androlyze.model.script.util package

Submodules

androlyze.model.script.util.AnaUtil module

androlyze.model.script.util.AnaUtil.ast_for_method_analysis(method_analysis)[source]

Create the abstract syntax tree.

Parameters:

method_analysis: androguard.androguard.core.analysis.analysis.MethodAnalysis
Returns:

dict

The abstract syntax tree of the method_analysis.
androlyze.model.script.util.AnaUtil.ast_for_pathp(pathp, dalvik_vm_format, vm_analysis, caller=True)[source]

Disassemble either the caller or callee.

Parameters:

pathp: androguard.androguard.core.analysis.analysis.PathP

Edge in method call graph.

dalvik_vm_format: DalvikVMFormat

Parsed .dex file.

vm_analysis: VMAnalysis

Dex analyzer.

caller: bool, optional (default is True)

Use the src of the pathp, hence disassemble the caller. Otherwise the dst is used.
Returns:

str

The disassembled method.

None

N/A
androlyze.model.script.util.AnaUtil.ast_get_containing_collection(iterable, pattern)[source]

Check the structure recursive for matches with the regex pattern and return the collection that contains the match.

Parameters:

iterable: iterable

pattern: str

Regex
Returns:

iterable
androlyze.model.script.util.AnaUtil.check_instructions_one(instructions, func)[source]

Check if at least one instruction matches with func.

Parameters:

instructions: iterable<androguard.core.bytecodes.dvm.Instruction>

func: Instruction -> Bool
Returns:

bool
androlyze.model.script.util.AnaUtil.check_method_contains_string(enoded_method, regexp, lowercase=True, all_findings=False)[source]

Check if the encoded_method contains the string in the instruction output.

Parameters:

enoded_method: androguard.core.bytecodes.dvm.EncodedMethod

regexp: str

lowercase: boolean, optional (default is True)

Convert the string on which shall be matched beforehand to lowercase

all_findings : bool, optional (default is False)

If true, return a list of all match objects
Returns:

re match object

If not all_findings.

list<re match object>

Else
androlyze.model.script.util.AnaUtil.check_own_method_implementation(apk, encoded_method)[source]

Check if the encoded_method is implemented in an own package (no third party)

androlyze.model.script.util.AnaUtil.convert_dalvik_pn_to_java_pn(dalvik_pn, ignore_inner_class=True)[source]

Convert e.g. “Lde/uni_marburg/ipcinetcallee/InetActivity$HTTPGetTask;” to “de.uni_marburg.ipcinetcall.InetActivity”

Parameters:

ignore_inner_class : bool, optional (default is True)

Strip inner class names like $HTTPGetTask
Returns:

str
androlyze.model.script.util.AnaUtil.convert_java_pn_to_dalvik(java_pn)[source]

Convert e.g. “de.uni_marburg.ipcinetcall.InetActivity” to “Lde/uni_marburg/ipcinetcallee/InetActivity;”

Parameters:

java_pn: str

Package name separated with ”.”
Returns:

str
androlyze.model.script.util.AnaUtil.decompile_method_analysis(method_analysis)[source]

Decompile the method_analysis object

Parameters:

method_analysis: androguard.androguard.core.analysis.analysis.MethodAnalysis
Returns:

str

The decompiled method
androlyze.model.script.util.AnaUtil.decompile_pathp(pathp, dalvik_vm_format, vm_analysis, caller=True, show_class=True)[source]

Decompile either the caller or callee

Parameters:

pathp: androguard.androguard.core.analysis.analysis.PathP

Edge in method call graph.

dalvik_vm_format: DalvikVMFormat

Parsed .dex file.

vm_analysis: uVMAnalysis

Dex analyzer.

caller: bool, optional (default is True)

Use the src of the pathp, hence decompile the caller. Otherwise the dst is used.

show_class : bool, optional (default is True)

Include the package name in the decompilation.
Returns:

str

The decompiled method

None

N/A
androlyze.model.script.util.AnaUtil.disassemble_encoded_method(encoded_method)[source]

Create the disassemble of the encoded_method

Parameters:

encoded_method : androguard.androguard.core.bytecodes.dvm.EncodedMethod
Returns:

str

The disassembled method
androlyze.model.script.util.AnaUtil.disassemble_pathp(pathp, dalvik_vm_format, caller=True)[source]

Disassemble either the caller or callee.

Parameters:

pathp: androguard.androguard.core.analysis.analysis.PathP

Edge in method call graph.

dalvik_vm_format: DalvikVMFormat

Parsed .dex file.

caller: bool, optional (default is True)

Use the src of the pathp, hence disassemble the caller. Otherwise the dst is used.
Returns:

str

The disassembled method.

None

N/A

See :py:method:`.disassemble_encoded_method`
androlyze.model.script.util.AnaUtil.filter_own_implementations(apk, dalvik_vm_format, pathp_list)[source]

Filter the PathP objects which are inside the apk package

Parameters:

apk: Apk

The apk representation

dalvik_vm_format: DalvikVMFormat

Parsed .dex file.

pathp_list: list<androguard.androguard.core.analysis.analysis.PathP>
Returns:

list<androguard.androguard.core.analysis.analysis.PathP>
androlyze.model.script.util.AnaUtil.fmt_encoded_method(encoded_method)[source]

Return a string represenation of encoded_method.

Parameters:encoded_method : androguard.androguard.core.bytecodes.dvm.EncodedMethod
Returns:str

Module contents