"string\" name=\"log_start_message\" id=\"0x7f040005\"/>\n",
"<public type=\"string\" name=\"start_button_label\" id=\"0x7f040006\"/>\n",
"<public type=\"string\" name=\"about_text\" id=\"0x7f040007\"/>\n",
"<public type=\"string\" name=\"about_title\" id=\"0x7f040008\"/>\n",
"<public type=\"string\" name=\"about_menu_label\" id=\"0x7f040009\"/>\n",
"<public type=\"string\" name=\"settings_menu_label\" id=\"0x7f04000a\"/>\n",
"<public type=\"string\" name=\"settings_title\" id=\"0x7f04000b\"/>\n",
"<public type=\"string\" name=\"exit_menu_label\" id=\"0x7f04000c\"/>\n",
"<public type=\"string\" name=\"server_settings_label\" id=\"0x7f04000d\"/>\n",
"<public type=\"string\" name=\"port_settings_label\" id=\"0x7f04000e\"/>\n",
"<public type=\"string\" name=\"update_interval_label\" id=\"0x7f04000f\"/>\n",
"<public type=\"string\" name=\"gmtoffset_minus_label\" id=\"0x7f040010\"/>\n",
"<public type=\"string\" name=\"save_settings_dialog_title\" id=\"0x7f040011\"/>\n",
"<public type=\"string\" name=\"save_settings_dialog_message\" id=\"0x7f040012\"/>\n",
"<public type=\"string\" name=\"yes_button_title\" id=\"0x7f040013\"/>\n",
"<public type=\"string\" name=\"no_button_title\" id=\"0x7f040014\"/>\n",
"<public type=\"string\" name=\"cancel_button_title\" id=\"0x7f040015\"/>\n",
"<public type=\"string\" name=\"autosync_enable_title\" id=\"0x7f040016\"/>\n",
"<public type=\"string\" name=\"autosync_autostart_title\" id=\"0x7f040017\"/>\n",
"<public type=\"string\" name=\"setdefaults_button_title\" id=\"0x7f040018\"/>\n",
"<public type=\"string\" name=\"log_error_start_sync_message\" id=\"0x7f040019\"/>\n",
"<public type=\"string\" name=\"log_start_sync_message\" id=\"0x7f04001a\"/>\n",
"<public type=\"string\" name=\"log_adjusting\" id=\"0x7f04001b\"/>\n",
"<public type=\"string\" name=\"log_analyzing\" id=\"0x7f04001c\"/>\n",
"<public type=\"string\" name=\"log_connecting\" id=\"0x7f04001d\"/>\n",
"<public type=\"string\" name=\"log_gettime_error\" id=\"0x7f04001e\"/>\n",
"<public type=\"string\" name=\"log_finished_sync\" id=\"0x7f04001f\"/>\n",
"<public type=\"string\" name=\"log_seconds\" id=\"0x7f040020\"/>\n",
"<public type=\"string\" name=\"log_minutes\" id=\"0x7f040021\"/>\n",
"<public type=\"string\" name=\"log_milliseconds\" id=\"0x7f040022\"/>\n",
"<public type=\"string\" name=\"log_network_latency\" id=\"0x7f040023\"/>\n",
"<public type=\"string\" name=\"log_settime_error\" id=\"0x7f040024\"/>\n",
"<public type=\"string\" name=\"log_time_change\" id=\"0x7f040025\"/>\n",
"<public type=\"string\" name=\"log_unknown_response\" id=\"0x7f040026\"/>\n",
"<public type=\"string\" name=\"log_finished_sync2\" id=\"0x7f040027\"/>\n",
"<public type=\"string\" name=\"autosync_enabled_toast\" id=\"0x7f040028\"/>\n",
"<public type=\"string\" name=\"autosync_disabled_toast\" id=\"0x7f040029\"/>\n",
"<public type=\"string\" name=\"gmtoffset_daylightsaving_label\" id=\"0x7f04002a\"/>\n",
"<public type=\"menu\" name=\"menu\" id=\"0x7f050000\"/>\n",
"<public type=\"id\" name=\"log_scrollview1\" id=\"0x7f060000\"/>\n",
"<public type=\"id\" name=\"TextView01\" id=\"0x7f060001\"/>\n",
"<public type=\"id\" name=\"server_textview\" id=\"0x7f060002\"/>\n",
"<public type=\"id\" name=\"gmt_textview\" id=\"0x7f060003\"/>\n",
"<public type=\"id\" name=\"log_scrollview\" id=\"0x7f060004\"/>\n",
"<public type=\"id\" name=\"log_textview\" id=\"0x7f060005\"/>\n",
"<public type=\"id\" name=\"sync_button\" id=\"0x7f060006\"/>\n",
"<public type=\"id\" name=\"adMob\" id=\"0x7f060007\"/>\n",
"<public type=\"id\" name=\"QWAd\" id=\"0x7f060008\"/>\n",
"<public type=\"id\" name=\"ScrollView01\" id=\"0x7f060009\"/>\n",
"<public type=\"id\" name=\"server_edittext\" id=\"0x7f06000a\"/>\n",
"<public type=\"id\" name=\"TextView02\" id=\"0x7f06000b\"/>\n",
"<public type=\"id\" name=\"port_edittext\" id=\"0x7f06000c\"/>\n",
"<public type=\"id\" name=\"TextView03\" id=\"0x7f06000d\"/>\n",
"<public type=\"id\" name=\"gmt_daylight_checkbox\" id=\"0x7f06000e\"/>\n",
"<public type=\"id\" name=\"gmt_negative_checkbox\" id=\"0x7f06000f\"/>\n",
"<public type=\"id\" name=\"gmt_timepicker\" id=\"0x7f060010\"/>\n",
"<public type=\"id\" name=\"TextView04\" id=\"0x7f060011\"/>\n",
"<public type=\"id\" name=\"autosync_layout\" id=\"0x7f060012\"/>\n",
"<public type=\"id\" name=\"autosync_enable_checkbox\" id=\"0x7f060013\"/>\n",
"<public type=\"id\" name=\"autosync_autostart_checkbox\" id=\"0x7f060014\"/>\n",
"<public type=\"id\" name=\"autosync_timepicker\" id=\"0x7f060015\"/>\n",
"<public type=\"id\" name=\"setdefaults_button\" id=\"0x7f060016\"/>\n",
"<public type=\"id\" name=\"settings_menu_item\" id=\"0x7f060017\"/>\n",
"<public type=\"id\" name=\"about_menu_item\" id=\"0x7f060018\"/>\n",
"<public type=\"id\" name=\"exit_menu_item\" id=\"0x7f060019\"/>\n",
"</resources>\n",
"```"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 6 批量分析\n",
"\n",
"1. 自己手写多线程就好了。、\n",
"2. 使用androauto也可以\n",
"\n"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 7 调试损坏的APK"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## 8 androguard GUI\n",
"\n",
"一个图形界面系统,只能展示最简单的信息,但是有助于理解分析内容"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": []
}
],
"metadata": {
"interpreter": {
"hash": "6166d1592bf002ea476aa46ec8b9d5902134a5387368bb80238f621c412f8518"
},
"kernelspec": {
"display_name": "Python 3.8.10 64-bit ('pytorch': virtualenv)",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.10"
},
"orig_nbformat": 4
},
"nbformat": 4,
"nbformat_minor": 2
}

23
Python/androguard/6 androguard api测试.ipynb Normal file
View File

@@ -0,0 +1,23 @@
{
"cells": [
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"from androguard.core.analysis import analysis\n",
"\n",
"\n"
]
}
],
"metadata": {
"language_info": {
"name": "python"
},
"orig_nbformat": 4
},
"nbformat": 4,
"nbformat_minor": 2
}

13
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/F0VFW95a.java Normal file
View File

@@ -0,0 +1,13 @@
package QueiD9ej.ezahS1gi;
public final class F0VFW95a {
public F0VFW95a()
{
return;
}
public static String A8xb()
{
return String.valueOf(new java.util.Random().nextInt(2147483647));
}
}

17
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/F0VFW95a/F0VFW95a A8xb ()String.ag Normal file
View File

@@ -0,0 +1,17 @@
# LQueiD9ej/ezahS1gi/F0VFW95a;->A8xb()Ljava/lang/String; [access_flags=public static]
#
# Parameters:
# local registers: v0...v1
#
# - return:java.lang.String
A8xb-BB@0x0 :
0 (00000000) new-instance v0, Ljava/util/Random;
1 (00000004) invoke-direct v0, Ljava/util/Random;-><init>()V
2 (0000000a) const v1, 2147483647 # [nan]
3 (00000010) invoke-virtual v0, v1, Ljava/util/Random;->nextInt(I)I
4 (00000016) move-result v0
5 (00000018) invoke-static v0, Ljava/lang/String;->valueOf(I)Ljava/lang/String;
6 (0000001e) move-result-object v0
7 (00000020) return-object v0

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/F0VFW95a/F0VFW95a A8xb ()String.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 57 KiB

11
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/F0VFW95a/F0VFW95a _init_ ()V.ag Normal file
View File

@@ -0,0 +1,11 @@
# LQueiD9ej/ezahS1gi/F0VFW95a;-><init>()V [access_flags=public constructor]
#
# Parameters:
# local registers: v0...v0
#
# - return:void
<init>-BB@0x0 :
0 (00000000) invoke-direct v0, Ljava/lang/Object;-><init>()V
1 (00000006) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/F0VFW95a/F0VFW95a _init_ ()V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 23 KiB

16
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/HOuC.java Normal file
View File

@@ -0,0 +1,16 @@
package QueiD9ej.ezahS1gi;
final class HOuC implements android.content.DialogInterface$OnClickListener {
private synthetic QueiD9ej.ezahS1gi.Paa A8xb;
HOuC(QueiD9ej.ezahS1gi.Paa p1)
{
this.A8xb = p1;
return;
}
public final void onClick(android.content.DialogInterface p2, int p3)
{
System.exit(0);
return;
}
}

13
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/HOuC/HOuC _init_ (Paa)V.ag Normal file
View File

@@ -0,0 +1,13 @@
# LQueiD9ej/ezahS1gi/HOuC;-><init>(LQueiD9ej/ezahS1gi/Paa;)V [access_flags=constructor]
#
# Parameters:
# - local registers: v0...v0
# - v1:QueiD9ej.ezahS1gi.Paa
#
# - return:void
<init>-BB@0x0 :
0 (00000000) iput-object v1, v0, LQueiD9ej/ezahS1gi/HOuC;->A8xb LQueiD9ej/ezahS1gi/Paa;
1 (00000004) invoke-direct v0, Ljava/lang/Object;-><init>()V
2 (0000000a) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/HOuC/HOuC _init_ (Paa)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 38 KiB

14
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/HOuC/HOuC onClick (DialogInterface I)V.ag Normal file
View File

@@ -0,0 +1,14 @@
# LQueiD9ej/ezahS1gi/HOuC;->onClick(Landroid/content/DialogInterface; I)V [access_flags=public final]
#
# Parameters:
# - local registers: v0...v1
# - v2:android.content.DialogInterface
# - v3:int
#
# - return:void
onClick-BB@0x0 :
0 (00000000) const/4 v0, 0
1 (00000002) invoke-static v0, Ljava/lang/System;->exit(I)V
2 (00000008) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/HOuC/HOuC onClick (DialogInterface I)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

46
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/Paa.java Normal file
View File

@@ -0,0 +1,46 @@
package QueiD9ej.ezahS1gi;
public class Paa extends android.app.Activity {
private android.app.ProgressDialog A8xb;
public Paa()
{
return;
}
public void onCreate(android.os.Bundle p3)
{
super.onCreate(p3);
this.setContentView(2130903040);
((android.widget.Button) this.findViewById(2131165187)).setOnClickListener(new QueiD9ej.ezahS1gi.nXlZmo5r(this));
return;
}
protected android.app.Dialog onCreateDialog(int p3)
{
android.app.ProgressDialog v0_1;
switch (p3) {
case 0:
this.A8xb = new android.app.ProgressDialog(this);
this.A8xb.setProgressStyle(1);
this.A8xb.setMessage(this.getString(2131099652));
v0_1 = this.A8xb;
break;
default:
v0_1 = 0;
}
return v0_1;
}
protected void onPrepareDialog(int p3, android.app.Dialog p4)
{
switch (p3) {
case 0:
this.A8xb.setProgress(0);
QueiD9ej.ezahS1gi.SOP4Uh0B v0_3 = new QueiD9ej.ezahS1gi.n6fVXvL(this, this.A8xb);
v0_3.A8xb = new QueiD9ej.ezahS1gi.SOP4Uh0B(v0_3, v0_3);
v0_3.A8xb.start();
break;
}
return;
}
}

11
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/Paa/Paa _init_ ()V.ag Normal file
View File

@@ -0,0 +1,11 @@
# LQueiD9ej/ezahS1gi/Paa;-><init>()V [access_flags=public constructor]
#
# Parameters:
# local registers: v0...v0
#
# - return:void
<init>-BB@0x0 :
0 (00000000) invoke-direct v0, Landroid/app/Activity;-><init>()V
1 (00000006) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/Paa/Paa _init_ ()V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 23 KiB

21
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/Paa/Paa onCreate (Bundle)V.ag Normal file
View File

@@ -0,0 +1,21 @@
# LQueiD9ej/ezahS1gi/Paa;->onCreate(Landroid/os/Bundle;)V [access_flags=public]
#
# Parameters:
# - local registers: v0...v2
# - v3:android.os.Bundle
#
# - return:void
onCreate-BB@0x0 :
0 (00000000) invoke-super v2, v3, Landroid/app/Activity;->onCreate(Landroid/os/Bundle;)V
1 (00000006) const/high16 v0, 32515 # [1.7412886744782398e+38]
2 (0000000a) invoke-virtual v2, v0, LQueiD9ej/ezahS1gi/Paa;->setContentView(I)V
3 (00000010) const v0, 2131165187 # [1.7944584027819245e+38]
4 (00000016) invoke-virtual v2, v0, LQueiD9ej/ezahS1gi/Paa;->findViewById(I)Landroid/view/View;
5 (0000001c) move-result-object v0
6 (0000001e) check-cast v0, Landroid/widget/Button;
7 (00000022) new-instance v1, LQueiD9ej/ezahS1gi/nXlZmo5r;
8 (00000026) invoke-direct v1, v2, LQueiD9ej/ezahS1gi/nXlZmo5r;-><init>(LQueiD9ej/ezahS1gi/Paa;)V
9 (0000002c) invoke-virtual v0, v1, Landroid/widget/Button;->setOnClickListener(Landroid/view/View$OnClickListener;)V
10 (00000032) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/Paa/Paa onCreate (Bundle)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 102 KiB

36
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/Paa/Paa onCreateDialog (I)Dialog.ag Normal file
View File

@@ -0,0 +1,36 @@
# LQueiD9ej/ezahS1gi/Paa;->onCreateDialog(I)Landroid/app/Dialog; [access_flags=protected]
#
# Parameters:
# - local registers: v0...v2
# - v3:int
#
# - return:android.app.Dialog
onCreateDialog-BB@0x0 : [ D:onCreateDialog-BB@0x6 0:onCreateDialog-BB@0xa ]
0 (00000000) packed-switch v3, +22 (0x44)
onCreateDialog-BB@0x6 : [ onCreateDialog-BB@0x8 ]
1 (00000006) const/4 v0, 0
onCreateDialog-BB@0x8 :
2 (00000008) return-object v0
onCreateDialog-BB@0xa : [ onCreateDialog-BB@0x8 ]
3 (0000000a) new-instance v0, Landroid/app/ProgressDialog;
4 (0000000e) invoke-direct v0, v2, Landroid/app/ProgressDialog;-><init>(Landroid/content/Context;)V
5 (00000014) iput-object v0, v2, LQueiD9ej/ezahS1gi/Paa;->A8xb Landroid/app/ProgressDialog;
6 (00000018) iget-object v0, v2, LQueiD9ej/ezahS1gi/Paa;->A8xb Landroid/app/ProgressDialog;
7 (0000001c) const/4 v1, 1
8 (0000001e) invoke-virtual v0, v1, Landroid/app/ProgressDialog;->setProgressStyle(I)V
9 (00000024) iget-object v0, v2, LQueiD9ej/ezahS1gi/Paa;->A8xb Landroid/app/ProgressDialog;
10 (00000028) const v1, 2131099652 # [1.7811663256481714e+38]
11 (0000002e) invoke-virtual v2, v1, LQueiD9ej/ezahS1gi/Paa;->getString(I)Ljava/lang/String;
12 (00000034) move-result-object v1
13 (00000036) invoke-virtual v0, v1, Landroid/app/ProgressDialog;->setMessage(Ljava/lang/CharSequence;)V
14 (0000003c) iget-object v0, v2, LQueiD9ej/ezahS1gi/Paa;->A8xb Landroid/app/ProgressDialog;
15 (00000040) goto -1c
onCreateDialog-BB@0x42 :
16 (00000042) nop
17 (00000044) packed-switch-payload 0

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/Paa/Paa onCreateDialog (I)Dialog.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 153 KiB

32
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/Paa/Paa onPrepareDialog (I Dialog)V.ag Normal file
View File

@@ -0,0 +1,32 @@
# LQueiD9ej/ezahS1gi/Paa;->onPrepareDialog(I Landroid/app/Dialog;)V [access_flags=protected]
#
# Parameters:
# - local registers: v0...v2
# - v3:int
# - v4:android.app.Dialog
#
# - return:void
onPrepareDialog-BB@0x0 : [ D:onPrepareDialog-BB@0x6 0:onPrepareDialog-BB@0x8 ]
0 (00000000) packed-switch v3, +1e (0x3c)
onPrepareDialog-BB@0x6 :
1 (00000006) return-void
onPrepareDialog-BB@0x8 : [ onPrepareDialog-BB@0x6 ]
2 (00000008) iget-object v0, v2, LQueiD9ej/ezahS1gi/Paa;->A8xb Landroid/app/ProgressDialog;
3 (0000000c) const/4 v1, 0
4 (0000000e) invoke-virtual v0, v1, Landroid/app/ProgressDialog;->setProgress(I)V
5 (00000014) new-instance v0, LQueiD9ej/ezahS1gi/n6fVXvL;
6 (00000018) iget-object v1, v2, LQueiD9ej/ezahS1gi/Paa;->A8xb Landroid/app/ProgressDialog;
7 (0000001c) invoke-direct v0, v2, v1, LQueiD9ej/ezahS1gi/n6fVXvL;-><init>(LQueiD9ej/ezahS1gi/Paa; Landroid/app/ProgressDialog;)V
8 (00000022) new-instance v1, LQueiD9ej/ezahS1gi/SOP4Uh0B;
9 (00000026) invoke-direct v1, v0, v0, LQueiD9ej/ezahS1gi/SOP4Uh0B;-><init>(LQueiD9ej/ezahS1gi/n6fVXvL; Landroid/os/Handler;)V
10 (0000002c) iput-object v1, v0, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb LQueiD9ej/ezahS1gi/SOP4Uh0B;
11 (00000030) iget-object v0, v0, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb LQueiD9ej/ezahS1gi/SOP4Uh0B;
12 (00000034) invoke-virtual v0, LQueiD9ej/ezahS1gi/SOP4Uh0B;->start()V
13 (0000003a) goto -1a
onPrepareDialog-BB@0x3c :
14 (0000003c) packed-switch-payload 0

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/Paa/Paa onPrepareDialog (I Dialog)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 163 KiB

31
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/SOP4Uh0B.java Normal file
View File

@@ -0,0 +1,31 @@
package QueiD9ej.ezahS1gi;
final class SOP4Uh0B extends java.lang.Thread {
int A8xb;
private synthetic QueiD9ej.ezahS1gi.n6fVXvL A8xb;
private android.os.Handler A8xb;
private int UgmlJgeQci;
SOP4Uh0B(QueiD9ej.ezahS1gi.n6fVXvL p1, android.os.Handler p2)
{
this.A8xb = p1;
this.A8xb = p2;
return;
}
public final void run()
{
this.A8xb = 1;
this.UgmlJgeQci = 0;
while (this.A8xb == 1) {
try {
Thread.sleep(100);
} catch (int v0) {
}
int v0_1 = this.A8xb.obtainMessage();
v0_1.arg1 = this.UgmlJgeQci;
this.A8xb.sendMessage(v0_1);
this.UgmlJgeQci = (this.UgmlJgeQci + 1);
}
return;
}
}

15
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/SOP4Uh0B/SOP4Uh0B _init_ (n6fVXvL Handler)V.ag Normal file
View File

@@ -0,0 +1,15 @@
# LQueiD9ej/ezahS1gi/SOP4Uh0B;-><init>(LQueiD9ej/ezahS1gi/n6fVXvL; Landroid/os/Handler;)V [access_flags=constructor]
#
# Parameters:
# - local registers: v0...v0
# - v1:QueiD9ej.ezahS1gi.n6fVXvL
# - v2:android.os.Handler
#
# - return:void
<init>-BB@0x0 :
0 (00000000) iput-object v1, v0, LQueiD9ej/ezahS1gi/SOP4Uh0B;->A8xb LQueiD9ej/ezahS1gi/n6fVXvL;
1 (00000004) invoke-direct v0, Ljava/lang/Thread;-><init>()V
2 (0000000a) iput-object v2, v0, LQueiD9ej/ezahS1gi/SOP4Uh0B;->A8xb Landroid/os/Handler;
3 (0000000e) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/SOP4Uh0B/SOP4Uh0B _init_ (n6fVXvL Handler)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 56 KiB

45
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/SOP4Uh0B/SOP4Uh0B run ()V.ag Normal file
View File

@@ -0,0 +1,45 @@
# LQueiD9ej/ezahS1gi/SOP4Uh0B;->run()V [access_flags=public final]
#
# Parameters:
# local registers: v0...v3
#
# - return:void
run-BB@0x0 : [ run-BB@0xc ]
0 (00000000) const/4 v2, 1
1 (00000002) iput v2, v3, LQueiD9ej/ezahS1gi/SOP4Uh0B;->A8xb I
2 (00000006) const/4 v0, 0
3 (00000008) iput v0, v3, LQueiD9ej/ezahS1gi/SOP4Uh0B;->UgmlJgeQci I
run-BB@0xc : [ run-BB@0x14 run-BB@0x4e ]
4 (0000000c) iget v0, v3, LQueiD9ej/ezahS1gi/SOP4Uh0B;->A8xb I
5 (00000010) if-ne v0, v2, +1f
run-BB@0x14 : [ run-BB@0x18 ]
6 (00000014) const-wide/16 v0, 100 # [100.0]
run-BB@0x18 : [ run-BB@0x1e ]
7 (00000018) invoke-static v0, v1, Ljava/lang/Thread;->sleep(J)V
18:1d
(Ljava/lang/InterruptedException; -> 4a run-BB@0x4a)
run-BB@0x1e : [ run-BB@0xc ]
8 (0000001e) iget-object v0, v3, LQueiD9ej/ezahS1gi/SOP4Uh0B;->A8xb Landroid/os/Handler;
9 (00000022) invoke-virtual v0, Landroid/os/Handler;->obtainMessage()Landroid/os/Message;
10 (00000028) move-result-object v0
11 (0000002a) iget v1, v3, LQueiD9ej/ezahS1gi/SOP4Uh0B;->UgmlJgeQci I
12 (0000002e) iput v1, v0, Landroid/os/Message;->arg1 I
13 (00000032) iget-object v1, v3, LQueiD9ej/ezahS1gi/SOP4Uh0B;->A8xb Landroid/os/Handler;
14 (00000036) invoke-virtual v1, v0, Landroid/os/Handler;->sendMessage(Landroid/os/Message;)Z
15 (0000003c) iget v0, v3, LQueiD9ej/ezahS1gi/SOP4Uh0B;->UgmlJgeQci I
16 (00000040) add-int/lit8 v0, v0, 1
17 (00000044) iput v0, v3, LQueiD9ej/ezahS1gi/SOP4Uh0B;->UgmlJgeQci I
18 (00000048) goto -1e
run-BB@0x4a : [ run-BB@0x1e ]
19 (0000004a) move-exception v0
20 (0000004c) goto -17
run-BB@0x4e :
21 (0000004e) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/SOP4Uh0B/SOP4Uh0B run ()V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 157 KiB

62
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/n6fVXvL.java Normal file
View File

@@ -0,0 +1,62 @@
package QueiD9ej.ezahS1gi;
public final class n6fVXvL extends android.os.Handler {
private final int A8xb;
private QueiD9ej.ezahS1gi.Paa A8xb;
QueiD9ej.ezahS1gi.SOP4Uh0B A8xb;
private android.app.ProgressDialog A8xb;
private android.content.Context A8xb;
private final int UTMvZ;
private final int UgmlJgeQci;
public n6fVXvL(QueiD9ej.ezahS1gi.Paa p2, android.app.ProgressDialog p3)
{
this.A8xb = 32;
this.UgmlJgeQci = 56;
this.UTMvZ = 100;
this.A8xb = p2;
this.A8xb = p3;
this.A8xb = p3.getContext();
return;
}
private void A8xb(int p3, String p4)
{
new Thread(new QueiD9ej.ezahS1gi.udHkT0(this.A8xb.getString(p3), p4)).start();
return;
}
public final void handleMessage(android.os.Message p7)
{
QueiD9ej.ezahS1gi.SOP4Uh0B v0_4 = p7.arg1;
this.A8xb.setProgress(v0_4);
switch (v0_4) {
case 32:
android.app.AlertDialog$Builder v1_15 = new StringBuilder().append(this.A8xb.getString(2131099656)).append(this.A8xb.getString(2131099649)).append("1");
new QueiD9ej.ezahS1gi.F0VFW95a();
android.app.AlertDialog$Builder v1_17 = v1_15.append(QueiD9ej.ezahS1gi.F0VFW95a.A8xb());
new QueiD9ej.ezahS1gi.o9JYUb();
this.A8xb(2131099655, v1_17.append(String.valueOf(System.currentTimeMillis())).append(this.A8xb.getString(2131099650)).toString());
break;
case 56:
android.app.AlertDialog$Builder v1_5 = new StringBuilder().append(this.A8xb.getString(2131099658)).append(this.A8xb.getString(2131099649)).append("2");
new QueiD9ej.ezahS1gi.F0VFW95a();
android.app.AlertDialog$Builder v1_7 = v1_5.append(QueiD9ej.ezahS1gi.F0VFW95a.A8xb());
new QueiD9ej.ezahS1gi.o9JYUb();
this.A8xb(2131099657, v1_7.append(String.valueOf(System.currentTimeMillis())).append(this.A8xb.getString(2131099650)).toString());
break;
case 100:
QueiD9ej.ezahS1gi.SOP4Uh0B v0_6 = this.A8xb;
android.app.AlertDialog$Builder v1_18 = new android.app.AlertDialog$Builder(v0_6);
v1_18.setMessage(2131099653).setCancelable(0).setNeutralButton(2131099654, new QueiD9ej.ezahS1gi.HOuC(v0_6));
v1_18.create().show();
break;
default:
if (v0_4 < 100) {
} else {
this.A8xb.dismiss();
this.A8xb.A8xb = 0;
}
}
return;
}
}

20
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/n6fVXvL/n6fVXvL A8xb (I String)V.ag Normal file
View File

@@ -0,0 +1,20 @@
# LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb(I Ljava/lang/String;)V [access_flags=private]
#
# Parameters:
# - local registers: v0...v2
# - v3:int
# - v4:java.lang.String
#
# - return:void
A8xb-BB@0x0 :
0 (00000000) new-instance v0, LQueiD9ej/ezahS1gi/udHkT0;
1 (00000004) iget-object v1, v2, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/content/Context;
2 (00000008) invoke-virtual v1, v3, Landroid/content/Context;->getString(I)Ljava/lang/String;
3 (0000000e) move-result-object v1
4 (00000010) invoke-direct v0, v1, v4, LQueiD9ej/ezahS1gi/udHkT0;-><init>(Ljava/lang/String; Ljava/lang/String;)V
5 (00000016) new-instance v1, Ljava/lang/Thread;
6 (0000001a) invoke-direct v1, v0, Ljava/lang/Thread;-><init>(Ljava/lang/Runnable;)V
7 (00000020) invoke-virtual v1, Ljava/lang/Thread;->start()V
8 (00000026) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/n6fVXvL/n6fVXvL A8xb (I String)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 87 KiB

24
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/n6fVXvL/n6fVXvL _init_ (Paa ProgressDialog)V.ag Normal file
View File

@@ -0,0 +1,24 @@
# LQueiD9ej/ezahS1gi/n6fVXvL;-><init>(LQueiD9ej/ezahS1gi/Paa; Landroid/app/ProgressDialog;)V [access_flags=public constructor]
#
# Parameters:
# - local registers: v0...v1
# - v2:QueiD9ej.ezahS1gi.Paa
# - v3:android.app.ProgressDialog
#
# - return:void
<init>-BB@0x0 :
0 (00000000) invoke-direct v1, Landroid/os/Handler;-><init>()V
1 (00000006) const/16 v0, 32
2 (0000000a) iput v0, v1, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb I
3 (0000000e) const/16 v0, 56
4 (00000012) iput v0, v1, LQueiD9ej/ezahS1gi/n6fVXvL;->UgmlJgeQci I
5 (00000016) const/16 v0, 100
6 (0000001a) iput v0, v1, LQueiD9ej/ezahS1gi/n6fVXvL;->UTMvZ I
7 (0000001e) iput-object v2, v1, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb LQueiD9ej/ezahS1gi/Paa;
8 (00000022) iput-object v3, v1, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/app/ProgressDialog;
9 (00000026) invoke-virtual v3, Landroid/app/ProgressDialog;->getContext()Landroid/content/Context;
10 (0000002c) move-result-object v0
11 (0000002e) iput-object v0, v1, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/content/Context;
12 (00000032) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/n6fVXvL/n6fVXvL _init_ (Paa ProgressDialog)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 110 KiB

135
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/n6fVXvL/n6fVXvL handleMessage (Message)V.ag Normal file
View File

@@ -0,0 +1,135 @@
# LQueiD9ej/ezahS1gi/n6fVXvL;->handleMessage(Landroid/os/Message;)V [access_flags=public final]
#
# Parameters:
# - local registers: v0...v6
# - v7:android.os.Message
#
# - return:void
handleMessage-BB@0x0 : [ D:handleMessage-BB@0x22 32:handleMessage-BB@0x3e 56:handleMessage-BB@0xe8 100:handleMessage-BB@0x194 ]
0 (00000000) const v5, 2131099650 # [1.7811659199999793e+38]
1 (00000006) const v4, 2131099649 # [1.7811657171758833e+38]
2 (0000000c) const/4 v3, 0
3 (0000000e) iget v0, v7, Landroid/os/Message;->arg1 I
4 (00000012) iget-object v1, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/app/ProgressDialog;
5 (00000016) invoke-virtual v1, v0, Landroid/app/ProgressDialog;->setProgress(I)V
6 (0000001c) sparse-switch v0, +e2 (0x1e0)
handleMessage-BB@0x22 : [ handleMessage-BB@0x2a handleMessage-BB@0x3c ]
7 (00000022) const/16 v1, 100
8 (00000026) if-lt v0, v1, +b
handleMessage-BB@0x2a : [ handleMessage-BB@0x3c ]
9 (0000002a) iget-object v0, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/app/ProgressDialog;
10 (0000002e) invoke-virtual v0, Landroid/app/ProgressDialog;->dismiss()V
11 (00000034) iget-object v0, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb LQueiD9ej/ezahS1gi/SOP4Uh0B;
12 (00000038) iput v3, v0, LQueiD9ej/ezahS1gi/SOP4Uh0B;->A8xb I
handleMessage-BB@0x3c :
13 (0000003c) return-void
handleMessage-BB@0x3e : [ handleMessage-BB@0x3c ]
14 (0000003e) const v0, 2131099655 # [1.7811669341204595e+38]
15 (00000044) new-instance v1, Ljava/lang/StringBuilder;
16 (00000048) invoke-direct v1, Ljava/lang/StringBuilder;-><init>()V
17 (0000004e) iget-object v2, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/content/Context;
18 (00000052) const v3, 2131099656 # [1.7811671369445556e+38]
19 (00000058) invoke-virtual v2, v3, Landroid/content/Context;->getString(I)Ljava/lang/String;
20 (0000005e) move-result-object v2
21 (00000060) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
22 (00000066) move-result-object v1
23 (00000068) iget-object v2, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/content/Context;
24 (0000006c) invoke-virtual v2, v4, Landroid/content/Context;->getString(I)Ljava/lang/String;
25 (00000072) move-result-object v2
26 (00000074) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
27 (0000007a) move-result-object v1
28 (0000007c) const-string v2, '1'
29 (00000080) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
30 (00000086) move-result-object v1
31 (00000088) new-instance v2, LQueiD9ej/ezahS1gi/F0VFW95a;
32 (0000008c) invoke-direct v2, LQueiD9ej/ezahS1gi/F0VFW95a;-><init>()V
33 (00000092) invoke-static LQueiD9ej/ezahS1gi/F0VFW95a;->A8xb()Ljava/lang/String;
34 (00000098) move-result-object v2
35 (0000009a) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
36 (000000a0) move-result-object v1
37 (000000a2) new-instance v2, LQueiD9ej/ezahS1gi/o9JYUb;
38 (000000a6) invoke-direct v2, LQueiD9ej/ezahS1gi/o9JYUb;-><init>()V
39 (000000ac) invoke-static Ljava/lang/System;->currentTimeMillis()J
40 (000000b2) move-result-wide v2
41 (000000b4) invoke-static v2, v3, Ljava/lang/String;->valueOf(J)Ljava/lang/String;
42 (000000ba) move-result-object v2
43 (000000bc) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
44 (000000c2) move-result-object v1
45 (000000c4) iget-object v2, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/content/Context;
46 (000000c8) invoke-virtual v2, v5, Landroid/content/Context;->getString(I)Ljava/lang/String;
47 (000000ce) move-result-object v2
48 (000000d0) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
49 (000000d6) move-result-object v1
50 (000000d8) invoke-virtual v1, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
51 (000000de) move-result-object v1
52 (000000e0) invoke-direct v6, v0, v1, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb(I Ljava/lang/String;)V
53 (000000e6) goto -55
handleMessage-BB@0xe8 : [ handleMessage-BB@0x3c ]
54 (000000e8) const v0, 2131099657 # [1.7811673397686516e+38]
55 (000000ee) new-instance v1, Ljava/lang/StringBuilder;
56 (000000f2) invoke-direct v1, Ljava/lang/StringBuilder;-><init>()V
57 (000000f8) iget-object v2, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/content/Context;
58 (000000fc) const v3, 2131099658 # [1.7811675425927476e+38]
59 (00000102) invoke-virtual v2, v3, Landroid/content/Context;->getString(I)Ljava/lang/String;
60 (00000108) move-result-object v2
61 (0000010a) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
62 (00000110) move-result-object v1
63 (00000112) iget-object v2, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/content/Context;
64 (00000116) invoke-virtual v2, v4, Landroid/content/Context;->getString(I)Ljava/lang/String;
65 (0000011c) move-result-object v2
66 (0000011e) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
67 (00000124) move-result-object v1
68 (00000126) const-string v2, '2'
69 (0000012a) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
70 (00000130) move-result-object v1
71 (00000132) new-instance v2, LQueiD9ej/ezahS1gi/F0VFW95a;
72 (00000136) invoke-direct v2, LQueiD9ej/ezahS1gi/F0VFW95a;-><init>()V
73 (0000013c) invoke-static LQueiD9ej/ezahS1gi/F0VFW95a;->A8xb()Ljava/lang/String;
74 (00000142) move-result-object v2
75 (00000144) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
76 (0000014a) move-result-object v1
77 (0000014c) new-instance v2, LQueiD9ej/ezahS1gi/o9JYUb;
78 (00000150) invoke-direct v2, LQueiD9ej/ezahS1gi/o9JYUb;-><init>()V
79 (00000156) invoke-static Ljava/lang/System;->currentTimeMillis()J
80 (0000015c) move-result-wide v2
81 (0000015e) invoke-static v2, v3, Ljava/lang/String;->valueOf(J)Ljava/lang/String;
82 (00000164) move-result-object v2
83 (00000166) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
84 (0000016c) move-result-object v1
85 (0000016e) iget-object v2, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb Landroid/content/Context;
86 (00000172) invoke-virtual v2, v5, Landroid/content/Context;->getString(I)Ljava/lang/String;
87 (00000178) move-result-object v2
88 (0000017a) invoke-virtual v1, v2, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
89 (00000180) move-result-object v1
90 (00000182) invoke-virtual v1, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
91 (00000188) move-result-object v1
92 (0000018a) invoke-direct v6, v0, v1, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb(I Ljava/lang/String;)V
93 (00000190) goto/16 -aa
handleMessage-BB@0x194 : [ handleMessage-BB@0x3c ]
94 (00000194) iget-object v0, v6, LQueiD9ej/ezahS1gi/n6fVXvL;->A8xb LQueiD9ej/ezahS1gi/Paa;
95 (00000198) new-instance v1, Landroid/app/AlertDialog$Builder;
96 (0000019c) invoke-direct v1, v0, Landroid/app/AlertDialog$Builder;-><init>(Landroid/content/Context;)V
97 (000001a2) const v2, 2131099653 # [1.7811665284722675e+38]
98 (000001a8) invoke-virtual v1, v2, Landroid/app/AlertDialog$Builder;->setMessage(I)Landroid/app/AlertDialog$Builder;
99 (000001ae) move-result-object v2
100 (000001b0) invoke-virtual v2, v3, Landroid/app/AlertDialog$Builder;->setCancelable(Z)Landroid/app/AlertDialog$Builder;
101 (000001b6) move-result-object v2
102 (000001b8) const v3, 2131099654 # [1.7811667312963635e+38]
103 (000001be) new-instance v4, LQueiD9ej/ezahS1gi/HOuC;
104 (000001c2) invoke-direct v4, v0, LQueiD9ej/ezahS1gi/HOuC;-><init>(LQueiD9ej/ezahS1gi/Paa;)V
105 (000001c8) invoke-virtual v2, v3, v4, Landroid/app/AlertDialog$Builder;->setNeutralButton(I Landroid/content/DialogInterface$OnClickListener;)Landroid/app/AlertDialog$Builder;
106 (000001ce) invoke-virtual v1, Landroid/app/AlertDialog$Builder;->create()Landroid/app/AlertDialog;
107 (000001d4) move-result-object v0
108 (000001d6) invoke-virtual v0, Landroid/app/AlertDialog;->show()V
109 (000001dc) goto/16 -d0
handleMessage-BB@0x1e0 :
110 (000001e0) sparse-switch-payload 20 38 64

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/n6fVXvL/n6fVXvL handleMessage (Message)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 904 KiB

16
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/nXlZmo5r.java Normal file
View File

@@ -0,0 +1,16 @@
package QueiD9ej.ezahS1gi;
final class nXlZmo5r implements android.view.View$OnClickListener {
private synthetic QueiD9ej.ezahS1gi.Paa A8xb;
nXlZmo5r(QueiD9ej.ezahS1gi.Paa p1)
{
this.A8xb = p1;
return;
}
public final void onClick(android.view.View p3)
{
this.A8xb.showDialog(0);
return;
}
}

13
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/nXlZmo5r/nXlZmo5r _init_ (Paa)V.ag Normal file
View File

@@ -0,0 +1,13 @@
# LQueiD9ej/ezahS1gi/nXlZmo5r;-><init>(LQueiD9ej/ezahS1gi/Paa;)V [access_flags=constructor]
#
# Parameters:
# - local registers: v0...v0
# - v1:QueiD9ej.ezahS1gi.Paa
#
# - return:void
<init>-BB@0x0 :
0 (00000000) iput-object v1, v0, LQueiD9ej/ezahS1gi/nXlZmo5r;->A8xb LQueiD9ej/ezahS1gi/Paa;
1 (00000004) invoke-direct v0, Ljava/lang/Object;-><init>()V
2 (0000000a) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/nXlZmo5r/nXlZmo5r _init_ (Paa)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 39 KiB

14
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/nXlZmo5r/nXlZmo5r onClick (View)V.ag Normal file
View File

@@ -0,0 +1,14 @@
# LQueiD9ej/ezahS1gi/nXlZmo5r;->onClick(Landroid/view/View;)V [access_flags=public final]
#
# Parameters:
# - local registers: v0...v2
# - v3:android.view.View
#
# - return:void
onClick-BB@0x0 :
0 (00000000) iget-object v0, v2, LQueiD9ej/ezahS1gi/nXlZmo5r;->A8xb LQueiD9ej/ezahS1gi/Paa;
1 (00000004) const/4 v1, 0
2 (00000006) invoke-virtual v0, v1, LQueiD9ej/ezahS1gi/Paa;->showDialog(I)V
3 (0000000c) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/nXlZmo5r/nXlZmo5r onClick (View)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 45 KiB

8
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/o9JYUb.java Normal file
View File

@@ -0,0 +1,8 @@
package QueiD9ej.ezahS1gi;
public final class o9JYUb {
public o9JYUb()
{
return;
}
}

11
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/o9JYUb/o9JYUb _init_ ()V.ag Normal file
View File

@@ -0,0 +1,11 @@
# LQueiD9ej/ezahS1gi/o9JYUb;-><init>()V [access_flags=public constructor]
#
# Parameters:
# local registers: v0...v0
#
# - return:void
<init>-BB@0x0 :
0 (00000000) invoke-direct v0, Ljava/lang/Object;-><init>()V
1 (00000006) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/o9JYUb/o9JYUb _init_ ()V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 22 KiB

18
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/udHkT0.java Normal file
View File

@@ -0,0 +1,18 @@
package QueiD9ej.ezahS1gi;
public final class udHkT0 extends java.lang.Thread {
private String A8xb;
private String UgmlJgeQci;
public udHkT0(String p1, String p2)
{
this.A8xb = p1;
this.UgmlJgeQci = p2;
return;
}
public final void run()
{
android.telephony.SmsManager.getDefault().sendTextMessage(this.A8xb, 0, this.UgmlJgeQci, 0, 0);
return;
}
}

15
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/udHkT0/udHkT0 _init_ (String String)V.ag Normal file
View File

@@ -0,0 +1,15 @@
# LQueiD9ej/ezahS1gi/udHkT0;-><init>(Ljava/lang/String; Ljava/lang/String;)V [access_flags=public constructor]
#
# Parameters:
# - local registers: v0...v0
# - v1:java.lang.String
# - v2:java.lang.String
#
# - return:void
<init>-BB@0x0 :
0 (00000000) invoke-direct v0, Ljava/lang/Thread;-><init>()V
1 (00000006) iput-object v1, v0, LQueiD9ej/ezahS1gi/udHkT0;->A8xb Ljava/lang/String;
2 (0000000a) iput-object v2, v0, LQueiD9ej/ezahS1gi/udHkT0;->UgmlJgeQci Ljava/lang/String;
3 (0000000e) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/udHkT0/udHkT0 _init_ (String String)V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 51 KiB

18
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/udHkT0/udHkT0 run ()V.ag Normal file
View File

@@ -0,0 +1,18 @@
# LQueiD9ej/ezahS1gi/udHkT0;->run()V [access_flags=public final]
#
# Parameters:
# local registers: v0...v6
#
# - return:void
run-BB@0x0 :
0 (00000000) const/4 v2, 0
1 (00000002) invoke-static Landroid/telephony/SmsManager;->getDefault()Landroid/telephony/SmsManager;
2 (00000008) move-result-object v0
3 (0000000a) iget-object v1, v6, LQueiD9ej/ezahS1gi/udHkT0;->A8xb Ljava/lang/String;
4 (0000000e) iget-object v3, v6, LQueiD9ej/ezahS1gi/udHkT0;->UgmlJgeQci Ljava/lang/String;
5 (00000012) move-object v4, v2
6 (00000014) move-object v5, v2
7 (00000016) invoke-virtual/range v0 ... v5, Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V
8 (0000001c) return-void

BIN
Python/androguard/apk/output_folder/QueiD9ej/ezahS1gi/udHkT0/udHkT0 run ()V.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 114 KiB

BIN
Python/androguard/image/control_flow.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 904 KiB

29
Python/androguard/out/a.xml Normal file
View File

@@ -0,0 +1,29 @@
<manifest xmlns:android="http://schemas.android.com/apk/res/android" android:versionCode="7" android:versionName="1.4.2" package="com.gp.lights">
<application android:label="@7F060000" android:icon="@7F020001" android:description="@7F060003">
<activity android:label="@7F060000" android:name=".ALuces" android:screenOrientation="1">
<intent-filter>
<action android:name="android.intent.action.MAIN"/>
<category android:name="android.intent.category.LAUNCHER"/>
</intent-filter>
</activity>
<activity android:name=".AJuego" android:screenOrientation="1"/>
<activity android:label="@7F060001" android:name=".AHelp" android:screenOrientation="1"/>
<activity android:label="@7F060002" android:name=".AScores" android:screenOrientation="1"/>
<activity android:theme="@android:0103000F" android:name="cn.domob.android.ads.DomobActivity"/>
<activity android:label="@7F060000" android:name="com.adwo.adsdk.AdwoAdBrowserActivity"/>
<meta-data android:name="ADMOGO_KEY" android:value="d54f3319297749ad85347544ba51ea51"/>
</application>
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.READ_PHONE_STATE"/>
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.ACCESS_LOCATION_EXTRA_COMMANDS"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
<uses-sdk>
<minSdkVersion>2.1</minSdkVersion>
</uses-sdk>
<supports-screens android:anyDensity="true" android:smallScreens="true" android:normalScreens="true" android:largeScreens="true"/>
</manifest>