diff options
author | Cyrille Bagard <nocbos@gmail.com> | 2018-09-18 07:09:16 (GMT) |
---|---|---|
committer | Cyrille Bagard <nocbos@gmail.com> | 2018-09-18 07:09:16 (GMT) |
commit | 264be7bafd7ab92ddadc5c0d9d5c4489c9cda5d4 (patch) | |
tree | e671f20f1b78d739a2faea5330460b3a22dab810 /plugins | |
parent | 7abda358d11810e464f2bf51f8333836ddc17e90 (diff) |
Loaded APK files using a Python script.
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/python/apkfiles/apkfiles.py | 43 |
1 files changed, 21 insertions, 22 deletions
diff --git a/plugins/python/apkfiles/apkfiles.py b/plugins/python/apkfiles/apkfiles.py index c45f8c9..0cffdd7 100644 --- a/plugins/python/apkfiles/apkfiles.py +++ b/plugins/python/apkfiles/apkfiles.py @@ -2,6 +2,10 @@ # -*- coding: utf-8 -*- from pychrysalide import PluginModule +from pychrysalide.analysis.contents import EncapsulatedContent +from pychrysalide.analysis.contents import MemoryContent +from pychrysalide.core import _global +import io import zipfile @@ -18,41 +22,36 @@ class ApkFiles(PluginModule): 'desc' : 'Add suppport for the APK file format', 'version' : '0.1', - 'actions' : [ PluginModule.PGA_PLUGIN_INIT ] + 'actions' : [ PluginModule.PGA_CONTENT_EXPLORER ] } return desc - def init(self): - """Initialize the plugin.""" + def handle_content(self, action, content, wid, status): + """Process an operation on a binary content.""" - return True + assert(action == PluginModule.PGA_CONTENT_EXPLORER) + pseudo_file = io.BytesIO(content.data) - def get_action(self): - """Register the plugin for given actions.""" + if zipfile.is_zipfile(pseudo_file): - return Plugin.PGA_FORMAT_MATCHER + zf = zipfile.ZipFile(pseudo_file) + if zf.namelist().count('classes.dex') > 0 \ + and zf.namelist().count('AndroidManifest.xml') > 0: - def is_matching(self, filename, data): - """Define if the given file can be handled.""" + explorer = _global().content_explorer - if not zipfile.is_zipfile(filename): - return Plugin.MFA_NONE, None, None + for name in zf.namelist(): - zf = zipfile.ZipFile(filename) + f = zf.open(name, 'r') + data = f.read() + f.closed - if zf.namelist().count('classes.dex') > 0 \ - and zf.namelist().count('AndroidManifest.xml') > 0: + mem_content = MemoryContent(data) + encaps_content = EncapsulatedContent(content, name, mem_content) - f = zf.open('classes.dex', 'r') - data = f.read() - f.closed - - return Plugin.MFA_RELOAD, None, bytearray(data) - - else: - return Plugin.MFA_NONE, None, None + explorer.populate_group(wid, encaps_content) |