androlyze.analyze package¶
Subpackages¶
Submodules¶
androlyze.analyze.AnalyzeUtil module¶
-
androlyze.analyze.AnalyzeUtil.
analyze_apk
(eandro_apk, scripts, min_script_needs, propagate_error=False, reset_scripts=True)[source]¶ Analyze the eandro_apk with the given scripts assuming each AndroScript neads at least min_script_needs.
Be sure that you reseted the scripts!
Parameters: eandro_apk : EAndroApk
The apk.
scripts : iterable<AndroScript>
The scripts to use for the analysis.
min_script_needs : tuple<bool>
See :py:meth:ScriptUtil.get_maximal_script_options`
propagate_error : bool, optional (default is False)
If true propagate errors.
reset_scripts : bool, optional (default is True)
If given, reset the AndroScript before analyzing.
Returns: list<FastApk, list<AndroScript>>
Uses FastApk to only store the meta information, not the apk data!
None
If error happened.
-
androlyze.analyze.AnalyzeUtil.
analyze_apk_ana_objs
(ana_objs, time_s, eandro_apk, scripts, propagate_error=False, reset_scripts=True)[source]¶ Analyze the eandro_apk with the given scripts assuming each AndroScript neads at least min_script_needs.
Be sure that you reseted the scripts!
Parameters: eandro_apk : EAndroApk
The apk.
scripts : iterable<AndroScript>
The scripts to use for the analysis.
propagate_error : bool, optional (default is False)
If true propagate errors.
reset_scripts : bool, optional (default is True)
If given, reset the AndroScript before analyzing.
Returns: list<FastApk, list<AndroScript>>
Uses FastApk to only store the meta information, not the apk data!
None
If error happened.
-
androlyze.analyze.AnalyzeUtil.
analyze_dex
(filepath_or_raw, needs_dalvik_vm_format=True, needs_vm_analysis=True, needs_gvm_analysis=True, needs_xref=True, needs_dref=True, raw=False, decompiler='dad')[source]¶ Open the classes.dex file needs_dalvik_vm_format and set up an analyzer for it needs_vm_analysis.
Parameters: filepath_or_raw : path to file or raw data
Set raw to True if filepath_or_raw is raw data.
needs_dalvik_vm_format : bool, optional (default is True)
needs_vm_analysis : bool, optional (default is True)
needs_gvm_analysis : bool, optional (default is True)
needs_xref : bool, optional (default is True)
needs_dref : bool, optional (default is True)
raw : bool, optional (default is False)
decompiler : str, optional (default is “dad”)
Returns: tuple<DalvikVMFormat, VMAnalysis, GVMAnalysis>
Raises: DexError
If an error occurred while creating the analysis objects.
-
androlyze.analyze.AnalyzeUtil.
apk_gen
(apks_or_paths)[source]¶ Helper function that checks every element of apks_or_paths if its a path or already an Apk.
Parameters: apks_or_paths: list<str> or list<Apk>, optional (default is [])
List of Apk or paths to the apks which shall be analyzed with the given scripts If you analyze from paths the import_date is not set!
Returns: generator<tuple<str, Apk, bool>>
Path to .apk, instance of Apk, bool what determines if current element of apks_or_paths is an Apk
-
androlyze.analyze.AnalyzeUtil.
apk_id_or_raw_data_gen
(apk_gen, force_raw_data=False)[source]¶ Generator over the .apk files if only path given (or force_raw_data). Otherwise generator over the apk ids.
Errors will be logged!.
Parameters: apk_gen : iterable<tuple<str, Apk, bool>>
force_raw_data : bool, optional (default is False)
If true, force to yield zipfile rather than hash.
Returns: generator<tuple<object, bool>>
Raw zip file or id. Second component of tuples indicates that the generator is other the id’s rather than over the zip files. Last is an Apk object.
-
androlyze.analyze.AnalyzeUtil.
apk_zipfile_gen
(apk_gen)[source]¶ Generator over the .apk files (raw data). Errors will be logged!.
Parameters: apk_gen : iterable<tuple<str, Apk, bool>>
-
androlyze.analyze.AnalyzeUtil.
eandro_apk_gen
(apk_gen)[source]¶ Generator over EAndroApk.
Parameters: apk_gen : iterable<tuple<str, Apk, bool>>
-
androlyze.analyze.AnalyzeUtil.
open_apk
(apk_or_path=None, apk=None, raw=False, path=None)[source]¶ Open apk and set meta information from apk
Parameters: apk_or_path : str, optional (default is None).
Path to apk.
apk : Apk, optional (default is None)
If given, take the meta infos from apk. So we don’t need to recompute the hash. At least if apk_or_path.
raw : bool, optional (default is False)
If specified, use apk as raw .apk data.
path : str, optional (default is None)
Can be used for raw to set the path of the EAndroApk. If not given, won’t be set.
Returns: EAndroApk
None
If apk could not be opened.
-
androlyze.analyze.AnalyzeUtil.
show_n_inc_progress
(total_cnt, tasks_per_chunk=1)[source]¶ Infinite generator over the cnt of analyzed apks. Also shows progress and time elapsed on run. Call it once before the first result is available (show 0 progress). Otherwise count will be wrong! If the progress is 1.0, the progress conut will not be increased any further and the total_cnt will be returned.
Parameters: total_cnt : int
tasks_per_chunk : int, optional (default is 1)
Number of subtasks a task (chunk) contains.
Returns: int
Number of analyzed apks
-
androlyze.analyze.AnalyzeUtil.
store_script_res
(storage, script, apk)[source]¶ Store script results to disk and result database.
Apk’s which haven’t been imported, won’t get imported into the database! But of course the results will be stored.
Parameters: storage : RedundantStorage
script : AndroScript
apk : Apk
Returns: Raises: StorageException
androlyze.analyze.Analyzer module¶
-
class
androlyze.analyze.Analyzer.
Analyzer
(storage, script_list, script_hashes, *args, **kwargs)[source]¶ Bases:
androlyze.analyze.BaseAnalyzer.BaseAnalyzer
Non-parallel analyzer
Attributes
Methods
androlyze.analyze.BaseAnalyzer module¶
-
class
androlyze.analyze.BaseAnalyzer.
BaseAnalyzer
(storage, script_list, script_hashes, min_script_needs, apks_or_paths, cnt_apks=None, storage_results=None, **kwargs)[source]¶ Bases:
object
Base analyzer which offers functions for analyzing an apk file with the help of androguard. It can use scripts that derive from AndroScript.
Attributes
Methods
-
add_storage_result
(res)[source]¶ Add res to the storage_results.
Parameters: res : tuple<str, bool>
Storage results. First component is the id of the entry and the second a boolean indication if the result has been stored in gridfs.
-
analyze
(*args, **kwargs)[source]¶ Start the analysis and store the results in the predefined place.
Returns: int
Number of analyzed apks
-
apks_or_paths
¶ iterable<str> or list<Apk>, optional (default is []) : List of Apk or paths to the apks which shall be analyzed with the given scripts. If you analyze from paths the import_date is not set!
-
cnt_analyzed_apks
¶ Value<int> : Shared memory integer showing the count of already analyzed apks
-
get_total_cnt
()[source]¶ Return the total number of apks to analyze.
Returns: multiprocessing.Value
Shared memory count.
-
min_script_needs
¶ tuple<bool> : See :py:method:`ScriptUtil.get_maximal_script_options`.
-
script_hashes
¶ list<str>, optional (default is None) : If given, set the hash for the `AndroScript`s
-
storage
¶ StorageInterface : The storage to store the results.
-
storage_results
¶ Queue<tuple<str, bool>> : Storage results. First component is the id of the entry and the second a boolean indication if the result has been stored in gridfs.
-