apk_unpack 0.0.1 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/README.md +34 -1
- data/lib/apk_unpack.rb +3 -0
- data/lib/decompiler/decompiler.rb +19 -2
- data/lib/utilities/parsing.rb +11 -0
- data/lib/utilities/string.rb +2 -0
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
MDYzOWEzNTM2YmZmMWE3NzMxMmU1ZmVkNjc5YzNjN2NlMTJmNzNmNw==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
MzY3MTM5NzJhYTU2NGVjMTUwY2JjZWVkYjNiMjE1NGI5YTZmMWNlYg==
|
7
7
|
SHA512:
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
MzM0MDBlMzVjOGEyMzUzOTcwYTc3ZjYzZmNlNjE0ZWFiMGFhNDY5ZjRmMzVi
|
10
|
+
ODc0ZWNlMDYyMzM5MWMzMmU5ZDhmNzNkMDY3MGZlNmMxNDQzN2ZjYzA1MTlk
|
11
|
+
ODM1MThmN2RiYmFmZjkwZGQ2OWZhZjBjZGYxZDNlNGJiNTUwZjY=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
M2ZlZGY4MGYxNDYzODI0NDEwMzE0OGE3ZWJhZWJjZWMzMmIzM2ZlMGZiMjQ4
|
14
|
+
ZGQ3MzlmZTMwYTUwMTk0YmU3NTc2OGNmMzk0ZTM0MjJjYWY1NjhhZWQwNmY4
|
15
|
+
YmY2ODVhYWRiOWM0MmE1MTEyNDhkNjk5Yzc0MjI5ZTZiMGQyODE=
|
data/README.md
CHANGED
@@ -1,3 +1,36 @@
|
|
1
1
|
# ApkUnpack
|
2
2
|
|
3
|
-
|
3
|
+
Performing static analysis on an Android application can get a bit tedious when having to use apktool and dex2jar to de-compile APK files. I wanted to automate the process in an easy way to assist people with this simple but time consuming task, especially for those who want to de-compile multiple apps using both dex2jar and apktool.
|
4
|
+
|
5
|
+
The lightweight ruby gem was built to utilize dex2jar and apktool to de-compile and output the corresponding files to a specified directory.
|
6
|
+
|
7
|
+
You can download the latest gem from here:
|
8
|
+
|
9
|
+
[Ruby Gem](http://rubygems.org/gems/apk_unpack)
|
10
|
+
|
11
|
+
gem install apk_unpack
|
12
|
+
|
13
|
+
You can view the project page on git from here:
|
14
|
+
|
15
|
+
[GitHub](https://github.com/nVisium/ruby_apk_unpack)
|
16
|
+
|
17
|
+
Dex2jar and apktool are not included within the gem in this version so those two tools will have to be installed separately. The path of apktool.jar, dj2-dex2jar.sh or .bat, the .apk files, and output location is required to be set in a YAML file. The syntax and example of the YAML file is below but can also be found in the /examples directory of the gem:
|
18
|
+
|
19
|
+
apk:
|
20
|
+
- /Users/somebody/Desktop/com.example.apk
|
21
|
+
- /Users/somebody/Desktop/com.another.example.apk
|
22
|
+
apktool: /Users/somebody/tmp/apktool1.5.2/apktool.jar
|
23
|
+
output_directory: /Users/somebody/Desktop/apk_stuff
|
24
|
+
d2j: /Users/somebody/tmp/dex2jar-0.0.9.15/d2j-dex2jar.sh
|
25
|
+
|
26
|
+
To run the gem you execute the following commands:
|
27
|
+
|
28
|
+
apk_unpack -c <path/to/YAML file>
|
29
|
+
|
30
|
+
There are a few things we will be working on for future releases. Including the possibility of having the YAML file point at a directory instead of specific APK files, offloading de-compiling the APK files to a service running on Heroku. This would all be automated to download the APK, decompile it and then serve it to the user.
|
31
|
+
|
32
|
+
We hope you have found this post to be helpful in performing Android assessments and as usual, we'd love to hear your thoughts.
|
33
|
+
|
34
|
+
Special thanks to [Marcus](https://twitter.com/90skicks), [Riandi](https://twitter.com/rwiguna), and [Ken](https://twitter.com/cktricky) for co-authoring the gem.
|
35
|
+
|
36
|
+
Abdullah Munawar is an application security consultant at nVisium who specializes in mobile application testing and ripping apart new things. He previously worked on the security teams at financial and aviation organizations, with over 7 years of experience. Abdullah attempts humor on a daily basis and succeeds most of the time, every time. You can follow Abdullah on twitter [@amanofwar](https://twitter.com/amanofwar)
|
data/lib/apk_unpack.rb
CHANGED
@@ -3,7 +3,10 @@ require 'utilities/parsing'
|
|
3
3
|
require 'decompiler/decompiler'
|
4
4
|
require 'optparse'
|
5
5
|
|
6
|
+
# This class is responsible for CLI output and options
|
6
7
|
class ApkUnpack
|
8
|
+
# This method defines the CLI options of the gem and takes in the
|
9
|
+
# YAML configuration file
|
7
10
|
def self.run
|
8
11
|
options = {}
|
9
12
|
OptionParser.new do |opts|
|
@@ -1,5 +1,8 @@
|
|
1
|
-
|
1
|
+
# This class uses apktool and dex2jar to perform the de-compilation
|
2
|
+
# of APKs and outputs the results into their respective directories
|
2
3
|
class Decompiler
|
4
|
+
|
5
|
+
# This method creates a hash of the 4 inputs for the tool
|
3
6
|
def self.my_hash
|
4
7
|
{
|
5
8
|
"apk" => "file",
|
@@ -9,6 +12,8 @@ class Decompiler
|
|
9
12
|
}
|
10
13
|
end
|
11
14
|
|
15
|
+
# This method creates instance variable @k and fills up the array
|
16
|
+
# my_hash with the 4 values its expecting
|
12
17
|
def self.run
|
13
18
|
my_hash.each do |k,v|
|
14
19
|
puts "Please specify the absolute location of the #{k}"
|
@@ -21,7 +26,9 @@ class Decompiler
|
|
21
26
|
rescue ::Interrupt
|
22
27
|
puts "\nGoodbye"
|
23
28
|
end
|
24
|
-
|
29
|
+
|
30
|
+
# This method validates that the files and directories being
|
31
|
+
# referenced exist
|
25
32
|
def self.exists(data_type, entity)
|
26
33
|
val = instance_variable_get ("@#{entity}".underscore)
|
27
34
|
case data_type
|
@@ -32,6 +39,9 @@ class Decompiler
|
|
32
39
|
end
|
33
40
|
end
|
34
41
|
|
42
|
+
# This method has the tool revert to having the user manually
|
43
|
+
# enter the 4 parameters needed to run the tool in the case
|
44
|
+
# the YAML config file does not exist
|
35
45
|
def self.set_static_vars(opts={})
|
36
46
|
raise "NoOptionsProvidedFromConfigFile" if opts.empty?
|
37
47
|
@apktool = opts[:apktool]
|
@@ -47,23 +57,30 @@ class Decompiler
|
|
47
57
|
@apk = apk_loc
|
48
58
|
end
|
49
59
|
|
60
|
+
# This method executes the run_apktool and run_dex2jar methods
|
50
61
|
def self.execute
|
51
62
|
run_apktool
|
52
63
|
run_dex2jar
|
53
64
|
end
|
54
65
|
|
66
|
+
# This method converts periods "." within filenames to underscore
|
55
67
|
def self.convert_apkname_to_underscore
|
56
68
|
file_name = File.basename(@apk).underscore.tr(".", "_")
|
57
69
|
end
|
58
70
|
|
71
|
+
# This method takes the file name of the .apk and converts it to
|
72
|
+
# a .jar
|
59
73
|
def self.convert_apk_to_jar
|
60
74
|
file_name = File.basename(@apk).sub(/.apk/, ".jar")
|
61
75
|
end
|
62
76
|
|
77
|
+
# This method runs apktool and outputs the results into its
|
78
|
+
# own directory
|
63
79
|
def self.run_apktool
|
64
80
|
system "java", "-jar", @apktool, "d", "-f", @apk, "#{@output_directory}/apktool_output/#{self.convert_apkname_to_underscore}"
|
65
81
|
end
|
66
82
|
|
83
|
+
# This method executes dex2jar and outputs the file under its own dex2jar directory
|
67
84
|
def self.run_dex2jar
|
68
85
|
path = "#{@output_directory}/dex2jar_output"
|
69
86
|
Dir.mkdir path if not Dir.exist? path
|
data/lib/utilities/parsing.rb
CHANGED
@@ -1,7 +1,10 @@
|
|
1
1
|
require 'yaml'
|
2
2
|
|
3
|
+
# This class performs all of the parsing associated with the YAML
|
4
|
+
# file or the reading in of the paths for the 4 variables
|
3
5
|
class Parsing
|
4
6
|
|
7
|
+
# This method raises an error if a YAML file is not given
|
5
8
|
def self.parse(file_location=nil, test=false)
|
6
9
|
raise "NoFileProvidedForParsing" if !(file_location)
|
7
10
|
yaml_c = test ? modify_yaml_attrs : parse_config_file(file_location)
|
@@ -9,10 +12,13 @@ class Parsing
|
|
9
12
|
variable_set(opts)
|
10
13
|
end
|
11
14
|
|
15
|
+
# This method loads and parses the YAML config file
|
12
16
|
def self.parse_config_file(file_location)
|
13
17
|
yaml_c = YAML.load_file(file_location)
|
14
18
|
end
|
15
19
|
|
20
|
+
# This method creates a hash called yaml_c that takes in
|
21
|
+
# the 4 environment variables defined
|
16
22
|
def self.modify_yaml_attrs
|
17
23
|
yaml_c = {
|
18
24
|
"apk" => ENV["APK"],
|
@@ -22,6 +28,8 @@ class Parsing
|
|
22
28
|
}
|
23
29
|
end
|
24
30
|
|
31
|
+
# This method reads in the options from the YAML file
|
32
|
+
# and assigns them the hash values within the yaml_c hash
|
25
33
|
def self.generate_options_from_yaml(yaml_c)
|
26
34
|
options = {}
|
27
35
|
options[:apk] = yaml_c["apk"]
|
@@ -31,6 +39,9 @@ class Parsing
|
|
31
39
|
return options
|
32
40
|
end
|
33
41
|
|
42
|
+
# This method specifies executing the gem for the 3 options of
|
43
|
+
# reading in the APK location manually, having a single APK within
|
44
|
+
# the YAML file, or having multiple APKs within the YAML file
|
34
45
|
def self.variable_set(options={})
|
35
46
|
Decompiler.set_static_vars(options)
|
36
47
|
apk_loc = options[:apk]
|
data/lib/utilities/string.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: apk_unpack
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Abdullah Munawar
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date: 2014-
|
14
|
+
date: 2014-03-03 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: bundler
|
@@ -41,12 +41,12 @@ dependencies:
|
|
41
41
|
- - ! '>='
|
42
42
|
- !ruby/object:Gem::Version
|
43
43
|
version: '0'
|
44
|
-
description: ! "\n
|
45
|
-
|
46
|
-
|
47
|
-
|
44
|
+
description: ! "\n \t\t\t\t\t\tThe APKUnpack tool is used to quickly decompile one
|
45
|
+
or more APK applications essentially automating a simple but time consuming task.
|
46
|
+
This tool requires that you have the APKTool and Dex2Jar applications on your machine.\n
|
47
|
+
\ "
|
48
48
|
email:
|
49
|
-
- abdullah.munawar@
|
49
|
+
- abdullah.munawar@nvisium.com
|
50
50
|
executables:
|
51
51
|
- apk_unpack
|
52
52
|
extensions: []
|