From 2d6d30a2d11704df48c4bb46b75243d582bcc4c8 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Sat, 3 Sep 2022 15:27:53 +0200
Subject: First commit

---
 karton/android/android.py | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 karton/android/android.py

(limited to 'karton/android/android.py')

diff --git a/karton/android/android.py b/karton/android/android.py
new file mode 100644
index 0000000..be4a11a
--- /dev/null
+++ b/karton/android/android.py
@@ -0,0 +1,45 @@
+import sys
+
+import androguard
+from karton.core import Karton, Task
+
+from .__version__ import __version__
+
+class Android(Karton):
+    """
+    Augment apk files with various information.
+    """
+
+    identity = "karton.android"
+    version = __version__
+    filters = [
+        {"type": "sample", "extension": "apk"},
+    ]
+
+    def process(self, task: Task) -> None:
+        sample = task.get_resource("sample")
+
+        a = androguard.core.bytecodes.apk.APK(sample)
+        if not a.is_valid_APK():
+            self.log.info("Not a valid APK file.")
+            return
+
+        metadata = {
+           'package': a.package,
+           'sample': sample,
+           'activities': a.get_activites(),
+           'main_activity': a.get_main_activity(),
+           'permissions': a.get_permissions(),
+        }
+
+        if a.is_signed() or a.is_signed_v3():
+            metadata['certificate'] = a.get_certificates()[0].sha1_fingerprint.replace(" ", "")
+
+        self.send_task(
+            Task(
+                headers={"type": "sample", "stage": "analyzed"},
+                payload=metadata)
+            )
+
+if __name__ == "__main__":
+    Android().loop()
-- 
cgit v1.3