androguard学习

2026-02-03 02:23:31 +08:00 · 2021-12-14 22:21:00 +08:00
parent fbb06e0ee6
commit b694534b7c
12 changed files with 259 additions and 1 deletions
--- a/Python/androguard/analyze.ipynb
+++ b/Python/androguard/analyze.ipynb
@@ -71,6 +71,7 @@
   "cell_type": "markdown",
   "metadata": {},
   "source": [
+    "\n",
    "## 常用的命令行工具\n",
    "* androguard:所有工具的集合\n",
    "  * androguard analyze：交互式命令行Ipython工具\n",
@@ -85,6 +86,14 @@
    "它本身是一个ipython分析工具，既可以作为命令行工具执行，也可以嵌入到Python脚本中，用于分析Python文件。以上命令都会开启一个ipython交互式命令行。"
   ]
  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "## androguard使用教程\n",
+    "> 官方使用教程"
+   ]
+  },
  {
   "cell_type": "code",
   "execution_count": 20,
@@ -134,7 +143,7 @@
   "name": "python",
   "nbconvert_exporter": "python",
   "pygments_lexer": "ipython3",
-   "version": "3.8.8"
+   "version": "3.8.10"
  },
  "orig_nbformat": 4
 },
--- a/Python/androguard/androguard_lesson.ipynb
+++ b/Python/androguard/androguard_lesson.ipynb
@@ -0,0 +1,198 @@
+{
+ "cells": [
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "## 1 典型应用\n",
+    "仅仅到如APK对象，进行简单的内容提取，不需要复杂的分析工作。"
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "metadata": {},
+   "outputs": [],
+   "source": [
+    "#!/usr/local/python3/bin/python3.6\n",
+    " \n",
+    "from androguard.core.bytecodes.apk import APK\n",
+    "import sys\n",
+    " \n",
+    "filename = \"\"\n",
+    "if len(sys.argv) > 1:\n",
+    "    filename = sys.argv[1]\n",
+    "if not filename.endswith(\".apk\"):\n",
+    "    print(\"error: not a apk file\")\n",
+    "    sys.exit(1)\n",
+    " \n",
+    "a = APK(filename)\n",
+    "if a.get_package is not None:\n",
+    "    print(\"name=\" +  a.get_package())\n",
+    "if a.get_app_name is not None:\n",
+    "    print(\"appName=\" +  a.get_app_name())\n",
+    "if a.get_target_sdk_version is not None:\n",
+    "    print(\"sdkVersion=\" + a.get_target_sdk_version())\n",
+    "if a.get_androidversion_code is not None:\n",
+    "    print(\"versionCode=\" + a.get_androidversion_code())\n",
+    "if a.get_androidversion_code is not None:\n",
+    "    print(\"versionName=\" + a.get_androidversion_name())\n",
+    "for m in a.get_permissions():\n",
+    "    print(\"permission=\" + m)"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "## 2 一个网络教程——作为python的模块使用\n",
+    "> 这是一个新版本的应用教程 https://blog.csdn.net/vitA_gsm/article/details/104791870?utm_medium=distribute.pc_aggpage_search_result.none-task-blog-2~aggregatepage~first_rank_ecpm_v1~rank_v31_ecpm-9-104791870.pc_agg_new_rank&utm_term=androguard+python&spm=1000.2123.3001.4430 \n",
+    "> 这是一个老版本的教程，需要手动引入很多库文件。可以完全用这种方式进行分析。 https://blog.csdn.net/ybdesire/article/details/52280303"
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "metadata": {},
+   "outputs": [
+    {
+     "name": "stdout",
+     "output_type": "stream",
+     "text": [
+      "['1.apk', '2.apk', '3.apk', '4.apk', '5.apk']\n"
+     ]
+    }
+   ],
+   "source": [
+    "import os\n",
+    "# 引入androguard的路径，根据个人存放的位置而定\n",
+    "# androguard_module_path = os.path.join( os.path.dirname(os.path.abspath(__file__)), 'androguard' )\n",
+    "# androguard_module_path = '/home/ykl/.virtualenvs/pytorch/bin/androguard'\n",
+    "\n",
+    "# if not androguard_module_path in sys.path:\n",
+    "#     sys.path.append(androguard_module_path)\n",
+    "    \n",
+    "from androguard.misc import AnalyzeAPK\n",
+    "from androguard.core.androconf import load_api_specific_resource_module\n",
+    "\n",
+    "path = \"./apk/\"\n",
+    "out_path = \"./out\"\n",
+    "files = []\n",
+    "path_list=os.listdir(path)\n",
+    "path_list.sort()\n",
+    "for name in path_list:\n",
+    "    if os.path.isfile(os.path.join(path, name)):\n",
+    "        files.append(name)\n",
+    "print(files)\n"
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "metadata": {},
+   "outputs": [],
+   "source": [
+    "\n",
+    "def main():\n",
+    "    for apkfile in files:\n",
+    "        file_name = os.path.splitext(apkfile)[0]   \n",
+    "        out = AnalyzeAPK(path + '/' + apkfile) \n",
+    "        dx = out[2]\n",
+    "\n",
+    "        #api和权限映射        \n",
+    "        api_perm_filename = os.path.join(out_path, file_name + \"_api-perm.txt\")\n",
+    "        api_perm_file = open(api_perm_filename, 'w', encoding='utf-8')\n",
+    "        permmap = load_api_specific_resource_module('api_permission_mappings')\n",
+    "        # print(permmap.items())\n",
+    "        results = []\n",
+    "        for meth_analysis in dx.get_methods():\n",
+    "            meth = meth_analysis.get_method()\n",
+    "            name  = meth.get_class_name() + \"-\" + meth.get_name() + \"-\" + str(meth.get_descriptor())       \n",
+    "            for k,v in permmap.items():  \n",
+    "                if name  == k:\n",
+    "                    result = str(meth) + ' : ' + str(v)\n",
+    "                    api_perm_file.write(result + '\\n')  \n",
+    "        api_perm_file.close()\n",
+    "\n",
+    "main()"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "## 3 一个网络教程——作为命令行脚本启动\n",
+    "> 这是一个使用命令行分析的详细的教程，能够脚本获取自己所需要的内容。 https://blog.csdn.net/qq_40644809/article/details/106814146?utm_medium=distribute.pc_aggpage_search_result.none-task-blog-2~aggregatepage~first_rank_ecpm_v1~rank_v31_ecpm-20-106814146.pc_agg_new_rank&utm_term=androguard+python&spm=1000.2123.3001.4430\n",
+    "> 这是详解a.d.dx.misc.axml.asrc等一系列对象的内置方法的文件。 https://www.jianshu.com/p/079e40800ef4"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "```\n",
+    "ykl@ykl-OptiPlex-3070:~/gitee/notes/Python/androguard/apk$ androguard analyze 1.apk\n",
+    "Please be patient, this might take a while.\n",
+    "Found the provided file is of type 'APK'\n",
+    "[INFO    ] androguard.analysis: End of creating cross references (XREF)\n",
+    "[INFO    ] androguard.analysis: run time: 0min 00s\n",
+    "Added file to session: SHA256::000e0948176bdec2b6e19d0f03e23f37910676a9b7e7709954614bac79269c36\n",
+    "Loaded APK file...\n",
+    ">>> a\n",
+    "<androguard.core.bytecodes.apk.APK object at 0x7fc1d37d73d0>\n",
+    ">>> d\n",
+    "[<androguard.core.bytecodes.dvm.DalvikVMFormat object at 0x7fc1d225abe0>]\n",
+    ">>> dx\n",
+    "<analysis.Analysis VMs: 1, Classes: 22, Strings: 2>\n",
+    "\n",
+    "Androguard version 3.3.5 started\n",
+    "In [1]: a\n",
+    "Out[1]: <androguard.core.bytecodes.apk.APK at 0x7fc1d37d73d0>\n",
+    "\n",
+    "In [2]: d\n",
+    "Out[2]: [<androguard.core.bytecodes.dvm.DalvikVMFormat at 0x7fc1d225abe0>]\n",
+    "\n",
+    "In [3]: dx\n",
+    "Out[3]: <analysis.Analysis VMs: 1, Classes: 22, Strings: 2>\n",
+    "\n",
+    "In [4]: a.get_permissions()\n",
+    "Out[4]: \n",
+    "['android.permission.EXPAND_STATUS_BAR',\n",
+    " 'android.permission.ACCESS_NETWORK_STATE',\n",
+    " 'android.permission.WRITE_CALENDAR',\n",
+    " 'android.permission.GET_ACCOUNTS',\n",
+    " 'android.permission.BATTERY_STATS',\n",
+    " 'android.permission.INTERNET',\n",
+    " 'android.permission.SEND_SMS',\n",
+    " 'android.permission.INSTALL_PACKAGES',\n",
+    " 'android.permission.WRITE_CONTACTS',\n",
+    " 'android.permission.CONTROL_LOCATION_UPDATES',\n",
+    " 'android.permission.ACCESS_WIFI_STATE',\n",
+    " 'android.permission.READ_LOGS',\n",
+    " 'android.permission.READ_FRAME_BUFFER',\n",
+    " 'android.permission.READ_CONTACTS',\n",
+    " 'android.permission.CAMERA',\n",
+    " 'android.permission.SYSTEM_ALERT_WINDOW',\n",
+    " 'android.permission.STATUS_BAR',\n",
+    " 'com.android.browser.permission.READ_HISTORY_BOOKMARKS',\n",
+    " 'android.permission.CHANGE_CONFIGURATION',\n",
+    " 'android.permission.VIBRATE',\n",
+    " 'android.permission.READ_CALENDAR']\n",
+    "```\n"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": []
+  }
+ ],
+ "metadata": {
+  "language_info": {
+   "name": "python"
+  },
+  "orig_nbformat": 4
+ },
+ "nbformat": 4,
+ "nbformat_minor": 2
+}
--- a/Python/androguard/apk/1.apk
+++ b/Python/androguard/apk/1.apk
--- a/Python/androguard/apk/2.apk
+++ b/Python/androguard/apk/2.apk
--- a/Python/androguard/apk/3.apk
+++ b/Python/androguard/apk/3.apk
--- a/Python/androguard/apk/4.apk
+++ b/Python/androguard/apk/4.apk
--- a/Python/androguard/apk/5.apk
+++ b/Python/androguard/apk/5.apk
--- a/Python/androguard/out/1_api-perm.txt
+++ b/Python/androguard/out/1_api-perm.txt
@@ -0,0 +1 @@
+Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V : ['android.permission.SEND_SMS']
--- a/Python/androguard/out/2_api-perm.txt
+++ b/Python/androguard/out/2_api-perm.txt
@@ -0,0 +1,3 @@
+Landroid/os/PowerManager$WakeLock;->acquire()V : ['android.permission.WAKE_LOCK']
+Landroid/os/PowerManager$WakeLock;->release()V : ['android.permission.WAKE_LOCK']
+Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V : ['android.permission.SEND_SMS']
--- a/Python/androguard/out/3_api-perm.txt
+++ b/Python/androguard/out/3_api-perm.txt
@@ -0,0 +1,21 @@
+Landroid/telephony/TelephonyManager;->getLine1Number()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/telephony/TelephonyManager;->getDeviceId()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo; : ['android.permission.ACCESS_NETWORK_STATE']
+Landroid/net/ConnectivityManager;->getNetworkInfo(I)Landroid/net/NetworkInfo; : ['android.permission.ACCESS_NETWORK_STATE']
+Landroid/location/LocationManager;->getLastKnownLocation(Ljava/lang/String;)Landroid/location/Location; : ['android.permission.ACCESS_COARSE_LOCATION', 'android.permission.ACCESS_FINE_LOCATION']
+Landroid/location/LocationManager;->isProviderEnabled(Ljava/lang/String;)Z : ['android.permission.ACCESS_COARSE_LOCATION', 'android.permission.ACCESS_FINE_LOCATION']
+Landroid/location/LocationManager;->requestLocationUpdates(Ljava/lang/String; J F Landroid/location/LocationListener;)V : ['android.permission.ACCESS_COARSE_LOCATION', 'android.permission.ACCESS_FINE_LOCATION']
+Landroid/location/LocationManager;->requestLocationUpdates(Ljava/lang/String; J F Landroid/location/LocationListener; Landroid/os/Looper;)V : ['android.permission.ACCESS_COARSE_LOCATION', 'android.permission.ACCESS_FINE_LOCATION']
+Landroid/os/PowerManager$WakeLock;->release()V : ['android.permission.WAKE_LOCK']
+Landroid/os/PowerManager$WakeLock;->acquire()V : ['android.permission.WAKE_LOCK']
+Landroid/net/wifi/WifiManager;->getConnectionInfo()Landroid/net/wifi/WifiInfo; : ['android.permission.ACCESS_WIFI_STATE']
+Landroid/media/MediaPlayer;->pause()V : ['android.permission.WAKE_LOCK']
+Landroid/media/MediaPlayer;->start()V : ['android.permission.WAKE_LOCK']
+Landroid/media/MediaPlayer;->release()V : ['android.permission.WAKE_LOCK']
+Landroid/media/MediaPlayer;->stop()V : ['android.permission.WAKE_LOCK']
+Landroid/media/MediaPlayer;->reset()V : ['android.permission.WAKE_LOCK']
+Landroid/accounts/AccountManager;->getAccounts()[Landroid/accounts/Account; : ['android.permission.GET_ACCOUNTS']
+Landroid/widget/VideoView;->pause()V : ['android.permission.WAKE_LOCK']
+Landroid/widget/VideoView;->start()V : ['android.permission.WAKE_LOCK']
+Landroid/widget/VideoView;->stopPlayback()V : ['android.permission.WAKE_LOCK']
+Landroid/widget/VideoView;->setVideoPath(Ljava/lang/String;)V : ['android.permission.WAKE_LOCK']
--- a/Python/androguard/out/4_api-perm.txt
+++ b/Python/androguard/out/4_api-perm.txt
@@ -0,0 +1,10 @@
+Landroid/telephony/TelephonyManager;->getDeviceId()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/telephony/TelephonyManager;->getLine1Number()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/telephony/TelephonyManager;->getSubscriberId()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/telephony/TelephonyManager;->getSimSerialNumber()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo; : ['android.permission.ACCESS_NETWORK_STATE']
+Landroid/net/ConnectivityManager;->getNetworkInfo(I)Landroid/net/NetworkInfo; : ['android.permission.ACCESS_NETWORK_STATE']
+Landroid/net/wifi/WifiManager;->isWifiEnabled()Z : ['android.permission.ACCESS_WIFI_STATE']
+Landroid/net/wifi/WifiManager;->getConnectionInfo()Landroid/net/wifi/WifiInfo; : ['android.permission.ACCESS_WIFI_STATE']
+Landroid/location/LocationManager;->getBestProvider(Landroid/location/Criteria; Z)Ljava/lang/String; : ['android.permission.ACCESS_COARSE_LOCATION', 'android.permission.ACCESS_FINE_LOCATION']
+Landroid/location/LocationManager;->getLastKnownLocation(Ljava/lang/String;)Landroid/location/Location; : ['android.permission.ACCESS_COARSE_LOCATION', 'android.permission.ACCESS_FINE_LOCATION']
--- a/Python/androguard/out/5_api-perm.txt
+++ b/Python/androguard/out/5_api-perm.txt
@@ -0,0 +1,16 @@
+Landroid/app/Activity;->setRequestedOrientation(I)V : ['android.permission.BROADCAST_STICKY']
+Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo; : ['android.permission.ACCESS_NETWORK_STATE']
+Landroid/net/ConnectivityManager;->getNetworkInfo(I)Landroid/net/NetworkInfo; : ['android.permission.ACCESS_NETWORK_STATE']
+Landroid/location/LocationManager;->getBestProvider(Landroid/location/Criteria; Z)Ljava/lang/String; : ['android.permission.ACCESS_COARSE_LOCATION', 'android.permission.ACCESS_FINE_LOCATION']
+Landroid/location/LocationManager;->requestLocationUpdates(Ljava/lang/String; J F Landroid/location/LocationListener; Landroid/os/Looper;)V : ['android.permission.ACCESS_COARSE_LOCATION', 'android.permission.ACCESS_FINE_LOCATION']
+Landroid/location/LocationManager;->getLastKnownLocation(Ljava/lang/String;)Landroid/location/Location; : ['android.permission.ACCESS_COARSE_LOCATION', 'android.permission.ACCESS_FINE_LOCATION']
+Landroid/telephony/TelephonyManager;->getDeviceId()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/telephony/TelephonyManager;->getSubscriberId()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/telephony/TelephonyManager;->getLine1Number()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/telephony/TelephonyManager;->getSimSerialNumber()Ljava/lang/String; : ['android.permission.READ_PHONE_STATE']
+Landroid/net/wifi/WifiManager;->getConnectionInfo()Landroid/net/wifi/WifiInfo; : ['android.permission.ACCESS_WIFI_STATE']
+Landroid/net/wifi/WifiManager;->getWifiState()I : ['android.permission.ACCESS_WIFI_STATE']
+Landroid/net/wifi/WifiManager;->setWifiEnabled(Z)Z : ['android.permission.CHANGE_WIFI_STATE']
+Landroid/media/MediaPlayer;->stop()V : ['android.permission.WAKE_LOCK']
+Landroid/media/MediaPlayer;->release()V : ['android.permission.WAKE_LOCK']
+Landroid/media/MediaPlayer;->start()V : ['android.permission.WAKE_LOCK']
				`@@ -0,0 +1 @@`
				`Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V : ['android.permission.SEND_SMS']`