Second commit

author: jvoisin 2022-09-03 16:00:53 +0200
committer: jvoisin 2022-09-03 16:42:39 +0200
commit: 2bc593e990e2915d63503df8d4be72d10fa77e9d (patch)
tree: 61a6aa1fe7c84aeb995a4e13cc5962389fea56aa /karton
parent: 2d6d30a2d11704df48c4bb46b75243d582bcc4c8 (diff)
1 files changed, 20 insertions, 17 deletions
diff --git a/karton/android/android.py b/karton/android/android.py
index be4a11a..b05bce2 100644
--- a/karton/android/android.py
+++ b/karton/android/android.py
@@ -1,13 +1,12 @@
-import sys
+import androguard.core.bytecodes.apk  # type: ignore
+from karton.core import Karton, Task  # type: ignore
-import androguard
-from karton.core import Karton, Task
 from .__version__ import __version__
 class Android(Karton):
    """
-    Augment apk files with various information.
+    Augment apk files with various metadata.
    """
    identity = "karton.android"
@@ -19,27 +18,31 @@ class Android(Karton):
    def process(self, task: Task) -> None:
        sample = task.get_resource("sample")
-        a = androguard.core.bytecodes.apk.APK(sample)
+        a = androguard.core.bytecodes.apk.APK(sample.content, raw=True)
        if not a.is_valid_APK():
            self.log.info("Not a valid APK file.")
            return
        metadata = {
-           'package': a.package,
+            "package": [a.package],
-           'sample': sample,
+            "activities": sorted(a.get_activities()),
-           'activities': a.get_activites(),
+            "main_activity": [a.get_main_activity()],
-           'main_activity': a.get_main_activity(),
+            "permissions": sorted(a.get_permissions()),
-           'permissions': a.get_permissions(),
        }
        if a.is_signed() or a.is_signed_v3():
-            metadata['certificate'] = a.get_certificates()[0].sha1_fingerprint.replace(" ", "")
+            certs = a.get_certificates()
+            if len(certs):
+                cert = certs[0]
+                sha1_cert = cert.sha1_fingerprint.replace(" ", "")
+                metadata["certificate"] = [sha1_cert]
        self.send_task(
            Task(
-                headers={"type": "sample", "stage": "analyzed"},
+                headers={
-                payload=metadata)
+                    "type": "sample",
+                    "stage": "analyzed",
+                },
+                payload={"attributes": metadata},
            )
+        )
-if __name__ == "__main__":
-    Android().loop()
author	jvoisin	2022-09-03 16:00:53 +0200
committer	jvoisin	2022-09-03 16:42:39 +0200
commit	2bc593e990e2915d63503df8d4be72d10fa77e9d (patch)
tree	61a6aa1fe7c84aeb995a4e13cc5962389fea56aa /karton
parent	2d6d30a2d11704df48c4bb46b75243d582bcc4c8 (diff)

diff --git a/karton/android/android.py b/karton/android/android.py index be4a11a..b05bce2 100644 --- a/karton/android/android.py +++ b/karton/android/android.py
@@ -1,13 +1,12 @@
1	import sys	1	import androguard.core.bytecodes.apk # type: ignore
2		2	from karton.core import Karton, Task # type: ignore
3	import androguard
4	from karton.core import Karton, Task
5		3
6	from .__version__ import __version__	4	from .__version__ import __version__
7		5
		6
8	class Android(Karton):	7	class Android(Karton):
9	"""	8	"""
10	Augment apk files with various information.	9	Augment apk files with various metadata.
11	"""	10	"""
12		11
13	identity = "karton.android"	12	identity = "karton.android"
@@ -19,27 +18,31 @@ class Android(Karton):
19	def process(self, task: Task) -> None:	18	def process(self, task: Task) -> None:
20	sample = task.get_resource("sample")	19	sample = task.get_resource("sample")
21		20
22	a = androguard.core.bytecodes.apk.APK(sample)	21	a = androguard.core.bytecodes.apk.APK(sample.content, raw=True)
23	if not a.is_valid_APK():	22	if not a.is_valid_APK():
24	self.log.info("Not a valid APK file.")	23	self.log.info("Not a valid APK file.")
25	return	24	return
26		25
27	metadata = {	26	metadata = {
28	'package': a.package,	27	"package": [a.package],
29	'sample': sample,	28	"activities": sorted(a.get_activities()),
30	'activities': a.get_activites(),	29	"main_activity": [a.get_main_activity()],
31	'main_activity': a.get_main_activity(),	30	"permissions": sorted(a.get_permissions()),
32	'permissions': a.get_permissions(),
33	}	31	}
34		32
35	if a.is_signed() or a.is_signed_v3():	33	if a.is_signed() or a.is_signed_v3():
36	metadata['certificate'] = a.get_certificates()[0].sha1_fingerprint.replace(" ", "")	34	certs = a.get_certificates()
		35	if len(certs):
		36	cert = certs[0]
		37	sha1_cert = cert.sha1_fingerprint.replace(" ", "")
		38	metadata["certificate"] = [sha1_cert]
37		39
38	self.send_task(	40	self.send_task(
39	Task(	41	Task(
40	headers={"type": "sample", "stage": "analyzed"},	42	headers={
41	payload=metadata)	43	"type": "sample",
		44	"stage": "analyzed",
		45	},
		46	payload={"attributes": metadata},
42	)	47	)
43		48	)
44	if __name__ == "__main__":
45	Android().loop()