dx Classdef的写入

本文详细介绍了Dex文件中ClassDefItem与ClassDataItem的结构及其写入过程。包括类定义、字段、方法等组成部分,并解释了如何将这些组件添加到Dex文件中。

 

com/android/dx/dex/file/ClassDefItem.java

 

170     public voidwriteTo(DexFile file, AnnotatedOutput out) {

171         boolean annotates= out.annotates();

172         TypeIdsSectiontypeIds = file.getTypeIds();

173         int classIdx =typeIds.indexOf(thisClass);

174         int superIdx =(superclass == null) ? -1 :

175            typeIds.indexOf(superclass);

176         int interOff =OffsettedItem.getAbsoluteOffsetOr0(interfaces);

177         int annoOff =annotationsDirectory.isEmpty() ? 0 :

178            annotationsDirectory.getAbsoluteOffset();

179         int sourceFileIdx= (sourceFile == null) ? -1 :

180            file.getStringIds().indexOf(sourceFile);

181        int dataOff= classData.isEmpty()? 0 : classData.getAbsoluteOffset();

 

 

 

 

 

wordData section 放method code

 

                      |[1dd]class data for com.example.testar.myclass

0001dd: 00            |  static_fields_size:   00000000

0001de: 00            |  instance_fields_size: 00000000

0001df: 01            |  direct_methods_size:  00000001

0001e0: 01            |  virtual_methods_size: 00000001

                      |  direct_methods:

                      |  [0]com.example.testar.myclass.<init>:()V

0001e1: 01            |    method_idx:   00000001

0001e2: 8180 04       |    access_flags: public|constructor

0001e5: 9402          |    code_off:     00000114

                      |  virtual_methods:

                      |  [0] com.example.testar.myclass.test1:()I

0001e7: 02            |    method_idx:   00000002

0001e8: 01            |    access_flags: public

0001e9: ac02          |    code_off:     0000012c

0001eb: 00            |

                      |

 

com/android/dx/dex/file/ClassDataItem.java

 

225     public void addContents(DexFile file) {

226         if (!staticFields.isEmpty()){

227            getStaticValuesConstant(); // Force the fields to be sorted.

228             for(EncodedField field : staticFields) {

229                field.addContents(file);

230             }

231         }

232

233         if (!instanceFields.isEmpty()){

234            Collections.sort(instanceFields);

235             for(EncodedField field : instanceFields) {

236                field.addContents(file);

237             }

238         }

239

240         if(!directMethods.isEmpty()) {

241            Collections.sort(directMethods);

242             for(EncodedMethod method : directMethods) {

243                 method.addContents(file);

244             }

245         }

246

247         if(!virtualMethods.isEmpty()) {

248             Collections.sort(virtualMethods);

249             for(EncodedMethod method : virtualMethods) {

250                 method.addContents(file);

251             }

252         }

253     } 

 

 

115     public void addContents(DexFile file) {

116         MethodIdsSectionmethodIds = file.getMethodIds();

117         MixedItemSectionwordData = file.getWordData();

118

119         methodIds.intern(method);

120

121         if (code != null){

122             wordData.add(code);

123         }

124     }

 

from androguard.misc import AnalyzeAPK from click import pause import os import sys import json # a,d,dx=AnalyzeAPK("C:/Users/Lenovo/Desktop/A/lszz_jx_202412251645_1_0.2.0001_hardening.apk") # permissions=a.get_permissions() # for permission in permissions: # print(permission) # pause() def extract_features(apk_path):# try: out = AnalyzeAPK(apk_path) a, d, dx = out # dx.show_Permissions() # 提取权限 permissions = a.get_permissions() # 提取活动 activities = a.get_activities() # 提取服务 services = a.get_services() # 提取接收器 receivers = a.get_receivers() # 提取提供者 providers = a.get_providers() # 判断 APK 是否有效 valid = a.is_valid_APK() # 获取 APK 文件名,只保留文件名称部分 filename = os.path.basename(a.get_filename()) # 获取 APP 名 appname = a.get_app_name() # 获取 package 名 package = a.get_package() # 获取 android 版本名 version = a.get_androidversion_code() # 获取 APK 文件列表 filelist = a.get_files() # 提取 API 调用信息 api_calls = set() for method in dx.get_methods(): for _, calls, _ in method.get_xref_to(): class_name = calls.class_name[1:] method_name = calls.name descriptor = calls.descriptor api_call = f"{class_name}->{method_name}{descriptor}" api_calls.add(api_call) features = { "File": filename, "Permissions": permissions, "Activities": activities, "Services": services, "Receivers": receivers, "Providers": providers, "Valid": valid, "Filename": filename, "Appname": appname, "Package": package, "Version": version, "Filelist": filelist, "API_calls": list(api_calls) } return features except Exception as e: print(f"Error processing {apk_path}: {e}") return None def main(): apk_folder = "C:\\Users\\Lenovo\\Desktop\\yinsi\\mfm" output_file = "C:\\Users\\Lenovo\\Desktop\\yinsi\\mfm\\yanwu812.txt" all_features = [] for root, dirs, files in os.walk(apk_folder): for file in files: if file.endswith(".apk"): apk_path = os.path.join(root, file) features = extract_features(apk_path) if features: all_features.append(features) with open(output_file, 'w', encoding='utf-8') as f: json.dump(all_features, f, indent=4) print("APK features have been saved to:", output_file) if __name__ == '__main__': main()
最新发布
08-14
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值