In [7]:
import os
import glob
import numpy as np
from sklearn import svm
from androguard.core.bytecodes.apk import APK
from androguard.core.bytecodes.dvm import DalvikVMFormat
import re

# Veri seti klasör yolu
dataset_path = 'C:\\Users\hakan\\Desktop\\apks\\ALL'

# APK dosyalarında kod karıştırma tespiti için gerekli adımlar
def detect_code_obfuscation(apk_file):
    apk = APK(apk_file) # APK nın dosya yolunu vererek APK nesnesi oluşturulur
    count = 0 # Kontrol değişkeni
    for dex in apk.get_all_dex(): # class.dex dosyası içerisinden dosyalara ulaşma
        vm = DalvikVMFormat(dex)
        for cls in vm.get_classes(): # tüm dosyaların dosya yolunu alma
            class_name = cls.get_name()
            #print(cls)
            if re.search(r'/[a-z];$', class_name): # class isimlerine göre kontrol etme
                return True
    return False


# Veri setinden özellikleri çıkarma
def extract_features(dataset_path):
    apk_files = glob.glob(os.path.join(dataset_path, '*.apk'))
    X = []
    y = []
    for apk_file in apk_files:
        apk = APK(apk_file)
        features = []
        # Kod karıştırma tespiti
        is_obfuscated = detect_code_obfuscation(apk_file)
        if is_obfuscated:
            features.append(1)  # Kod karıştırma var
        else:
            features.append(0)  # Kod karıştırma yok
        X.append(features)
        y.append(is_obfuscated)
    return np.array(X), np.array(y)
# Veri setini yükleme
X, y = extract_features(dataset_path)
# Veri setini eğitim ve test verilerine ayırma
split_ratio = 0.8
split_index = int(split_ratio * len(X))
X_train = X[:split_index]
y_train = y[:split_index]
X_test = X[split_index:]
y_test = y[split_index:]
# SVM modelini eğitme
svm_model = svm.SVC(gamma = "auto")
svm_model.fit(X_train, y_train)

# Girdi olarak verilen APK dosyasında kod karıştırma olup olmadığını tahmin etme


Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 31 is larger than maximum we have, returning API level 28 instead.
Requested API level 31 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 32 is larger than maximum we have, returning API level 28 instead.
Requested API level 32 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maxim

Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 29 is larger than maxim

SVC(C=1.0, cache_size=200, class_weight=None, coef0=0.0,
    decision_function_shape='ovr', degree=3, gamma='auto', kernel='rbf',
    max_iter=-1, probability=False, random_state=None, shrinking=True,
    tol=0.001, verbose=False)

In [6]:
apk_file_path = "C:\\Users\\hakan\\Desktop\\apks\\com.starry.greenstash_25.apk"
features = []
is_obfuscated = detect_code_obfuscation(apk_file_path)
features.append(is_obfuscated)
prediction = svm_model.predict([features])[0]
if prediction:
    print('APK dosyasında kod karıştırma tespit edildi.')
else:
    print('APK dosyasında kod karıştırma tespit edilmedi.')

Requested API level 33 is larger than maximum we have, returning API level 28 instead.


APK dosyasında kod karıştırma tespit edildi.


In [8]:
import re
from androguard.core.bytecodes.apk import APK
from androguard.core.bytecodes.dvm import DalvikVMFormat
import glob
import os
from pathlib import Path
# Bir klasördeki tüm apk dosyalarını bulan fonksiyon
def find_all_apks(directory):
    apk_files = [] # Apk dosyalarının yolu için bir dizi
    for path in Path(directory).rglob('*.apk'): # Klasördeki Apk dosyalarını bulan döngü
        if path.is_file(): # Kontrol
            apk_files.append(path) # Eğer Apk dosyası ise diziye ata
    return apk_files # diziyi döndür
directory_path = "C:\\Users\\hakan\\Desktop\\apks\\ALL" # klasör yolu
apk_files = find_all_apks(directory_path) # bu değişkene yukarıdaki fonksiyonun sonucunu ata
def check_all_apks(apk_files): # Bir klasördeki bütün Apk dosyalarında karıştırma olup olmadığını kontrol eden fonk.
    x = 0
    for apk in apk_files: # gönderdiğimiz parametredeki her Apk için
        apk_file = APK(apk) # Apk yolu sayesinde Apk nesnesi oluştur
        c = 0 # Kontrol değişkeni
        x = x + 1
        for dex in apk_file.get_all_dex():
            vm = DalvikVMFormat(dex)
            for cls in vm.get_classes():
                class_name = cls.get_name()
                #print(class_name)
                if re.search(r'/[a-z];$', class_name):
                    c += 1
        if c > 0:
            print(x, " evet")
        else: 
            print(x, " hayır")

check_all_apks(apk_files)

Requested API level 33 is larger than maximum we have, returning API level 28 instead.
Requested API level 33 is larger than maximum we have, returning API level 28 instead.


1  evet


Requested API level 31 is larger than maximum we have, returning API level 28 instead.


2  evet


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


3  hayır


Requested API level 32 is larger than maximum we have, returning API level 28 instead.


4  evet


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


5  hayır
6  evet


Requested API level 32 is larger than maximum we have, returning API level 28 instead.
Requested API level 30 is larger than maximum we have, returning API level 28 instead.


7  hayır


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


8  hayır


Requested API level 30 is larger than maximum we have, returning API level 28 instead.


9  evet


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


10  hayır


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


11  evet


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


12  evet


Requested API level 31 is larger than maximum we have, returning API level 28 instead.


13  hayır


Requested API level 31 is larger than maximum we have, returning API level 28 instead.


14  hayır


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


15  hayır


Requested API level 30 is larger than maximum we have, returning API level 28 instead.


16  hayır


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


17  hayır


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


18  evet


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


19  hayır


Requested API level 32 is larger than maximum we have, returning API level 28 instead.


20  evet


Requested API level 31 is larger than maximum we have, returning API level 28 instead.


21  evet


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


22  evet


Requested API level 30 is larger than maximum we have, returning API level 28 instead.


23  evet


Requested API level 32 is larger than maximum we have, returning API level 28 instead.


24  hayır


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


25  hayır


Requested API level 31 is larger than maximum we have, returning API level 28 instead.


26  hayır
27  hayır


Requested API level 33 is larger than maximum we have, returning API level 28 instead.


KeyboardInterrupt: 

In [11]:
import re
from androguard.core.bytecodes.apk import APK
from androguard.core.bytecodes.dvm import DalvikVMFormat
import glob
import os
from pathlib import Path

# Tek bir APK dosyasında kod karıştırma olup olmadığını kontrol eden fonksiyon
def check_an_apk(apk_path):
    apk = APK(apk_path) # APK nın dosya yolunu vererek APK nesnesi oluşturulur
    count = 0 # Kontrol değişkeni
    for dex in apk.get_all_dex(): # class.dex dosyası içerisinden dosyalara ulaşma
        vm = DalvikVMFormat(dex)
        for cls in vm.get_classes(): # tüm dosyaların dosya yolunu alma
            class_name = cls.get_name()
            #print(cls)
            if re.search(r'/[a-z];$', class_name): # class isimlerine göre kontrol etme
                count += 1
    if count > 0:
        print("Verilen APK dosyasında kod karıştırma bulunmaktadır!!!")
    else:
        print("Verilen APK dosyasında kod karıştırma bulunmamaktadır!!!")
        
apk_path = "C:\\Users\\hakan\\Desktop\\apks\\YES\\com.github.xfalcon.vhosts_42.apk" # YES
#apk_path = "C:\\Users\hakan\\Desktop\\apks\\NO\\com.caydey.ffshare_12.apk" # NO
#apk_path = "C:\\Users\hakan\\Desktop\\net.i2p.android.router_4745278.apk" # YES
#apk_path = "C:\\Users\\hakan\\AndroidStudioProjects\\karistirma\\app\\build\\outputs\\apk\\release\\app-release-unsigned.apk" # Android Studio

check_an_apk(apk_path)

Requested API level 33 is larger than maximum we have, returning API level 28 instead.


Verilen APK dosyasında kod karıştırma bulunmaktadır!!!
