Install Androguard:(ubuntu 14.04)
– Install python:
Install python 2.7 by command:
$sudo add-apt-repository ppa:fkrull/deadsnakes $sudo apt-get update $sudo apt-get install python2.7
- Install pip:
$ sudo pip install ipython_genutils
Then, we install ipython and pygments:
$sudo easy_install ipython $sudo easy_install pygments
In terminal and run command:
Using git clone Androguard:
$git clone https://github.com/androguard/androguard.git
Install Androguard:
$sudo python setup.py install
If error:
Traceback (most recent call last): File "./androaxml.py", line 84, in main(options, arguments) File "./androaxml.py", line 54, in main a = apk.APK(options.input) File "/home/manh/androguard/androguard/core/bytecodes/apk.py", line 194, in __init__ self.zip = zipfile.ZipFile(StringIO.StringIO(self.__raw), mode=mode) File "/usr/lib/python2.7/zipfile.py", line 770, in __init__ self._RealGetContents() File "/usr/lib/python2.7/zipfile.py", line 857, in _RealGetContents x._decodeExtra() File "/usr/lib/python2.7/zipfile.py", line 388, in _decodeExtra tp, ln = unpack('HH', extra[:4]) struct.error: unpack requires a string argument of length 4
Open “zipfile.py” by command:
$sudo nano /usr/lib/python2.7/zipfile.py
Edit value:
while extra: => while len(extra) > 4:
Install networkx:
sudo apt-get update sudo apt-get install python-networkx http://www.technotalkative.com/part-1-reverse-engineering-using-androguard/ http://www.technotalkative.com/part-2-deep-analysis-using-androguard-tools-2/
Option:
Androaxml
Use view file AndroidManifest.xml.
Syntax: ./androaxml.py -i [path_of_apk] -o [name_of_output_file] [/code]
Example:
./androaxml.py -i demo.apk -o output.xml
-i: path file input.
-o: path file output .
Androsim
Used to decompile two applications(file apk) and compare the components have been modified.
Windows:
androsim.exe -i -c ZLIB -n
Exmaple
androsim.exe -i demo.apk demo1.apk -c ZLIB -n
Linux:
python androsim.py -i circle.apk circle1.apk -c ZLIB -n
Example:
python androsim.py -i circle.apk circle1.apk -c ZLIB -n -d
-c specifies the type of compressor (BZ2, ZLIB, SNAPPY, LZMA, XZ).
-d can be used to display methods name as output.
Androdd
Dump all methods of all class files in an Android Package
To dump graphical outputs of all methods of all the classes in an android package, we use Androdd.py tool which comes out of box in Androguard
Syntax:
./androdd.py -i -o -i: path file input -o: path file output
Example:
python androdd.py -i circle2.apk -o ./dd
Now check out dd directory, graphical output of all methods will be generated as a .ag file, along with all java files. If we want output graphics file in .png format, just pass -f png as argument.
python androdd.py -i circle2.apk -o ./dd -f png OR ./androdd.py -i circle2.apk -o ./dd -f png
Androapkinfo
Displays complete information about apk file
Androapkinfo displays Files, Permissions, Main Activity, All Activities, Services, Obfuscation related information at once!
Syntax:
python androapkinfo.py -i path_of_first_apk OR ./androapkinfo.py -i path_of_first_apk