-
Notifications
You must be signed in to change notification settings - Fork 0
/
main_LargeVM.py
115 lines (99 loc) · 4.21 KB
/
main_LargeVM.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
'''
Created on Sep 9, 2012
@author: psachdev
'''
#import manager
import namespaceanalyzer
import permission
import SearchIntents
import DbManager
import logging
import sys
from androguard.core.bytecodes import apk
from androguard.core.bytecodes import dvm
from androguard.core.analysis.analysis import *
from multiprocessing import Pool, get_logger
def handler (signum, sigframe):
raise Exception ("Killed");
def analyze((apkEntry, OUT)):
try:
OUT = OUT + '/'
fileName = apkEntry['packageName'] + '.apk'
path = apkEntry['fileDir']
print "FileName Analyzed :" + fileName
tokens = namespaceanalyzer.NameSpaceMgr.GetTokensStatic (path, '/')
category = tokens [len (tokens) - 1]
#print category
filename = path + '/' + fileName
outFileName = '/package.txt'
outFileName = OUT + outFileName
instance = namespaceanalyzer.NameSpaceMgr()
try:
a = apk.APK(filename, zipmodule=1)
except:
a = apk.APK(filename, zipmodule=2)
d = dvm.DalvikVMFormat (a.get_dex())
dx = uVMAnalysis (d)
#remove old db entry in static analysis db
dbMgr.deleteEntry(apkEntry['packageName'])
packages = instance.execute (filename, outFileName, dbMgr, fileName, category, a, d, dx)
outfile_perm = '/permissions.txt'
outfile_perm = OUT + outfile_perm
permission.StaticAnalyzer (filename, outfile_perm, packages, dbMgr, fileName, a, d, dx)
outfile_links = '/links.txt'
outfile_links = OUT + outfile_links
SearchIntents.Intents(filename, outfile_links, packages, dbMgr, fileName, a, d, dx);
dbMgr.androidAppDB.apkInfo.update({'packageName':apkEntry['packageName']}, {'$set': {'isApkUpdated': False}})
return apkEntry['packageName']
except:
logger.error("\n")
logger.error("=======================================================================")
logger.error("\n")
logger.exception("Main : Exception occured for " + apkEntry['packageName'])
return ""
if __name__ == '__main__':
if len(sys.argv) < 3:
print "Usage: python main_LargeVM.py log_file_dir apk_list_file"
sys.exit(1)
OUT = sys.argv[1]
isParallel = False
#for parallel running on multiple instances
apkListFile = None
if len(sys.argv) > 2:
apkListFile = sys.argv[2]
isParallel = True
#in case the crawler breaks, append to the list.
analyzedApkFile = open(OUT + '/' + 'filelist.txt', 'a+')
'''
Database Handle used to insert fields
'''
dbMgr = DbManager.DBManagerClass()
'''
Example of how the various entrie are made into the database
dbMgr.insert3rdPartyPackageInfo("testpackage", "testfilename", "testexternalpackage")
dbMgr.insertPermissionInfo('testpackage', 'testfilename', 'testpermission', True, 'testdest', 'testexternalpackagename', 'testsrc')
dbMgr.insertLinkInfo('testpackage', 'testfilename', 'testlink', True, 'testdest', 'testexternalpackagename')
'''
logger = get_logger()
logFileHandler = logging.FileHandler(OUT + '/exceptions.log')
logFormat = logging.Formatter("%(levelname)s %(asctime)s %(funcName)s %(lineno)d %(message)s")
logFileHandler.setLevel(logging.DEBUG)
logFileHandler.setFormatter(logFormat)
logger.addHandler(logFileHandler)
apkList = []
if isParallel:
apkList_f = open(apkListFile)
for line in apkList_f:
pair = line.rstrip('\n').split(' ')
apkList.append({'packageName': pair[0], "fileDir": pair[1].replace("/home/lsuper/apk_data", "/home/ubuntu")})
apkList_f.close()
else:
apkList = list(dbMgr.androidAppDB.apkInfo.find({'isApkUpdated':True},{"fileDir":1, 'packageName':1}))
apkList = [(entry, OUT) for entry in apkList]
#apkList = [({'packageName': line.rstrip('\n').replace(".apk",''), 'fileDir': '../downloads/'}, OUT) for line in open("apkList").readlines()]
numberOfProcess = 4
pool = Pool(numberOfProcess)
for packageName in pool.imap(analyze, apkList):
if packageName != "":
analyzedApkFile.write(packageName + '\n')
analyzedApkFile.flush()