ruby_android_apk 0.7.7.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c8ad476b82feac524f3903758b93a3b7195de4c4
+  data.tar.gz: 72fa394d1656548782acea431219ab880e1c9233
+SHA512:
+  metadata.gz: 5c55b568704956d934a9ced5bc84d9e731f95dcd8ac98ab24e2172b2cf8365e132cdf54782fc293969ef664f29968819234d492f85013392687332fe4628cee2
+  data.tar.gz: 95ca9385bdbfb6b885cc170402837e368f31bdeb1b0e4cdab06c3f7742af7056dccc84482c62678b27599a9c8755c3ce26e2e5ac0752171d9e8cf8e4fee00e34

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 1.9.3
+  - 2.0.0

data/CHANGELOG.md

@@ -0,0 +1,45 @@
+# ChangeLog
+## 0.7.0
+* implement Apk#signs, Apk#certificates and Manifest#version_name (#14, #15)
+* bugfix
+
+## 0.6.0
+* implement Android::Apk#layouts(#10), Android::Apk#icon(#11), Android::Apk#label(#12),
+* fix bug (#13)
+
+## 0.5.1
+* [#8] add Android::Manifest#label
+* [#7] fix wrong boolean value in manifest parser
+* [#6] add accessor Android::Manifest#doc
+
+## 0.5.0
+* [issue #1] implement Android::Resource#find, #res_readable_id, #res_hex_id methods
+
+## 0.4.2
+* fix bugs(#2, #3)
+* divide change log from readme
+
+## 0.4.1
+* fix typo
+* add document
+
+## 0.4.0
+* add resource parser
+* enhance dex parser
+
+## 0.3.0
+* add and change name space
+* add Android::Utils module and some util methods
+* add Apk#entry, Apk#each_entry, and Apk#time methods,
+
+## 0.2.0
+* update documents
+* add Apk::Dex#each_strings, Apk::Dex#each_class_names
+
+## 0.1.2
+* fix bug(improve android binary xml parser)
+
+## 0.1.1
+* fix bug(failed to initialize Apk::Manifest::Meta class)
+* replace iconv to String#encode(for ruby1.9)
+

data/Gemfile

@@ -0,0 +1,16 @@
+source "http://rubygems.org"
+# Add dependencies required to use your gem here.
+# Example:
+#   gem "activesupport", ">= 2.3.5"
+gem "rubyzip", ">= 1.1.6"
+
+# Add dependencies to develop your gem here.
+# Include everything needed to run rake, tests, features, etc.
+group :development do
+  gem "rspec", "~> 2.11.0"
+  gem "bundler", ">= 1.3.0"
+  gem "jeweler", "~> 1.8.7"
+  gem "yard", require: false
+  gem "redcarpet"
+  gem "simplecov", require: false
+end

data/Gemfile.lock

@@ -0,0 +1,73 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.3.5)
+    builder (3.2.2)
+    diff-lcs (1.1.3)
+    faraday (0.8.8)
+      multipart-post (~> 1.2.0)
+    git (1.2.6)
+    github_api (0.10.1)
+      addressable
+      faraday (~> 0.8.1)
+      hashie (>= 1.2)
+      multi_json (~> 1.4)
+      nokogiri (~> 1.5.2)
+      oauth2
+    hashie (2.0.5)
+    highline (1.6.19)
+    httpauth (0.2.0)
+    jeweler (1.8.7)
+      builder
+      bundler (~> 1.0)
+      git (>= 1.2.5)
+      github_api (= 0.10.1)
+      highline (>= 1.6.15)
+      nokogiri (= 1.5.10)
+      rake
+      rdoc
+    json (1.8.0)
+    jwt (0.1.8)
+      multi_json (>= 1.5)
+    multi_json (1.8.0)
+    multi_xml (0.5.5)
+    multipart-post (1.2.0)
+    nokogiri (1.5.10)
+    oauth2 (0.9.2)
+      faraday (~> 0.8)
+      httpauth (~> 0.2)
+      jwt (~> 0.1.4)
+      multi_json (~> 1.0)
+      multi_xml (~> 0.5)
+      rack (~> 1.2)
+    rack (1.5.2)
+    rake (10.1.0)
+    rdoc (4.0.1)
+      json (~> 1.4)
+    redcarpet (3.0.0)
+    rspec (2.11.0)
+      rspec-core (~> 2.11.0)
+      rspec-expectations (~> 2.11.0)
+      rspec-mocks (~> 2.11.0)
+    rspec-core (2.11.1)
+    rspec-expectations (2.11.3)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.11.3)
+    rubyzip (1.1.6)
+    simplecov (0.7.1)
+      multi_json (~> 1.0)
+      simplecov-html (~> 0.7.1)
+    simplecov-html (0.7.1)
+    yard (0.8.7.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (>= 1.3.0)
+  jeweler (~> 1.8.7)
+  redcarpet
+  rspec (~> 2.11.0)
+  rubyzip (>= 1.1.6)
+  simplecov
+  yard

data/LICENSE.txt

@@ -0,0 +1,22 @@
+(The MIT License)
+
+Copyright (c) 2012 Securebrain
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,157 @@
+# ruby_apk
+Android Apk static analysis library for Ruby.
+
+[![Gem Version](https://badge.fury.io/rb/ruby_apk.png)](http://badge.fury.io/rb/ruby_apk)
+[![Build Status](https://travis-ci.org/SecureBrain/ruby_apk.png)](https://travis-ci.org/SecureBrain/ruby_apk)
+
+## Requirements
+- ruby(>=1.9.x)
+
+## Install
+    $ gem install ruby_apk
+
+## Usage
+### Initialize
+```ruby
+  require 'ruby_apk'
+  apk = Android::Apk.new('sample.apk') # set apk file path
+```
+
+### Apk
+#### Listing files in Apk
+```ruby
+# listing files in apk
+apk = Android::Apk.new('sample.apk')
+apk.each_file do |name, data|
+  puts "#{name}: #{data.size}bytes" # puts file name and data size
+end
+```
+
+#### Find files in Apk
+```ruby
+  apk = Android::Apk.new('sample.apk')
+  elf_files = apk.find{|name, data| data[0..3] == [0x7f, 0x45, 0x4c, 0x46] } # ELF magic number
+```
+
+#### Extract icon data in Apk (since 0.6.0)
+```ruby
+  apk = Android::Apk.new('sample.apk')
+  icons = apk.icon # { "res/drawable-hdpi/ic_launcher.png" => "\x89PNG\x0D\x0A...", ... }
+  icons.each do |name, data|
+    File.open(File.basename(name), 'wb') {|f| f.write data } # save to file.
+  end
+```
+
+#### Extract signature and certificate information from Apk (since v0.7.0)
+```ruby
+  apk = Android::Apk.new('sample.apk')
+  signs = apk.signs # retrun Hash(key: signature file path, value: OpenSSL::PKCS7)
+  signs.each do |path, sign|
+    puts path # => "MATA-INF/CERT.RSA" or ...
+    puts sign # => "-----BEGIN PKCS7-----\n..." PKCS7 object
+  end
+
+  certs = apk.certificates # retrun Hash(key: signature file path, value: OpenSSL::X509::Certificate)
+  certs.each do |path, cert|
+    puts path # => "MATA-INF/CERT.RSA" or ...
+    puts cert # => "-----BEGIN CERTIFICATE-----\n..." # X509::Certificate object
+  end
+```
+Note: Most apks have only one signature and cerficate.
+
+### Manifest
+#### Get readable xml
+```ruby
+  apk = Android::Apk.new('sample.apk')
+  manifest = apk.manifest
+  puts manifest.to_xml
+```
+
+#### Listing components and permissions
+```ruby
+  apk = Android::Apk.new('sample.apk')
+  manifest = apk.manifest
+  # listing components
+  manifest.components.each do |c| # 'c' is Android::Manifest::Component object
+    puts "#{c.type}: #{c.name}" 
+    c.intent_filters.each do |filter|
+      puts "\t#{filter.type}"
+    end
+  end
+
+  # listing use-permission tag
+  manifest.use_permissions.each do |permission|
+    puts permission
+  end
+```
+
+#### Extract application label string
+```ruby
+  apk = Android::Apk.new('sample.apk')
+  puts apk.manifest.label
+```
+
+### Resource
+#### Extract resource strings from apk
+```ruby
+  apk = Android::Apk.new('sample.apk')
+  rsc = apk.resource
+  rsc.strings.each do |str|
+    puts str
+  end
+```
+
+#### Parse resource file directly
+```ruby
+  rsc_data = File.open('resources.arsc', 'rb').read{|f| f.read }
+  rsc = Android::Resource.new(rsc_data)
+```
+
+### Resolve resource id
+This feature supports only srting resources for now.
+
+```ruby
+  apk = Android::Apk.new('sample.apk')
+  rsc = apk.resource
+  
+  # assigns readable resource id
+  puts rsc.find('@string/app_name') # => 'application name'
+
+  # assigns hex resource id
+  puts rsc.find('@0x7f040000') # => 'application name'
+
+  # you can set lang attribute.
+  puts rsc.find('@0x7f040000', :lang => 'ja')
+```
+
+
+### Dex
+#### Extract dex information
+```ruby
+  apk = Android::Apk.new('sample.apk')
+  dex = apk.dex
+  # listing string table in dex
+  dex.strings.each do |str|
+    puts str
+  end
+
+  # listing all class names
+  dex.classes.each do |cls| # cls is Android::Dex::ClassInfo
+    puts "class: #{cls.name}"
+    cls.virtual_methods.each do |m| # Android::Dex::MethodInfo
+      puts "\t#{m.definition}" # puts method definition
+    end
+  end
+```
+
+#### Parse dex file directly
+```ruby
+  dex_data = File.open('classes.dex','rb').read{|f| f.read }
+  dex = Android::Dex.new(dex_data)
+```
+
+
+## Copyright
+
+Copyright (c) 2012 SecureBrain. See LICENSE.txt for further details.
+

data/Rakefile

@@ -0,0 +1,43 @@
+# encoding: utf-8
+
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
+  gem.name = "ruby_android"
+  gem.homepage = "https://github.com/tajchert/ruby_apk"
+  gem.license = "MIT"
+  gem.summary = %Q{static analysis tool for android apk}
+  gem.description = %Q{static analysis tool for android apk}
+  gem.email = "thetajchert@gmail.com"
+  gem.authors = ["Michal Tajchert","SecureBrain"]
+  # dependencies defined in Gemfile
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+require 'rspec/core'
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec) do |spec|
+  spec.pattern = FileList['spec/**/*_spec.rb']
+end
+
+
+task :default => :spec
+
+require 'yard'
+require 'yard/rake/yardoc_task'
+YARD::Rake::YardocTask.new do |t|
+  t.files = ['lib/**/*.rb']
+  t.options = []
+  t.options << '--debug' << '--verbose' if $trace
+end

data/VERSION

@@ -0,0 +1 @@
+0.7.3

data/lib/android/apk.rb

@@ -0,0 +1,207 @@
+require 'zip' # need rubyzip gem -> doc: http://rubyzip.sourceforge.net/
+require 'digest/md5'
+require 'digest/sha1'
+require 'digest/sha2'
+require 'openssl'
+
+module Android
+  class NotApkFileError < StandardError; end
+  class NotFoundError < StandardError; end
+
+  # apk object class
+  class Apk
+
+    # @return [String] apk file path
+    attr_reader :path
+    # @return [Android::Manifest] manifest instance
+    # @return [nil] when parsing manifest is failed.
+    attr_reader  :manifest
+    # @return [Android::Dex] dex instance
+    # @return [nil] when parsing dex is failed.
+    attr_reader :dex
+    # @return [String] binary data of apk
+    attr_reader :bindata
+    # @return [Resource] resouce data
+    # @return [nil] when parsing resource is failed.
+    attr_reader :resource
+
+    # AndroidManifest file name
+    MANIFEST = 'AndroidManifest.xml'
+    # dex file name
+    DEX = 'classes.dex'
+    # resource file name
+    RESOURCE = 'resources.arsc'
+
+    # create new apk object
+    # @param [String] filepath apk file path
+    # @raise [Android::NotFoundError] path file does'nt exist
+    # @raise [Android::NotApkFileError] path file is not Apk file.
+    def initialize(filepath)
+      @path = filepath
+      raise NotFoundError, "'#{filepath}'" unless File.exist? @path
+      begin
+        @zip = Zip::File.open(@path)
+      rescue Zip::Error => e
+        raise NotApkFileError, e.message 
+      end
+
+      @bindata = File.open(@path, 'rb') {|f| f.read }
+      @bindata.force_encoding(Encoding::ASCII_8BIT)
+      raise NotApkFileError, "manifest file is not found." if @zip.find_entry(MANIFEST).nil?
+      begin
+        @resource = Android::Resource.new(self.file(RESOURCE))
+      rescue => e
+        $stderr.puts "failed to parse resource:#{e}"
+        #$stderr.puts e.backtrace
+      end
+      begin
+        @manifest = Android::Manifest.new(self.file(MANIFEST), @resource)
+      rescue => e
+        $stderr.puts "failed to parse manifest:#{e}"
+        #$stderr.puts e.backtrace
+      end
+      begin
+        @dex = Android::Dex.new(self.file(DEX))
+      rescue => e
+        $stderr.puts "failed to parse dex:#{e}"
+        #$stderr.puts e.backtrace
+      end
+    end
+
+    # return apk file size
+    # @return [Integer] bytes
+    def size
+      @bindata.size
+    end
+
+    # return hex digest string of apk file
+    # @param [Symbol] type hash digest type(:sha1, sha256, :md5)
+    # @return [String] hex digest string
+    # @raise [ArgumentError] type is knknown type
+    def digest(type = :sha1)
+      case type
+      when :sha1
+        Digest::SHA1.hexdigest(@bindata)
+      when :sha256
+        Digest::SHA256.hexdigest(@bindata)
+      when :md5
+        Digest::MD5.hexdigest(@bindata)
+      else
+        raise ArgumentError
+      end
+    end
+
+    # returns date of AndroidManifest.xml as Apk date
+    # @return [Time]
+    def time
+      entry(MANIFEST).time
+    end
+
+    # @yield [name, data]
+    # @yieldparam [String] name file name in apk
+    # @yieldparam [String] data file data in apk
+    def each_file
+      @zip.each do |entry|
+        next unless entry.file?
+        yield entry.name, @zip.read(entry)
+      end
+    end
+
+    # find and return binary data with name
+    # @param [String] name file name in apk(fullpath)
+    # @return [String] binary data
+    # @raise [NotFoundError] when 'name' doesn't exist in the apk
+    def file(name) # get data by entry name(path)
+      @zip.read(entry(name))
+    end
+
+    # @yield [entry]
+    # @yieldparam [Zip::Entry] entry zip entry
+    def each_entry
+      @zip.each do |entry|
+        next unless entry.file?
+        yield entry
+      end
+    end
+
+    # find and return zip entry with name
+    # @param [String] name file name in apk(fullpath)
+    # @return [Zip::ZipEntry] zip entry object
+    # @raise [NotFoundError] when 'name' doesn't exist in the apk
+    def entry(name)
+      entry = @zip.find_entry(name)
+      raise NotFoundError, "'#{name}'" if entry.nil?
+      return entry
+    end
+
+    # find files which is matched with block condition
+    # @yield [name, data] find condition
+    # @yieldparam [String] name file name in apk
+    # @yieldparam [String] data file data in apk
+    # @yieldreturn [Array] Array of matched entry name
+    # @return [Array] Array of matched entry name
+    # @example
+    #   apk = Apk.new(path)
+    #   elf_files = apk.find  { |name, data|  data[0..3] == [0x7f, 0x45, 0x4c, 0x46] } # ELF magic number
+    def find(&block)
+      found = []
+      self.each_file do |name, data|
+        ret = block.call(name, data)
+        found << name if ret
+      end
+      found
+    end
+
+    # extract icon data from AndroidManifest and resource.
+    # @return [Hash{ String => String }] hash key is icon filename. value is image data
+    # @raise [NotFoundError]
+    # @since 0.6.0
+    def icon
+      icon_id = @manifest.doc.elements['/manifest/application'].attributes['icon']
+      if /^@(\w+\/\w+)|(0x[0-9a-fA-F]{8})$/ =~ icon_id
+        drawables = @resource.find(icon_id)
+        Hash[drawables.map {|name| [name, file(name)] }]
+      else 
+        { icon_id => file(icon_id) } # ugh!: not tested!!
+      end
+    end
+
+    # get application label from AndroidManifest and resources.
+    # @param [String] lang language code like 'ja', 'cn', ...
+    # @return [String] application label string
+    # @return [nil] when label is not found
+    # @deprecated move to {Android::Manifest#label}
+    # @since 0.6.0
+    def label(lang=nil)
+      @manifest.label
+    end
+
+    # get screen layout xml datas
+    # @return [Hash{ String => Android::Layout }] key: laytout file path, value: layout object
+    # @since 0.6.0
+    def layouts
+      @layouts ||= Layout.collect_layouts(self) # lazy parse
+    end
+
+    # apk's signature information
+    # @return [Hash{ String => OpenSSL::PKCS7 } ] key: sign file path, value: signature
+    # @since 0.7.0
+    def signs
+      signs = {}
+      self.each_file do |path, data|
+        # find META-INF/xxx.{RSA|DSA}
+        next unless path =~ /^META-INF\// && data.unpack("CC") == [0x30, 0x82]
+        signs[path] = OpenSSL::PKCS7.new(data)
+      end
+      signs
+    end
+
+    # certificate info which is used for signing
+    # @return [Hash{String => OpenSSL::X509::Certificate }] key: sign file path, value: first certficate in the sign file
+    # @since 0.7.0
+    def certificates
+      return Hash[self.signs.map{|path, sign| [path, sign.certificates.first] }]
+    end
+  end
+end
+