j|DdZddlZddlZddlZddlZddlmZddlm Z ddl Z ddl m Z ddl mZmZmZmZmZmZmZmZejeeje jejd d d d d dZeejdddejddddejdddejdddejddejdddd Zeejdddejd!d"ejdd#ejddd$ejd%d&d'ejd(d)d*ejd+d,d-d.ejd/d0d1ejd2ddd34ejd5ddd34ejd6ddd74d8Zeejdddejddd9d:ejdejddd9d;ejdddd<=ejd>d?d@dAej gdBCejdDdEdddF4ejdGd)dHejdIdJdKdLZ!eejdMdNej gdOdPddQRejdSdTdUddddVWejdXdYddddZWejd[d\ejddd9]d^Z"eejd_d\ejddd]d_e#e$fd`Z%eejdadbejd!Cejd[ddejddd9cdde$d[e$fdeZ&eejddfde'dghejdYdide'djhejdkejddd9ldmZ(eejd[ddejddd9cejdndodgdpqejdrddds4dtZ)eejduddvejdndodgdpqdwZ*eejduddvejdndoddxgdpqdyZ+dzZ,d{Z-d|Z.e/e,ej0ej1ej2}Z3eejdejddd9d;ejddd~dejdej e#e34dddejdXdYdddejdddejdddejdddejdddejdddddZ5e6dkr edSdS)zAAndroguard is a full Python tool to reverse Android Applications.N)logger)Session)util)androarsc_mainandroaxml_main androdis_mainandrodump_mainandrolyze_mainandrosign_mainandrotrace_mainexport_apps_to_format)help)versionz --verbosez--debug verbosityverbosez Print more) flag_valuerc|tjdntjdtjdddS)NERRORINFOzandroguard.logz10 days) retention)rset_logradd)rs Y/home/ubuntu/.hermes/hermes-agent/venv/lib/python3.11/site-packages/androguard/cli/cli.py entry_pointrsI W V J9555555z--inputz-iinput_TF)exists file_okaydir_okayz3AndroidManifest.xml or APK to parse (legacy option))typerz--outputz-ozCfilename to save the decoded AndroidManifest.xml to, default stdoutz --resourcez-rzUResource (any binary XML file) inside the APK to parse instead of AndroidManifest.xmlfile_)requiredr c|%|#tdtjd|%|#tdtjd|t|||dS|t|||dSdS)a5 Parse the AndroidManifest.xml. Parsing is either direct or from a given APK and prints in XML format or saves to file. This tool can also be used to process any AXML encoded file, for example from the layout directory. Example: >>> androguard axml AndroidManifest.xml NJCan not give --input and positional argument! Please use only one of them!Give one file to decode!)printsysexitr)routputr!resources raxmlr,,sJ V/  +      } ()))   ufh/////  vvx00000  r)rz.resources.arsc or APK to parse (legacy option))r"z)filename to save the decoded resources toz --packagez-pzVShow only resources for the given package name (default: the first package name found)z--localez-lz>Show only resources for the given locale (default: '\x00\x00')z--typez-ttype_z7Show only resources of the given type (default: public)z--idid_zJResolve the given ID for the given locale and package. Provide the hex ID!z--list-packageszList all package names and exit)is_flagdefaultrz--list-localesz --list-typeszList all types and exitc N ddlm} m} m} |r*|r(t jdt jd|s*|s(t jdt jd|r|} n|} | | }|dkrT| | }| }|s(t j dt jdn|dkrzt| d 5}| |}|s(t j d t jdd d d n #1swxYwYn(t j d t jd|rS|dd kr |dd } t|d}nF#t $r9t#d|t jdYnwxYw||}|s#t#dt jdt#d||t#||D]P\}}t#d|s|nd|Qt jd|rHt#d|t jd|r|D]c}t#d|t#dt3dt5||dt jd| r|D]}t#d|t5||D]}t#d|dkrdn|t#dt3djt5|||t jdt;|||||d S)z Decode resources.arsc either directly from a given file or from an APK. Example: >>> androguard arsc app.apk r) androconfapkr,r$r%r&APKz*The APK does not contain a resources file!ARSCrbz'The resources file seems to be invalid!NzUnknown file type!@zBID '{}' could not be parsed! have you supplied the correct hex ID?z!Specified resource was not found!z@{:08x} resolves to '{}'z {} = '{}'z  z In Package:c<|dkrdnd|S)Nz \x00\x00z {})format)xs rzarsc..s& J+N!'q!1!1rz In Locale: {}r;z\x00\x00z {})outppackagetyplocale)androguard.corer2r3r,rinfor(r) is_androidr4get_android_resourceserroropen ARSCParserreadint ValueErrorr'r<get_resource_xml_nameget_resolved_res_configs is_default get_qualifierjoinget_packages_namesmapsorted get_locales get_typesr)rr!r*r@rBr-r. list_packages list_locales list_typesr2r3r,fnameret_typeaarscobjfpi_idnameconfigentryps rarscrdbs=\5444444444  X     % .///   ##E**H5 GGENN))++  LE F F F HQKKK V   %   "oobggii00G  FGGG                  )***   $ q6S==abb'C sB<>> androguard resources.arsc r)sessionr$)filer%r&r6N) androguardrjr'r(stderrr)rrHrrJr ) rr!r*rejarlimit decompilerrjrZsfds r decompilers%sIj#"""""   +     % (sz::::   A eT   b eRWWYY               %FE3 GLLLLLs)C  CCz--hashhash_)md5sha1sha256sha512rvzFingerprint Hash algorithm)r r0 show_defaultrz--allz-aprint_all_hasheszPrint all supported hashes)r/r0ryrz--showz-szLAdditionally of printing the fingerprints, show more certificate informationr3)nargsr c*t||||dS)z>> androguard trace test.APK -m "ipc/*" -m "webviews/*" -m "modules/**" >>> androguard trace test.APK -m "ipc/*" -m "webviews/*" -m "modules/**" --enable-ui FNr )r3modules enable_uis rtracers:C%33333r package_name)r0r"c(t||ddS)z Start dynamically an installed APK on the phone and start to trace all interesting methods from the modules list Example: >>> androguard dtrace package_name -m "ipc/*" -m "webviews/*" -m "modules/**" TNrrrs rdtracers*L'400000rz2androguard/pentest/modules/helpers/dump/dexdump.jsc&t||dS)zz Start and dump dynamically an installed APK on the phone Example: >>> androguard dump package_name N)r rs rdumprs*<)))))rc:tj||tS)zWrapper around nx.write_gml) stringizer)nx write_gmlstr)Gpaths r _write_gmlr-s <4C 0 0 00rcddl}t|d5}||||jddddS#1swxYwYdS)zWrapper around pickle dumprNwb)picklerHrHIGHEST_PROTOCOL)rrrfs r_write_gpickler2sMMM dD  3Q Aq&1222333333333333333333s?AAcddl}t|d5}|||ddddS#1swxYwYdS)zWrapper around yaml dumprNw)yamlrHr)rrrrs r _write_yamlr:sKKK dCA !Qs 9==)gmlgexfgraphmlnetz callgraph.gmlz!Filename of the output graph file)r0rz --output-type)case_sensitiverzType of the graph to output )r r0rz;instead of saving the graph file, render it with matplotlib)r0r/rz --classnamez.*zRegex to filter by classnamez --methodnamezRegex to filter by methodnamez --descriptorzRegex to filter by descriptorz --accessflagzRegex to filter by accessflagz --no-isolatedz'Do not store methods which has no xrefsc jddlm} ddlm} ddlm} | |\} } }t | | | z| z| z}t|}| ||||||}|r* ddl }ddlm}n-#t $r t#dt%YnwxYwt'j|}g}g}|D]=}t+|| r||(||>t'j||d|t'j||d |t'j||d d t'j||d d|jD||dS|}|t<vr't#d|dt?jdt=|||dS)z^ Create a call graph based on the data of Analysis and export it into a graph format. r)ExternalMethod)FormatClassToJava) AnalyzeAPKNzoPyQt5 or matplotlib is not installed. In most OS you can install it by running 'pip install PyQt5 matplotlib'. r)pos node_colornodelistbg?T)widtharrowsc\i|])}||d|jd|j*S) )get_class_namer` descriptor).0ns r zcg..sPa&&((BB16BBALBBr)r font_sizelabelsz+Could not find a method to export files to !r%) !androguard.core.analysis.analysisrandroguard.core.bytecoderandroguard.miscrrSget_activities get_providers get_services get_receiverslistget_call_graphPyQt5matplotlib.pyplotpyplot ImportErrorr'r)r spring_layout isinstanceappenddraw_networkx_nodesdraw_networkx_edgesdraw_networkx_labelsnodesdrawr~lower write_methodsr()r!r* output_typer~ classname methodnamer accessflag no_isolatedrrrr\ddx entry_points callgraphrpltrinternalexternalroutput_type_lowers rcgrMsBA@@@@@::::::******z%  HAq"  //    ..    //   L %%L!! I 3<  LLL + + + + + + +    C    FFFFF   y)) # #A!^,, #""""""""  33      33     y#SFFFF  "         (--// M 1 1 R>ORRR    HQKKK'(F;;;;;s0 B;;'C%$C%__main__)7__doc__rr(clicknetworkxrlogururandroguard.sessionrrrlrandroguard.cli.mainrrrr r r r r groupversion_option __version__optionrcommandPathargumentr,rdChoicersrrrrrrKrrrrrrrr write_gexf write_graphml write_pajekrkeysr__name__rrrs9 HG &&&&&&                     'j4555    66656    44% @ @ @ >  N  `   44% @ @ @ 11   .1>    4 9   4   .  M   B    U    *     *     "  FF         tFR    4%4 @ @ @ '  4%4 @ @ @       A +++ , ,     +   C  4 MM   ZMB    999 : :  %     %      4%4 @ @ @ 77 @7   44% @ @ @ )S ) ) )  )   = 4     4%4 @ @ @  !S!s!!!  !   7  G  4%4 @ @ @%% &%    4%4 @ @ @     -      4 4  ( 4       - 11 1      A B - ** *111 333        4%4 @ @ @    ,   dd=--//00 G G G  '      F   '   (   (   (    2  Y<Y<        fY