Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100755 107 lines (90 sloc) 3.488 kb
aff46367 »
2012-08-21 Added APIMonitor script and fixed bugs
1 #!/usr/bin/env python
2 # -*- coding: utf-8 -*-
3
4 # Copyright 2012, The Honeynet Project. All rights reserved.
5 # Author: Kun Yang <kelwya@gmail.com>
6 #
7 # APKIL is free software: you can redistribute it and/or modify it under
8 # the terms of version 3 of the GNU Lesser General Public License as
9 # published by the Free Software Foundation.
10 #
11 # APKIL is distributed in the hope that it will be useful, but WITHOUT ANY
12 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
13 # FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
14 # more details.
15 #
16 # You should have received a copy of the GNU Lesser General Public License
17 # along with APKIL. If not, see <http://www.gnu.org/licenses/>.
18
19 import sys
20 import os
21 import shutil
22 import time
23 import argparse
24 from androguard.core.bytecodes import apk
25 from apkil import smali, monitor, logger
26 from subprocess import call
27
a16f5d28 » dweinstein
2012-08-25 allow apimonitor to run from arbitrary dir
28 working_dir=sys.path[0]
aff46367 »
2012-08-21 Added APIMonitor script and fixed bugs
29 parser = argparse.ArgumentParser(description=\
30 'Repackage apk to monitor arbitrary APIs.')
31 parser.add_argument('-o, --output', metavar='dirpath', type=str, nargs=1,
32 help='output directory',
33 dest='output')
88cb3315 »
2012-08-22 fixed bugs of constructor monitoring
34 parser.add_argument('-l, --level', metavar='level', type=int, nargs=1,
35 help='target API level for instrumentation',
36 dest='level')
aff46367 »
2012-08-21 Added APIMonitor script and fixed bugs
37 parser.add_argument('-a, --api', metavar='apilist', type=str,
a16f5d28 » dweinstein
2012-08-25 allow apimonitor to run from arbitrary dir
38 default="{}/config/default_api_collection".format(working_dir),
aff46367 »
2012-08-21 Added APIMonitor script and fixed bugs
39 help='config file of API list',
40 dest='api')
41 parser.add_argument('-v, --version', action='version',
88cb3315 »
2012-08-22 fixed bugs of constructor monitoring
42 version='DroidBoxAPIMonitor v0.1beta')
aff46367 »
2012-08-21 Added APIMonitor script and fixed bugs
43 parser.add_argument('filename', type=str,
44 help='path of APK file')
45
46 args = parser.parse_args()
47 apk_name = os.path.basename(args.filename)
48 root_name, ext = os.path.splitext(apk_name)
49 if ext != ".apk":
50 print "error: not an APK file"
51 sys.exit(2)
52
53 a = apk.APK(args.filename)
54
55 if args.output:
56 outdir = args.output
57 else:
58 outdir = os.path.dirname(args.filename)
59
60 api_config = args.api
61 mo = monitor.APIMonitor(config=api_config)
62
63 new_apk = os.path.join(outdir, root_name + "_new.apk")
64 outdir = os.path.join(outdir, "apimonitor_out")
65
66 if os.path.exists(outdir):
67 shutil.rmtree(outdir)
68 os.makedirs(outdir)
69
70 dexpath = os.path.join(outdir, "origin.dex")
71 smalidir = os.path.join(outdir, "origin_smali")
72 new_dexpath = os.path.join(outdir, "new.dex")
73 new_smalidir = os.path.join(outdir, "new_smali")
74
75 min_version = int(a.get_min_sdk_version())
76 if a.get_target_sdk_version():
77 target_version = int(a.get_target_sdk_version())
78 else:
79 target_version = min_version
88cb3315 »
2012-08-22 fixed bugs of constructor monitoring
80 print "min_sdk_version=%d" % min_version
81 print "target_sdk_version=%d" % target_version
82
83 if (not args.level) or args.level[0] < min_version:
84 level = min_version
85 else:
86 level = args.level[0]
aff46367 »
2012-08-21 Added APIMonitor script and fixed bugs
87
88 dex_file = open(dexpath, 'w')
89 dex_file.write(a.get_dex())
90 dex_file.close()
91
a16f5d28 » dweinstein
2012-08-25 allow apimonitor to run from arbitrary dir
92 call(args=['java', '-jar', '{}/smali/baksmali.jar'.format(working_dir),
93 '-b', '-o', smalidir, dexpath])
aff46367 »
2012-08-21 Added APIMonitor script and fixed bugs
94 s = smali.SmaliTree(level, smalidir)
95
96 s = mo.inject(s, level)
97 s.save(new_smalidir)
98
a16f5d28 » dweinstein
2012-08-25 allow apimonitor to run from arbitrary dir
99 call(args=['java', '-jar', '{}/smali/smali.jar'.format(working_dir),
100 '-a', str(level), '-o', new_dexpath, new_smalidir])
aff46367 »
2012-08-21 Added APIMonitor script and fixed bugs
101
102 new_dex = open(new_dexpath).read();
103 a.new_zip(filename=new_apk,
104 deleted_files="(META-INF/.)", new_files = {
105 "classes.dex" : new_dex } )
106 apk.sign_apk(new_apk, \
107 "config/apkil.cert", "apkil", "apkilapkil" )
108
Something went wrong with that request. Please try again.