Magic-Mirror/androguard
1
0
Fork 0
mirror of https://github.com/androguard/androguard.git synced 2024-11-26 22:40:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Reverse engineering and pentesting for Android applications
48 Commits 6 Branches 30 Tags 119 MiB
Python 87.5%
JavaScript 9.9%
Java 2.6%
a8b6516714
Go to file
Anthony Desnos a8b6516714 update wm l2
2010-11-27 18:46:21 +01:00
ant change android test 2010-11-01 14:26:48 +01:00
core update wm l2 2010-11-27 18:46:21 +01:00
demos begin dependency fields 2010-11-25 16:40:46 +01:00
doc add basic lua binding 2010-11-10 16:00:48 +01:00
examples begin dependency fields 2010-11-25 16:40:46 +01:00
gui improve DVM 2010-11-08 09:33:15 +01:00
specs add specs of dvm/jvm 2010-10-25 17:57:56 +02:00
androdiff.py add field/method names obfuscation into androguard 2010-11-02 12:23:31 +01:00
androdump.py add androdump 2010-11-10 10:30:53 +01:00
androguard.py begin dependency fields 2010-11-25 16:40:46 +01:00
androlyze.py move directory 2010-10-28 16:33:19 +02:00
andromarks.py version aplha 0 update 1 2010-10-31 10:06:14 +01:00
COPYING first commit and it's the alpha 0 2010-10-25 16:48:39 +02:00
COPYING.LESSER first commit and it's the alpha 0 2010-10-25 16:48:39 +02:00
README.txt change java test 2010-10-31 17:04:31 +01:00

README.txt 

##########################################################################
####################### Androguard : Android Guard #######################
##########################################################################
################### http://code.google.com/p/androguard ##################
###################### androguard (at) t0t0 (dot) fr #####################
##########################################################################


1 -] About

Androguard is primarily a tool written in full python to play with :
   - .class (JVM) format
   - .dex (DalvikVM) format

So, you can analyze, display, modify and save your apps easily and 
statically by creating your own software (by using the API), or by using 
the tool (androlyze) in command line.

Moreover, we are trying to obfuscate your apps by using new techniques,
but you must now that obfuscation is a difficult problem, and you can't
hide something into your software in a 'secure manner'. But we can try to
block as possible evil guys to steal a part of your apps, and resell them
into the market.

We are trying to implement dynamic and metamorphism Virtual Machines. For 
example, we can obfuscate classical variable affections with mathematical 
formulas, and integers constants. But the research in this domain is in 
progress and we will publish more information and codes.

You have also the possibility to apply control flow modification, and to
change the name of fields, methods in your apps with random string.

Of course, it's possible to integrate the 'androguard' program into the 
development cycle, for example, directly into ANT (after the java 
compilation, and just before the convertion into .dex format, see USAGE).

This tool has been designed for Android apps, but if you have read this
section, you have seen that we support JVM format, so you can used
this tool with classical Java apps.

If you are interesting to develop and to work on this youth project, you 
can contact me (see the top of this README for my e-mail).

2 -] Usage

All objects can be access directly, and most of the time, there is 
a field called "format" which contained the raw fields which can 
be changed :
>>> j = JVMFormat( open("./VM.class").read() )
>>> x = j.get_method("<init>")[0]
>>> print x.format
MethodInfo(access_flags=0, name_index=40, descriptor_index=41, \
           attributes_count=1)
>>> x.format.get_value_buff()
'\x00\x00\x00(\x00)\x00\x01'
>>> x.format.set_value( { "access_flags" : 1 } )
>>> x.format.get_value_buff()
'\x00\x01\x00(\x00)\x00\x01'
>>> print x.format
MethodInfo(access_flags=1, name_index=40, descriptor_index=41, \
           attributes_count=1)


So you can do what you would like with that, but be carefull because it's
possible to have an unusable format if you change something that you don't
know correctly. But most of the time there will be no problem, but if you
don't know what you are doing, it's better to use the providing API to
change a field.

You must go to the website to see more example :
   http://code.google.com/p/androguard/wiki/Usage

2.1 --] API

see the directory 'doc'

2.2 --] Demos

see the source codes in the directory 'demos'

2.3 --] Androlyze 
http://code.google.com/p/androguard/wiki/Usage#Androlyze

You can used the command line to display and filter information. But it's
better to use the shell :

./androlyze.py -s
Welcome to Androlyze ALPHA 0-update1
>>> j = JVMFormat( open("./VM.class").read() )
>>> j.show()

# Get specific methods
>>> x = j.get_method("<init>")[0]
>>> x.show()

# Change name
>>> x.set_name("toto")

# Save it
>>> fd = open("VM2.class", "w")
>>> fd.write(j.save())
>>> fd.close()

2.4 --] Andromarks
http://code.google.com/p/androguard/wiki/Usage#Andromarks

3 -] References

4 -] Benchmark 

5 -] Roadmap 
http://code.google.com/p/androguard/wiki/RoadMap

6 -] License

Copyright (C) 2010, Anthony Desnos <desnos at t0t0.org>                                                                                                                                                                         
All rights reserved.

Androguard is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

Androguard is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of  
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License
along with Androguard.  If not, see <http://www.gnu.org/licenses/>.