First commit

author: jvoisin 2022-09-03 15:27:53 +0200
committer: jvoisin 2022-09-03 15:27:53 +0200
commit: 2d6d30a2d11704df48c4bb46b75243d582bcc4c8 (patch)
tree: 8af5040ea0ff443157b1856c6b29f9d86ffc22e8 /karton/android/android.py
1 files changed, 45 insertions, 0 deletions
diff --git a/karton/android/android.py b/karton/android/android.py
new file mode 100644
index 0000000..be4a11a
--- /dev/null
+++ b/karton/android/android.py
@@ -0,0 +1,45 @@
+import sys
+import androguard
+from karton.core import Karton, Task
+from .__version__ import __version__
+class Android(Karton):
+    """
+    Augment apk files with various information.
+    """
+    identity = "karton.android"
+    version = __version__
+    filters = [
+        {"type": "sample", "extension": "apk"},
+    ]
+    def process(self, task: Task) -> None:
+        sample = task.get_resource("sample")
+        a = androguard.core.bytecodes.apk.APK(sample)
+        if not a.is_valid_APK():
+            self.log.info("Not a valid APK file.")
+            return
+        metadata = {
+           'package': a.package,
+           'sample': sample,
+           'activities': a.get_activites(),
+           'main_activity': a.get_main_activity(),
+           'permissions': a.get_permissions(),
+        }
+        if a.is_signed() or a.is_signed_v3():
+            metadata['certificate'] = a.get_certificates()[0].sha1_fingerprint.replace(" ", "")
+        self.send_task(
+            Task(
+                headers={"type": "sample", "stage": "analyzed"},
+                payload=metadata)
+            )
+if __name__ == "__main__":
+    Android().loop()
author	jvoisin	2022-09-03 15:27:53 +0200
committer	jvoisin	2022-09-03 15:27:53 +0200
commit	2d6d30a2d11704df48c4bb46b75243d582bcc4c8 (patch)
tree	8af5040ea0ff443157b1856c6b29f9d86ffc22e8 /karton/android/android.py

diff --git a/karton/android/android.py b/karton/android/android.py new file mode 100644 index 0000000..be4a11a --- /dev/null +++ b/karton/android/android.py
@@ -0,0 +1,45 @@
	1	import sys
	2
	3	import androguard
	4	from karton.core import Karton, Task
	5
	6	from .__version__ import __version__
	7
	8	class Android(Karton):
	9	"""
	10	Augment apk files with various information.
	11	"""
	12
	13	identity = "karton.android"
	14	version = __version__
	15	filters = [
	16	{"type": "sample", "extension": "apk"},
	17	]
	18
	19	def process(self, task: Task) -> None:
	20	sample = task.get_resource("sample")
	21
	22	a = androguard.core.bytecodes.apk.APK(sample)
	23	if not a.is_valid_APK():
	24	self.log.info("Not a valid APK file.")
	25	return
	26
	27	metadata = {
	28	'package': a.package,
	29	'sample': sample,
	30	'activities': a.get_activites(),
	31	'main_activity': a.get_main_activity(),
	32	'permissions': a.get_permissions(),
	33	}
	34
	35	if a.is_signed() or a.is_signed_v3():
	36	metadata['certificate'] = a.get_certificates()[0].sha1_fingerprint.replace(" ", "")
	37
	38	self.send_task(
	39	Task(
	40	headers={"type": "sample", "stage": "analyzed"},
	41	payload=metadata)
	42	)
	43
	44	if __name__ == "__main__":
	45	Android().loop()