jKddlZddlZddlZddlZddlmZddlmZddlm Z ddl m Z ddl m Z ddlmZddlmZmZdd lmZmZdd lmZdd lmZdd lmZdd lmZmZmZ d7de dee dfdee dfddfdZ! d8dedee dfdee dfdee dfdee dfddf dZ" d9de dede dee dfde#dee dfdee dfddfd Z$d!e de fd"Z%d#e ddfd$Z&d%ede ddfd&Z'd'e(e d(e d)e#d*e#ddf d+Z)d,e*d-e*d.e ddfd/Z+ d:d0e d1e(e d2e#d3e#ddf d4Z,d5e d1e(e ddfd6Z-dS);N)Union)logger)etree) highlight)TerminalFormatter)get_lexer_by_name) androconfapk) ARSCParser AXMLPrinter)get_bytecodes_methodSession) DynamicUI)calculate_fingerprint parse_publicreadFileinpoutpresourcereturnctj|}|dkrtj|}|r||jvrGt jd|tj tj dt| | }np|}n[d|vr/tt| }n(t jdtj dt!j|dd }|r@t%|d 5}||ddddS#1swxYwYdStjt+|d t/d t1dS) NAPKz+The APK does not contain a file called '{}'filez.xmlzUnknown file typeTzutf-8 pretty_printencodingwbUTF-8xml)r is_androidr rfilesrerrorformatsysstderrexitr get_file get_xml_objget_android_manifest_xmlrrtostringopenwritestdoutrdecoderr)rrrret_typeaaxmlbufffds Z/home/ubuntu/.hermes/hermes-agent/venv/lib/python3.11/site-packages/androguard/cli/main.pyandroaxml_mainr8s#C((H5 GCLL  0qw&& AHH    qzz(3344@@BBDD--//DD 38C==))5577 ()))  >$TG D D DD  $    HHTNNN                     G$$!%((!##       sE22E69E6arscobjpackagetyplocalec|p|d}|pd}|pd}t|d|sBtd|tjt jdt|d|zd z||}tj tj |d d }|r@t|d 5}| |ddddS#1swxYwYdStj t|d t!dt#dS)Nrpubliczzget_{}_resourcesz:No decoder found for type: '{}'! Please open a bug report.rrget_ _resourcesTr!rr r")get_packages_nameshasattrr&printr'r(r)getattrrr- fromstringr.r/r0rr1rr) r9rr:r;r<ttypexr5r6s r7androarsc_mainrHBs83355a8G O8E  !zF 7.55e<< = = H O O        7%,677HHA > $   D  $    HHTNNN                     G$$!%((!##       s%DD D Ffilenamesoutputmethods_filterjardecompiler_typeformc ddlm}m}ddlm} ddlm} td||tj |s'td|ztj |n td|d } | d kr8td t!j|tj |n&| d krtd ntdd} |rt%j|} g} |D]\}}}tddt*j|dkr]|| |t jdt jdt jdn%|dkr\|| |t jdt jdt jdn|dkrK|| |t jdt jdnr|dkrl|| |t jdt jdt jdt jdtd|rtdd| |t jdt jd}tAj!|tj "|dtd|#D]6}| rcd |$|%|&}| '|shtQtS|$}tj "||}tU|td!|$|%|&d| tj "||+}||,|}|r(td"|zd||d#z|z|d|tS|$| vrtd$d|-|$}tQtS|%}tj "||d%z}t]|d&5}|/|0dddn #1swxYwY| 1|$td'dte|||}t]|d(zd&5}|/|dddn #1swxYwYt8dS))Nr) method2dot method2format) decompiler)clean_file_namezDump information {} in {}zCreate directory %sTz#Do you want to clean the directory z ? (Y/N): yz Deleting...nz Not deleting.z#Invalid input. Please enter Y or N.zDecompilation ... enddex2jad BIN_DEX2JARBIN_JAD TMP_DIRECTORY dex2winejad BIN_WINEJADdedBIN_DEDdex2fernflowerBIN_FERNFLOWEROPTIONS_FERNFLOWEREndzjar ...z classes.jarz{}{}{}zDump {} {} {} ...z%s ....zsource codes ...z.javawz bytecodes ...z.ag)3androguard.core.bytecoderQrRandroguard.decompilerrSandroguard.miscrTrCr&ospathexistsmakedirsinputstriplowerr rrmdirrecompileget_objects_dexr'r0flushset_decompilerDecompilerDex2JadCONFDecompilerDex2WineJad DecompilerDedDecompilerDex2FernflowerDex2Jarget_jarshutilmovejoinget_encoded_methodsget_class_nameget_nameget_descriptorsearchvalid_class_namestrcreate_directoryget_short_string get_method get_classr.r/ get_sourceappendr )rIrJrKrLrMrNrOrQrRrSrT user_inputmethods_filter_expr dump_classes_vmvmx filenamejarmethodmsigfilename_classr5 current_classcurrent_filename_classr6 bytecode_buffs r7export_apps_to_formatrnsZCBBBBBBB000000////// % , ,Xv > >??? 7>>& ! != #f,--- F =MFMMMNN  S  m$$$ ((( F###s""o&&&;<<>' " " GrsessioncRddl}ddl}ddlm}ddlm}ddlm}ddlm}m }ddl m } | |r(tjd|n| d x|d <|rd t j|tjd t'j|} tjd| | dvrtj|jdz|jzt0jtjdtjdtjt5|t7nt9|d5} | } dddn #1swxYwY|| } tjd| | dkrtjd| \}}}t7dt7|t7dt7|t7dt7|t7dt7|t7n| dvrtjd D]\}}}| |krnt7dt7|t7dt7|t7d#fd }|}d |}||d!|"}|!||dS)$z Start an interactive shell :param session: Session file to load :param filename: File to analyze, can be APK or DEX (or ODEX) rN)Fore)embed)Config)ANDROGUARD_VERSIONryrzTODO: Restoring session '{}'...T)export_ipythonSESSIONzLoading apk {}...z+Please be patient, this might take a while.z'Found the provided file is of type '{}')DEXDEYrzHThis file type is not supported by androlyze for auto loading right now!rz!But your file is still available:z >>> filenamerb!Added file to session: SHA256::{}rzLoaded APK file...)digestz>>> az>>> dz>>> dx)rrzLoaded DEX file...rc$sdS td}|dkr8}t d|dSdS#t tf$rYdSwxYw)z#Save the session on exit, if wantedNz)Do you want to save the session? (y/[n])?rUzSaved Session to file: '{}')isOpenrorqsaverCr&EOFErrorKeyboardInterrupt)resfnamerJs r7 shutdown_hookz%androlyze_main..shutdown_hook`sxxzz  F CCDDJJLLCczz3::5AABBBBB z+,    DD s!A::BBzAndroguard version {}z {} started)configbanner1)rN)"atexitcoloramarIPython.terminal.embedrtraitlets.configrandroguard.core.androconfrryandroguard.sessionrinitrinfor&rkrlbasenamer r#r%REDRESETr'r(reprrCr.readaddget_objects_apkruregister)rrIrrrrrrryrfiletypefprawhr3ddxh_rcfg_version_stringipshellrJs @r7androlyze_mainrsMMMOOO,,,,,,''''''BBBBBBBB****** MMOOO; 5<$> ? ? ? ABBB'11 =DDXNNOOO 0 0 0 L\]*Z      L< = = = L ( ( ( Lh ( ( ( GGGGh%% ggii               h$$A K;BB1EE F F F5   0111,,A,661bn%%%hgagahb ^++ 0111!"!2!2!4!4IB2Bwwgahb CCCCCC &((C-445GHHOe3 (;(;O(L(LMMMG OOM""" GIIIIIsF;;F?F?args_apk args_hashargs_allshowc  ddl}ddl}ddl}ddlm}m}ddlm} m} ddl m } ddl m } t|j|j|j|j} || vrt'd|t*jt'd d | t*jt+jd |D]3} | |t'd t2j|t'd t'dt'dtA!"zfd#Dz}tA$%z}tM|dkr/t'dtM||D]}|r|j'(|}t'd| |j)dt'd| |j*dt'dtW|j,t'd|j-t'd|j.t'd|dddj/t'd|dddj/|sit'd|| ||0nX| 1D]C\}}t'd|||0Dt'tM|dkr/t'd tM||D]}|rte|}t'd!|j3t'd"|j4t'd#tk|+ t'd$|j-n#tl$r }Yd}~nd}~wwxYwt'n#t'| j7d%t2j|z| j8zt*j|9t*jYnxYwtM|d krt'5dS)&Nr)keysx509)rStyle)r)get_certificate_name_string)md5sha1sha256sha512zHash function {} not supported!rz Use one of {}z, rz{}, package: '{}'zIs signed v1: {}zIs signed v2: {}zIs signed v3: {}c:g|]}|S)get_certificate_der).0rGr3s r7 z"androsign_main..s'MMM1((++MMMrzFound {} unique certificateszIssuer:T)shortzSubject:zSerial Number:zHash Algorithm:zSignature Algorithm:zValid not before:tbs_certificatevalidity not_beforezValid not after: not_afterz{} {}z5Found {} unique public keys associated with the certsz Algorithm: z Bit size: z Fingerprint: zHash Algorithm: z Error in {}):binasciihashlib traceback asn1cryptorrrrrandroguard.core.apkrandroguard.utilrdictrrrrrqrCr&r'r(rr)rkrlr get_package is_signed_v1 is_signed_v2 is_signed_v3setget_certificates_der_v3get_certificates_der_v2get_signature_namesget_public_keys_der_v3get_public_keys_der_v2len Certificateloadissuersubjecthex serial_number hash_algosignature_algonative hexdigestitemsr algorithmbit_sizer ValueErrorr RESET_ALL print_exc)rrrrrrrrrrrrr hashfunctionsrlcertspkeyscert x509_certkv public_key parsed_keyver3s @r7androsign_mainrwsOOONNN%%%%%%%%$$$$$$$$'''''';;;;;; K \~~ M -- - 4 4Y__5F5F G G       " "499]-?-?-A-A#B#B C C      dd` 1D A #**G$$T**AMMOO    $++ANN,<,<== > > > $++ANN,<,<== > > > $++ANN,<,<== > > >))++++--.MMMMQ5J5J5L5LMMMNE ((**Q-E-E-G-GGE5zzA~~4;;CJJGGHHH) )  $ 0 5 5d ; ;I!33%,D "33%-T *C 0G,H,HIII+Y-@AAA0)2JKKK+!"34Z@(  *!"34Z@'  F%OO-- (<>>???#>?? & &Alb#Y.C8888s q||~~% & & & &s 8<<apk_file list_moduleslive enable_uic|ddlm}ddlm}|}|syt |d5}|}dddn #1swxYwY|||} tjd | |} | | | |||||r{tj dddlddlmdd lm} m} dt+| jd | ffd } | | dStjd d}|dkr?| s/t5d}|dkr| )dSdSdSdS)NrPentestrrr)r3r)get_app)InputHookContextset_eventloop_with_inputhookinputhook_contextc|s\rnd|ZdSdS)Ng?)input_is_ready process_data invalidatesleep)r;r8timeuis r7 inputhookz"androtrace_main..inputhookJs}'6688 $??$$$GII((****JJsOOO (6688 $ $ $ $ $r)rCzType 'e' to exit the strace ezType 'e' to exit:)androguard.pentestr7rrr.rrrrr& print_devicesconnect_default_usb start_traceremoverAprompt_toolkit.applicationr8"prompt_toolkit.eventloop.inputhookr9r:r@r message_queuerunwarning is_detachedro)r1r2r3r4r7rrJrrrpr9r:rCr8rArBs @@@r7androtrace_mainrR%s[ +*********** A C (D ! ! R''))C                EE(C  7>>qAABBB AOOMM(A|$M777+ a 666666        1 q ' ' $)9 $ $ $ $ $ $ $ $ %$y9999 5666 Cxx!--//x)**ACxx!--//xxxxxxxxxsA  AA package_namecddlm}ddlm}|}|}||||||dddS)Nrr6rT)r3dump)rFr7rrrGrHrI)rSr2r7rrJrQs r7androdump_mainrV[s************ A AOOMM,rcs ::::::------********98888888444444&&&&&&######IIIIIIIIIIKO% % % #t)$% 7