1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
#!/usr/bin/python
# -*- coding: utf-8 -*-
import os
class PermsDataBase:
"""Display all permissions found in the Manifest."""
def __init__(self):
self._perms = { }
self._used = { }
self._load_all_definitions()
def _load_all_definitions(self):
"""Load the database in memory."""
with open(os.path.dirname(__file__) + '/androperms.db', 'r') as f:
for line in f.readlines():
perm = line.strip("\n").split("\t")
for p in perm[1].split(" "):
if not p.startswith("android.permission."):
continue
if p not in self._perms:
self._perms[p] = []
call = perm[0].split("(")[0]
if call not in self._perms[p]:
self._perms[p].append(call)
def filter_permissions(self, used):
"""Forget all permissions which are not used."""
keep = {}
for p in self._perms:
if p in used:
keep[p] = self._perms[p]
self._perms = keep
for p in keep:
self._used[p] = []
def check_call(self, addr, line):
"""Check if a call requires some rights."""
found = False
for p in self._perms:
if line.find("Wall") > -1:
print "[+]", line, ' ==> ', p
for c in self._perms[p]:
#print " - ", c
#if line.find(c) > -1:
if c.find(line) > -1:
self._used[p].append([addr, c + "()"])
#found = True
if not found:
func = line.split('.')[-1]
for p in self._perms:
for c in self._perms[p]:
if line.find("Wall") > -1:
print " <> ", c, " vs ", func
if c.find(func) > -1:
self._used[p].append([addr, line + "()"])
break
def get_used_permissions(self):
"""Provide the list of used permissions."""
return self._used
|