Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100755 117 lines (95 sloc) 3.732 kB
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
1 #!/usr/bin/env python
2 # -*- coding: utf-8 -*-
3
4 # Copyright 2012, The Honeynet Project. All rights reserved.
5 # Author: Kun Yang <kelwya@gmail.com>
6 #
7 # APKIL is free software: you can redistribute it and/or modify it under
8 # the terms of version 3 of the GNU Lesser General Public License as
9 # published by the Free Software Foundation.
10 #
11 # APKIL is distributed in the hope that it will be useful, but WITHOUT ANY
12 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
13 # FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
14 # more details.
15 #
16 # You should have received a copy of the GNU Lesser General Public License
17 # along with APKIL. If not, see <http://www.gnu.org/licenses/>.
18
19 import sys
20 import os
21 import shutil
22 import time
23 import argparse
24 from androguard.core.bytecodes import apk
25 from apkil import smali, monitor, logger
26 from subprocess import call
27
3b224ae @kelwin Allowed running apimonitor from arbitrary directory
authored
28 working_dir = sys.path[0]
29 default_api = os.path.join(working_dir, "config", "default_api_collection")
30
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
31 parser = argparse.ArgumentParser(description=\
32 'Repackage apk to monitor arbitrary APIs.')
33 parser.add_argument('-o, --output', metavar='dirpath', type=str, nargs=1,
34 help='output directory',
35 dest='output')
88cb331 @kelwin fixed bugs of constructor monitoring
authored
36 parser.add_argument('-l, --level', metavar='level', type=int, nargs=1,
37 help='target API level for instrumentation',
38 dest='level')
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
39 parser.add_argument('-a, --api', metavar='apilist', type=str,
3b224ae @kelwin Allowed running apimonitor from arbitrary directory
authored
40 default=default_api,
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
41 help='config file of API list',
42 dest='api')
43 parser.add_argument('-v, --version', action='version',
88cb331 @kelwin fixed bugs of constructor monitoring
authored
44 version='DroidBoxAPIMonitor v0.1beta')
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
45 parser.add_argument('filename', type=str,
46 help='path of APK file')
47
48 args = parser.parse_args()
49 apk_name = os.path.basename(args.filename)
50 root_name, ext = os.path.splitext(apk_name)
51 if ext != ".apk":
52 print "error: not an APK file"
53 sys.exit(2)
54
55 a = apk.APK(args.filename)
56
57 if args.output:
5e3a986 @kelwin fix outdir bug
authored
58 outdir = args.output[0]
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
59 else:
60 outdir = os.path.dirname(args.filename)
61
62 api_config = args.api
3b224ae @kelwin Allowed running apimonitor from arbitrary directory
authored
63
64 db_path = os.path.join(working_dir, "androidlib")
65 mo = monitor.APIMonitor(db_path, config=api_config)
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
66
67 new_apk = os.path.join(outdir, root_name + "_new.apk")
68 outdir = os.path.join(outdir, "apimonitor_out")
69
70 if os.path.exists(outdir):
71 shutil.rmtree(outdir)
72 os.makedirs(outdir)
73
74 dexpath = os.path.join(outdir, "origin.dex")
75 smalidir = os.path.join(outdir, "origin_smali")
76 new_dexpath = os.path.join(outdir, "new.dex")
77 new_smalidir = os.path.join(outdir, "new_smali")
78
79 min_version = int(a.get_min_sdk_version())
80 if a.get_target_sdk_version():
81 target_version = int(a.get_target_sdk_version())
82 else:
83 target_version = min_version
88cb331 @kelwin fixed bugs of constructor monitoring
authored
84 print "min_sdk_version=%d" % min_version
85 print "target_sdk_version=%d" % target_version
86
87 if (not args.level) or args.level[0] < min_version:
88 level = min_version
89 else:
90 level = args.level[0]
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
91
92 dex_file = open(dexpath, 'w')
93 dex_file.write(a.get_dex())
94 dex_file.close()
95
3b224ae @kelwin Allowed running apimonitor from arbitrary directory
authored
96 smali_jar = os.path.join(working_dir, "smali", "smali.jar")
97 baksmali_jar = os.path.join(working_dir, "smali", "baksmali.jar")
98 cert_path = os.path.join(working_dir, "config", "apkil.cert")
99
100 call(args=['java', '-jar', baksmali_jar,
a16f5d2 @dweinstein allow apimonitor to run from arbitrary dir
dweinstein authored
101 '-b', '-o', smalidir, dexpath])
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
102 s = smali.SmaliTree(level, smalidir)
103
104 s = mo.inject(s, level)
105 s.save(new_smalidir)
106
3b224ae @kelwin Allowed running apimonitor from arbitrary directory
authored
107 call(args=['java', '-jar', smali_jar,
a16f5d2 @dweinstein allow apimonitor to run from arbitrary dir
dweinstein authored
108 '-a', str(level), '-o', new_dexpath, new_smalidir])
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
109
110 new_dex = open(new_dexpath).read();
111 a.new_zip(filename=new_apk,
112 deleted_files="(META-INF/.)", new_files = {
113 "classes.dex" : new_dex } )
3b224ae @kelwin Allowed running apimonitor from arbitrary directory
authored
114 apk.sign_apk(new_apk, cert_path, "apkil", "apkilapkil" )
115 print "NEW APK: %s" % new_apk
aff4636 @kelwin Added APIMonitor script and fixed bugs
authored
116
Something went wrong with that request. Please try again.