Giter Site home page Giter Site logo

apkvulcheck's People

Contributors

zsdlove avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

secsystem deelmind liusec whoami-whoami gitsucce-zz webvul dstmath cclauss test123test111 banana42 shuixi2013 lifeqiuzhi520 whocare2014 orf53975 joeyxy doself yogistudio hanlen520 cc06 slowmistio 0x6b7966 blinkvoid liberatorqjw 485653 wyu0hop re13orn safebaseline xysh90hou kakakpy blueroutecn skyblueeternal trysec crackercat kuustudio goly1234 edgaraaa jerry888888 victor0013 ninovalboskoni 5l1v3r1 zhou3299136 laashub-soa mmg1 yuknight wang0098 luoyeatl howsson zhangyouliang echocipher hll163 loy2000 yut0u test502git yangkf1985 bill-bil humiaochao hhqqyy jeremy-chua kangd1w2 lindatas fishso land-thedev yzcrnx vvan9 afwu xianlimei gaozzr benniedaniel hustwyk orangice1997 a099 shen771 dr0v nyzx0322 lancerandass 4everzain hexi muxi166 cjrcjr wouijvziqy xiaoqin00 williamstao andyoulovexy chgsyh cyanogencyanogen

apkvulcheck's Issues

代码逻辑错误

##flag逻辑判断错误,所以app均被判断为未加固。需更改else中的条件为pass
并将flag初始为 false
def packerDetector(apkpath):
packerType=""
packersign=""
flag=False
zipfiles=zipfile.ZipFile(apkpath)
nameList=zipfiles.namelist()
for fileName in nameList:
for packer in packer_features.keys():
if packer in fileName:
flag=True
packerType=packer_features[packer]
packersign=packer
break
else:
pass

Undefined names: banner_begin(), banner_finished(), banner_new()

flake8 testing of https://github.com/zsdlove/ApkVulCheck on Python 3.7.0

$ flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics

./AndroidCodeCheck.py:94:2: F821 undefined name 'banner_begin'
	banner_begin()
 ^
./AndroidCodeCheck.py:112:2: F821 undefined name 'banner_begin'
	banner_begin()
 ^
./AndroidCodeCheck.py:113:2: F821 undefined name 'banner_finished'
	banner_finished()
 ^
./AndroidCodeCheck.py:382:2: F821 undefined name 'banner_new'
	banner_new()
 ^
4     F821 undefined name 'banner_begin'
4

TypeError: can only concatenate str (not "bytes") to str 

 ❯ python AndroidCodeCheck.py --taskpath ~/Downloads/com.wingjoy.dynastyLife.apk
[init] - Decode the AndroidManifest.xml file Successfully!
outputpath=>/tmp/hades/result/com68825
[init] - Decompile the dex file Successfully.
Traceback (most recent call last):
  File "AndroidCodeCheck.py", line 294, in <module>
    startprocess()
  File "/Users/s/Desktop/TestTools/ApkVulCheck/venv/lib/python3.8/site-packages/click/core.py", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/Users/s/Desktop/TestTools/ApkVulCheck/venv/lib/python3.8/site-packages/click/core.py", line 782, in main
    rv = self.invoke(ctx)
  File "/Users/s/Desktop/TestTools/ApkVulCheck/venv/lib/python3.8/site-packages/click/core.py", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/Users/s/Desktop/TestTools/ApkVulCheck/venv/lib/python3.8/site-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "AndroidCodeCheck.py", line 285, in startprocess
    apkAnalysis().fastScanEngine({
  File "AndroidCodeCheck.py", line 27, in wrapper
    ret=func(*args,**kwargs)
  File "AndroidCodeCheck.py", line 152, in fastScanEngine
    cptcheck.run()
  File "/Users/s/Desktop/TestTools/ApkVulCheck/plugin/manifestAnalysis.py", line 138, in run
    self.android_manifest_check()
  File "/Users/s/Desktop/TestTools/ApkVulCheck/plugin/manifestAnalysis.py", line 122, in android_manifest_check
    self.getUsesPermission(node)  # usespermission
  File "/Users/s/Desktop/TestTools/ApkVulCheck/plugin/manifestAnalysis.py", line 37, in getUsesPermission
    logging.info("- [VulScanEngine] " + "申请的权限名为:" + node.getAttribute('android:name').encode("utf-8"))
TypeError: can only concatenate str (not "bytes") to str

list index out of range

root@kali202003:~/ApkVulCheck-master# python2 AndroidCodeCheck.py --taskpath fixxB14976.apk --output json
[init] - Decode the AndroidManifest.xml file Successfully!
outputpath=>/tmp/hades/result/fixxB1497658193
Exception in thread "main" org.jf.dexlib2.dexbacked.DexBackedDexFile$NotADexFile: Invalid magic value: 64 65 78 0a 30 33 37 00
at org.jf.dexlib2.dexbacked.DexBackedDexFile.verifyMagicAndByteOrder(DexBackedDexFile.java:151)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:70)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:96)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:79)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:54)
at org.jf.baksmali.main.main(main.java:247)
[init] - Decompile the dex file Successfully.
sh: 1: lib/aapt2: Exec format error
Traceback (most recent call last):
File "AndroidCodeCheck.py", line 294, in
startprocess()
File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 829, in call
return self.main(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "AndroidCodeCheck.py", line 288, in startprocess
"output":kwargs.get("output")
File "AndroidCodeCheck.py", line 27, in wrapper
ret=func(*args,**kwargs)
File "AndroidCodeCheck.py", line 166, in fastScanEngine
apkname=os.popen("lib/aapt2 dump badging %s |grep application-label:" % filepath).read().replace("\n","").split(":")[1].replace("'","")
IndexError: list index out of range

methodCallGenerator.py

ApkVulCheck/lib/methodCallGenerator.py
332行 parser=SmaliParser("smalipath,"smali")
有错误

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.