blob: f68b9a5a3f942da0064f2c4df8e65645433da9c9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
#!/usr/bin/python
# -*- coding: utf-8 -*-
from manifest import AndroidManifest
from db import PermsDataBase
from panel import PermsPanel
from pychrysalide import Plugin
from pychrysalide.format.dex import DexFormat
from xml.dom import minidom
import re
import zipfile
class AndroPerms(Plugin):
"""List all permissions given to an APK files."""
def init(self, ref):
"""Initialize the plugin."""
self._panel = PermsPanel()
return True
def get_action(self):
"""Register the plugin for given actions."""
return Plugin.PGA_DISASS_PROCESS
def execute_on_binary(self, binary, action):
"""Process once a binary is disassembled."""
fmt = binary.get_format()
if not isinstance(fmt, DexFormat):
return False
zf = zipfile.ZipFile(binary.get_filename())
f = zf.open('AndroidManifest.xml', 'r')
data = f.read()
f.closed
manifest = AndroidManifest(data)
xml = minidom.parseString(manifest.getXML())
# print
# print "Permissions for ", binary.get_filename(), " :"
# print "-------------"
# print
plist = []
for p in xml.getElementsByTagName("uses-permission"):
plist.append(p.getAttribute("android:name"))
# print p.getAttribute("android:name")
# print
db = PermsDataBase()
db.filter_permissions(plist)
instrs = binary.get_instructions()
buf = binary.disassembled_buffer
pfn = re.compile('<.* ([^ ]*)\(')
for i in instrs:
if i.keyword.startswith("invoke"):
line = buf.find_line_by_addr(i.address)
text = line.get_text()
name = pfn.search(text)
if name != None:
resolved = fmt.resolve_relative_routine(i.address)
if resolved == None:
reladdr = "0x%08x" % i.address
else:
reladdr = "<%s()+0x%x>" % (resolved[0], resolved[1])
db.check_call(i.address, name.group(1), reladdr)
self._panel.memorize_permissions(binary, db.get_used_permissions())
|
