androguard.core package¶
Subpackages¶
Submodules¶
androguard.core.androconf module¶
-
class
androguard.core.androconf.
Color
¶ Bases:
object
-
Black
= '\x1b[30m'¶
-
Blue
= '\x1b[34m'¶
-
Bold
= '\x1b[1m'¶
-
Cyan
= '\x1b[36m'¶
-
Green
= '\x1b[32m'¶
-
Grey
= '\x1b[37m'¶
-
Normal
= '\x1b[0m'¶
-
Purple
= '\x1b[35m'¶
-
Red
= '\x1b[31m'¶
-
Yellow
= '\x1b[33m'¶
-
-
class
androguard.core.androconf.
Configuration
¶ Bases:
object
-
instance
= {'BIN_DED': 'ded.sh', 'BIN_DEX2JAR': 'dex2jar.sh', 'BIN_FERNFLOWER': 'fernflower.jar', 'BIN_JAD': 'jad', 'BIN_JADX': 'jadx', 'BIN_JARSIGNER': 'jarsigner', 'BIN_WINEJAD': 'jad.exe', 'COLORS': {'BB': '\x1b[35m', 'BRANCH': '\x1b[34m', 'BRANCH_FALSE': '\x1b[31m', 'BRANCH_TRUE': '\x1b[32m', 'EXCEPTION': '\x1b[36m', 'INSTRUCTION_NAME': '\x1b[33m', 'NORMAL': '\x1b[0m', 'NOTE': '\x1b[31m', 'OFFSET': '\x1b[33m', 'OFFSET_ADDR': '\x1b[32m', 'OUTPUT': {'field': '\x1b[32m', 'literal': '\x1b[32m', 'meth': '\x1b[36m', 'normal': '\x1b[0m', 'offset': '\x1b[35m', 'raw': '\x1b[31m', 'registers': '\x1b[0m', 'string': '\x1b[31m', 'type': '\x1b[34m'}}, 'DEFAULT_API': 16, 'OPTIONS_FERNFLOWER': {'asc': '1', 'dgs': '1'}, 'PRINT_FCT': <built-in method write of _io.TextIOWrapper object>, 'RECODE_ASCII_STRING': False, 'RECODE_ASCII_STRING_METH': None, 'SESSION': None, 'TMP_DIRECTORY': '/tmp'}¶
-
-
exception
androguard.core.androconf.
InvalidResourceError
¶ Bases:
Exception
Invalid Resource Erorr is thrown by load_api_specific_resource_module
-
androguard.core.androconf.
color_range
(startcolor, goalcolor, steps)¶ wrapper for interpolate_tuple that accepts colors as html (“#CCCCC” and such)
-
androguard.core.androconf.
default_colors
(obj)¶
-
androguard.core.androconf.
disable_colors
()¶ Disable colors from the output (color = normal)
-
androguard.core.androconf.
enable_colors
(colors)¶
-
androguard.core.androconf.
interpolate_tuple
(startcolor, goalcolor, steps)¶ Take two RGB color sets and mix them over a specified number of steps. Return the list
-
androguard.core.androconf.
is_android
(filename)¶ Return the type of the file
:param filename : the filename :returns: “APK”, “DEX”, None
-
androguard.core.androconf.
is_android_raw
(raw)¶ Returns a string that describes the type of file, for common Android specific formats
-
androguard.core.androconf.
is_ascii_problem
(s)¶ Test if a string contains other chars than ASCII
- Parameters
s (MUTF8Strin) – a string to test
- Returns
True if string contains other chars than ASCII, False otherwise
-
androguard.core.androconf.
load_api_specific_resource_module
(resource_name, api=None)¶ Load the module from the JSON files and return a dict, which might be empty if the resource could not be loaded.
If no api version is given, the default one from the CONF dict is used.
- Parameters
resource_name – Name of the resource to load
api – API version
- Returns
dict
-
androguard.core.androconf.
make_color_tuple
(color)¶ turn something like “#000000” into 0,0,0 or “#FFFFFF into “255,255,255”
-
androguard.core.androconf.
remove_colors
()¶ Remove colors from the output (no escape sequences)
-
androguard.core.androconf.
rrmdir
(directory)¶ Recursivly delete a directory
- Parameters
directory – directory to remove
-
androguard.core.androconf.
save_colors
()¶
-
androguard.core.androconf.
set_options
(key, value)¶ Deprecated since version 3.3.5: Use
CONF[key] = value
instead
-
androguard.core.androconf.
show_logging
(level=20)¶ enable log messages on stdout
We will catch all messages here! From all loggers…
androguard.core.bytecode module¶
-
class
androguard.core.bytecode.
Buff
(offset, buff)¶ Bases:
object
-
class
androguard.core.bytecode.
BuffHandle
(buff)¶ Bases:
object
BuffHandle is a wrapper around bytes. It gives the ability to jump in the byte stream, just like with BytesIO.
-
add_idx
(idx)¶ Advance the current offset by idx
- Parameters
idx (int) – number of bytes to advance
-
end
()¶ Test if the current offset is at the end or over the buffer boundary
- Return type
bool
-
get_buff
()¶ Return the whole buffer
- Return type
bytearray
-
get_idx
()¶ Get the current offset in the buffer
- Return type
int
-
read
(size)¶ Read from the current offset a total number of size bytes and increment the offset by size
- Parameters
size (int) – length of bytes to read
- Return type
bytearray
-
readNullString
(size)¶ Read a String with length size at the current offset
- Parameters
size (int) – length of the string
- Return type
bytearray
-
read_at
(offset, size)¶ Read bytes from the given offset with length size without incrementing the current offset
- Parameters
offset (int) – offset to start reading
size (int) – length of bytes to read
- Return type
bytearray
-
read_b
(size)¶ Read bytes with length size without incrementing the current offset
- Parameters
size (int) – length to read in bytes
- Return type
bytearray
-
readat
(off)¶ Read all bytes from the start of off until the end of the buffer
This method can be used to determine a checksum of a buffer from a given point on.
- Parameters
off (int) – starting offset
- Return type
bytearray
-
save
(filename)¶ Save the current buffer to filename
Exisiting files with the same name will be overwritten.
- Parameters
filename (str) – the name of the file to save to
-
set_buff
(buff)¶ Overwrite the current buffer with the content of buff
- Parameters
buff (bytearray) – the new buffer
-
set_idx
(idx)¶ Set the current offset in the buffer
- Parameters
idx (int) – offset to set
-
size
()¶ Get the total size of the buffer
- Return type
int
-
-
androguard.core.bytecode.
FormatClassToJava
(i)¶ Transform a java class name into the typed variant found in DEX files.
example:
>>> FormatClassToJava('java.lang.Object') 'Ljava/lang/Object;'
- Parameters
i – the input class name
- Return type
str
-
androguard.core.bytecode.
FormatClassToPython
(i)¶ Transform a typed class name into a form which can be used as a python attribute
example:
>>> FormatClassToPython('Lfoo/bar/foo/Barfoo$InnerClass;') 'Lfoo_bar_foo_Barfoo_InnerClass'
- Parameters
i – classname to transform
- Return type
str
-
androguard.core.bytecode.
FormatDescriptorToPython
(i)¶ Format a descriptor into a form which can be used as a python attribute
example:
>>> FormatDescriptorToPython('(Ljava/lang/Long; Ljava/lang/Long; Z Z)V') 'Ljava_lang_LongLjava_lang_LongZZV
- Parameters
i – name to transform
- Return type
str
-
androguard.core.bytecode.
FormatNameToPython
(i)¶ Transform a (method) name into a form which can be used as a python attribute
example:
>>> FormatNameToPython('<clinit>') 'clinit'
- Parameters
i – name to transform
- Return type
str
-
class
androguard.core.bytecode.
Node
(n, s)¶ Bases:
object
-
androguard.core.bytecode.
PrettyShow
(m_a, basic_blocks, notes={})¶
-
androguard.core.bytecode.
PrettyShowEx
(exceptions)¶
-
androguard.core.bytecode.
disable_print_colors
()¶
-
androguard.core.bytecode.
enable_print_colors
(colors)¶
-
androguard.core.bytecode.
get_package_class_name
(name)¶ Return package and class name in a java variant from a typed variant name.
If no package could be found, the package is an empty string.
If the name is an array type, the array is discarded.
example:
>>> get_package_class_name('Ljava/lang/Object;') ('java.lang', 'Object') >>> get_package_class_name('[[Ljava/lang/Object;') ('java.lang', 'Object') >>> get_package_class_name('LSomeClass;') ('', 'SomeClass')
- Parameters
name – the name
- Return type
tuple
- Returns
-
androguard.core.bytecode.
method2dot
(mx, colors=None)¶ Export analysis method to dot format.
A control flow graph is created by using the concept of BasicBlocks. Each BasicBlock is a sequence of opcode without any jumps or branch.
- Parameters
mx –
MethodAnalysis
colors – dict of colors to use, if colors is None the default colors are used
- Returns
a string which contains the dot graph
-
androguard.core.bytecode.
method2format
(output, _format='png', mx=None, raw=None)¶ Export method structure as a graph to a specific file format using dot from the graphviz package. The result is written to the file specified via
output
.There are two possibilites to give input for this method:
1) use
raw
argument and pass a dictionary containing the keysname
,nodes
andedges
. This can be created usingmethod2dot()
. 2) give aMethodAnalysis
.This function requires pydot!
There is a special format
raw
which saves the dot buffer before it is handled by pydot.- Parameters
output (str) – output filename
_format (str) – format type (png, jpg …). Can use all formats which are understood by pydot.
mx (androguard.core.analysis.analysis.MethodAnalysis) – specify the MethodAnalysis object
raw (dict) – use directly a dot raw buffer if None
-
androguard.core.bytecode.
method2jpg
(output, mx, raw=False)¶ Export method to a jpg file format
- Parameters
output (string) – output filename
mx (
MethodAnalysis
object) – specify the MethodAnalysis objectraw (string) – use directly a dot raw buffer (optional)
-
androguard.core.bytecode.
method2json
(mx, directed_graph=False)¶ Create directed or undirected graph in the json format.
- Parameters
mx –
MethodAnalysis
directed_graph – True if a directed graph should be created (default: False)
- Returns
-
androguard.core.bytecode.
method2json_direct
(mx)¶ - Parameters
mx –
MethodAnalysis
- Returns
-
androguard.core.bytecode.
method2json_undirect
(mx)¶ - Parameters
mx –
MethodAnalysis
- Returns
-
androguard.core.bytecode.
method2png
(output, mx, raw=False)¶ Export method to a png file format
- Parameters
output (string) – output filename
mx (
MethodAnalysis
object) – specify the MethodAnalysis objectraw (string) – use directly a dot raw buffer
-
androguard.core.bytecode.
object_to_bytes
(obj)¶ Convert a object to a bytearray or call get_raw() of the object if no useful type was found.
-
androguard.core.bytecode.
vm2json
(vm)¶ Get a JSON representation of a DEX file
- Parameters
vm –
DalvikVMFormat
- Returns