summaryrefslogtreecommitdiff
path: root/plugins
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2018-09-18 07:09:16 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2018-09-18 07:09:16 (GMT)
commit264be7bafd7ab92ddadc5c0d9d5c4489c9cda5d4 (patch)
treee671f20f1b78d739a2faea5330460b3a22dab810 /plugins
parent7abda358d11810e464f2bf51f8333836ddc17e90 (diff)
Loaded APK files using a Python script.
Diffstat (limited to 'plugins')
-rw-r--r--plugins/python/apkfiles/apkfiles.py43
1 files changed, 21 insertions, 22 deletions
diff --git a/plugins/python/apkfiles/apkfiles.py b/plugins/python/apkfiles/apkfiles.py
index c45f8c9..0cffdd7 100644
--- a/plugins/python/apkfiles/apkfiles.py
+++ b/plugins/python/apkfiles/apkfiles.py
@@ -2,6 +2,10 @@
# -*- coding: utf-8 -*-
from pychrysalide import PluginModule
+from pychrysalide.analysis.contents import EncapsulatedContent
+from pychrysalide.analysis.contents import MemoryContent
+from pychrysalide.core import _global
+import io
import zipfile
@@ -18,41 +22,36 @@ class ApkFiles(PluginModule):
'desc' : 'Add suppport for the APK file format',
'version' : '0.1',
- 'actions' : [ PluginModule.PGA_PLUGIN_INIT ]
+ 'actions' : [ PluginModule.PGA_CONTENT_EXPLORER ]
}
return desc
- def init(self):
- """Initialize the plugin."""
+ def handle_content(self, action, content, wid, status):
+ """Process an operation on a binary content."""
- return True
+ assert(action == PluginModule.PGA_CONTENT_EXPLORER)
+ pseudo_file = io.BytesIO(content.data)
- def get_action(self):
- """Register the plugin for given actions."""
+ if zipfile.is_zipfile(pseudo_file):
- return Plugin.PGA_FORMAT_MATCHER
+ zf = zipfile.ZipFile(pseudo_file)
+ if zf.namelist().count('classes.dex') > 0 \
+ and zf.namelist().count('AndroidManifest.xml') > 0:
- def is_matching(self, filename, data):
- """Define if the given file can be handled."""
+ explorer = _global().content_explorer
- if not zipfile.is_zipfile(filename):
- return Plugin.MFA_NONE, None, None
+ for name in zf.namelist():
- zf = zipfile.ZipFile(filename)
+ f = zf.open(name, 'r')
+ data = f.read()
+ f.closed
- if zf.namelist().count('classes.dex') > 0 \
- and zf.namelist().count('AndroidManifest.xml') > 0:
+ mem_content = MemoryContent(data)
+ encaps_content = EncapsulatedContent(content, name, mem_content)
- f = zf.open('classes.dex', 'r')
- data = f.read()
- f.closed
-
- return Plugin.MFA_RELOAD, None, bytearray(data)
-
- else:
- return Plugin.MFA_NONE, None, None
+ explorer.populate_group(wid, encaps_content)