From ddaa034615edbb4dd2235743f91a001afe36157f Mon Sep 17 00:00:00 2001 From: Tim Strazzere Date: Sun, 12 Apr 2015 14:34:33 -0700 Subject: [PATCH 1/8] Fix running on OSX An improper import was causing this to fail on osx, and likely win64, used same structure as core/kernel.py to fix this. --- AnalysisCSN/CSN.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/AnalysisCSN/CSN.py b/AnalysisCSN/CSN.py index 369790f..a419ad2 100644 --- a/AnalysisCSN/CSN.py +++ b/AnalysisCSN/CSN.py @@ -3,7 +3,16 @@ import os from hashlib import md5, sha1, sha256 from base64 import b64encode -from core.chilkatCert.win32 import chilkat +from platform import system, architecture + +SYS = system() +if SYS == "Darwin": + from core.chilkatCert.mac import chilkat +if SYS == "Windows": + if architecture()[0] == "32bit": + from core.chilkatCert.win32 import chilkat + elif architecture()[0] == "64bit": + from core.chilkatCert.win64 import chilkat BLACK_LIST_CSN = [ ('936eacbe07f201df', 'Google测试证书(打包党)'), From 3ece924950c74c43c6f378fe0dcb7c567f04985b Mon Sep 17 00:00:00 2001 From: Tim Strazzere Date: Sun, 12 Apr 2015 14:47:20 -0700 Subject: [PATCH 2/8] Translate README and fix markdown --- README.md | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index e3a857c..745d540 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,29 @@ -# ApkDetecter +ApkDetecter +=========== + android apk查壳工具源代码 -主要功能: -1、检测DEX文件是否加固及加固厂商 -2、检测APK的基本信息: - APKMD5值,APK包名,APK版本,签名信息等 -3、DEX文件的字节信息 +主要功能 : +---------- +1. 检测DEX文件是否加固及加固厂商 +2. 检测APK的基本信息: + 1. APKMD5值 + 2. APK包名 + 3. APK版本 + 4. 签名信息等 +3. DEX文件的字节信息 + +Translation +----------- + +Tool for providing Android APK protector detection with UI + +Main Features: +-------------- +1. Detect DEX file protectors, obfuscators +2. Detect APK basic information + 1. APK MD5 + 2. APK Package name + 3. APK version + 4. Signature informaton +3. Detailed information about the DEX file bytes \ No newline at end of file From 0659baf8a990f60cd107eaf9310e324f098e4713 Mon Sep 17 00:00:00 2001 From: Tim Strazzere Date: Sun, 12 Apr 2015 15:03:39 -0700 Subject: [PATCH 3/8] Fix temporary directory creation. Remove hardcoded directory which would fail on many machines (especially osx/*nix) and switch to making a temporary directory programmatically. --- ApkDetecter.py | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/ApkDetecter.py b/ApkDetecter.py index 6344c02..834bf79 100644 --- a/ApkDetecter.py +++ b/ApkDetecter.py @@ -27,8 +27,7 @@ def __init__(self, parent = None): self._want_to_close = True self.dexheader = {} self.loadfile_path = "" - #self.unpackDir = tempfile.mktemp() - self.unpackDir = ur"d:\APK" + self.unpackDir = tempfile.mkdtemp() self.ui = Ui_APKDetecter() self.ui.setupUi(self) @@ -166,12 +165,11 @@ def GetFileMd5(self, path): file.close() return strMd5 except: + # TODO: "Sorry, error calculating MD5!" return u"Sorry,计算出错!" - - def apkinfo_dialog(self): self.apkinfo = MyApkInfoForm() self.Init_Apkinfo_text() @@ -272,4 +270,4 @@ def extendinfo_dialog(self): app = QtGui.QApplication(sys.argv) myapp = ApkDetecterForm() myapp.show() - sys.exit(app.exec_()) \ No newline at end of file + sys.exit(app.exec_()) From 95c134270055a31a26ee76466908c3f17b50bdd6 Mon Sep 17 00:00:00 2001 From: Tim Strazzere Date: Sun, 12 Apr 2015 15:32:43 -0700 Subject: [PATCH 4/8] Fix dexdump and 7zip calls for other systems Attempt to programmatically find 7zip and dexdump if the system is not Windows. Likely could make the need for calling either of these obsolete, however this is a short term fix to just allow it to run on osx. --- ApkDetecter.py | 19 +++++++++++++++---- UnzipAPK.py | 14 +++++++++++--- 2 files changed, 26 insertions(+), 7 deletions(-) diff --git a/ApkDetecter.py b/ApkDetecter.py index 834bf79..874792a 100644 --- a/ApkDetecter.py +++ b/ApkDetecter.py @@ -8,6 +8,7 @@ import hashlib import thread import shutil +import subprocess from PyQt4 import QtCore, QtGui from AnalysisXML.AXML import AXML from DexInfo import DexInfoForm @@ -16,7 +17,7 @@ from CheckProtect import CheckProtect from AnalysisCSN.CSN import CSN from GUI.apkdetecter_ui import Ui_APKDetecter - +from platform import system @@ -52,11 +53,21 @@ def probar_thread(self, no, interval): def unzip(self, apkpath): apkpath = unicode(apkpath, "utf8") - cmd = "tool\\7z.exe x %s -y -o%s *.dex AndroidManifest.xml lib META-INF assets" - print cmd % (apkpath, self.unpackDir) + + path7zip = "" + # This all should likely just become python code, however + # in the mean time, attempt to find 7zip via a `which` command + # on non-Windows environments + if system() == "Windows": + path7zip = "tool\\7z.exe" + else: + path7zip = subprocess.check_output(["which","7za"]).rstrip() + + cmd = "%s x %s -y -o%s *.dex AndroidManifest.xml lib META-INF assets" + print cmd % (path7zip, apkpath, self.unpackDir) self.ui.progressBar.setMaximum(29) thread.start_new_thread(self.probar_thread, (3, 30)) - os.system(cmd % (apkpath, self.unpackDir)) + os.system(cmd % (path7zip, apkpath, self.unpackDir)) def Init_Main_text(self): diff --git a/UnzipAPK.py b/UnzipAPK.py index dfb88b8..0502494 100644 --- a/UnzipAPK.py +++ b/UnzipAPK.py @@ -3,6 +3,8 @@ import os import struct import tempfile +import subprocess +from platform import system class UnzipAPK(): @@ -83,10 +85,16 @@ def unpackxml(self): def dexdump(self): - cmd = 'tool\\dexdump.exe -d %s > %s' + pathdexdump = "" + if system() == "Windows": + pathdexdump = "tool\\dexdump.exe" + else: + pathdexdump = subprocess.check_output(["which","dexdump"]).rstrip() + + cmd = '%s -d %s > %s' dexpath = os.path.join(self.unpackDir, "classes.dex") if os.path.exists(dexpath): - os.system(cmd % (dexpath, self.unpackDir + os.path.sep +"classes.txt")) + os.system(cmd % (pathdexdump, dexpath, self.unpackDir + os.path.sep +"classes.txt")) def getallname(self): @@ -104,4 +112,4 @@ def getallname(self): # if __name__ == "__main__": # apkPath = r"D:\original.apk" -# obj = UnzipAPK(apkPath) \ No newline at end of file +# obj = UnzipAPK(apkPath) From 162ece7dd9501e501d27a8003dd08774b1f3d1a3 Mon Sep 17 00:00:00 2001 From: Tim Strazzere Date: Sun, 12 Apr 2015 16:15:23 -0700 Subject: [PATCH 5/8] Add UI clean up. Fix issue where sub windows would survive the main application window being exited. --- ApkDetecter.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/ApkDetecter.py b/ApkDetecter.py index 874792a..c6142b9 100644 --- a/ApkDetecter.py +++ b/ApkDetecter.py @@ -37,9 +37,19 @@ def __init__(self, parent = None): self.ui.apk_info.clicked.connect(self.apkinfo_dialog) self.ui.extend_info.clicked.connect(self.extendinfo_dialog) + self.apkinfo = None + self.dexinfo = None + def closeEvent(self, evnt): if self._want_to_close: super(ApkDetecterForm, self).closeEvent(evnt) + + # Clean up UI if present + if self.apkinfo and self.apkinfo.isVisible(): + self.apkinfo.close() + if self.dexinfo and self.dexinfo.isVisible(): + self.dexinfo.close() + self.clearfiles(self.unpackDir) print "Andy" @@ -241,10 +251,9 @@ def apkinfo_dialog(self): self.apkinfo.ui.edt_version_num.setText(axml_analysis.get_androidversion_code()) self.apkinfo.ui.edt_version_need.setText(axml_analysis.getMinSdkVersion()) - - self.apkinfo.show() + def extendinfo_dialog(self): self.dexinfo = DexInfoForm() self.Init_DexInfo_text() From 62ff78abd091d726308f664127053e577f7b3de7 Mon Sep 17 00:00:00 2001 From: Tim Strazzere Date: Sun, 12 Apr 2015 17:57:10 -0700 Subject: [PATCH 6/8] Provide localization support on UI Add locationization support and English translations for UI elements. --- .gitignore | 3 + ApkDetecter.py | 17 +++ GUI/dexinfor_ui.py | 4 +- GUI/dexinfor_ui.ui | 4 +- i18n/en.qm | Bin 0 -> 3694 bytes i18n/en.ts | 263 +++++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 287 insertions(+), 4 deletions(-) create mode 100644 .gitignore create mode 100644 i18n/en.qm create mode 100644 i18n/en.ts diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1fa8dbf --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.pyc +*~ +#*# \ No newline at end of file diff --git a/ApkDetecter.py b/ApkDetecter.py index c6142b9..c470af6 100644 --- a/ApkDetecter.py +++ b/ApkDetecter.py @@ -287,7 +287,24 @@ def extendinfo_dialog(self): if __name__ == "__main__": + # Attempt to detect user Locale + locale = QtCore.QSettings().value("locale/userLocale").toString() + if not locale: + locale = 'en' + else: + locale = locale[0:2] + localePath = os.path.join(os.path.dirname(__file__), 'i18n/', + '{}.qm'.format(locale)) + app = QtGui.QApplication(sys.argv) + + if os.path.exists(localePath): + translator = QtCore.QTranslator() + if translator.load(localePath): + app.installTranslator(translator) + else: + print 'Failed to load translator - defaulting to zh!' + myapp = ApkDetecterForm() myapp.show() sys.exit(app.exec_()) diff --git a/GUI/dexinfor_ui.py b/GUI/dexinfor_ui.py index 7f3a20f..511013b 100644 --- a/GUI/dexinfor_ui.py +++ b/GUI/dexinfor_ui.py @@ -44,7 +44,7 @@ def setupUi(self, DexInfo): self.groupBox.setFont(font) self.groupBox.setObjectName(_fromUtf8("groupBox")) self.lab_magic = QtGui.QLabel(self.groupBox) - self.lab_magic.setGeometry(QtCore.QRect(6, 20, 81, 16)) + self.lab_magic.setGeometry(QtCore.QRect(6, 20, 98, 16)) font = QtGui.QFont() font.setBold(True) font.setWeight(75) @@ -72,7 +72,7 @@ def setupUi(self, DexInfo): self.lab_header_size.setFont(font) self.lab_header_size.setObjectName(_fromUtf8("lab_header_size")) self.lab_endian_tag = QtGui.QLabel(self.groupBox) - self.lab_endian_tag.setGeometry(QtCore.QRect(6, 144, 71, 16)) + self.lab_endian_tag.setGeometry(QtCore.QRect(6, 144, 74, 16)) font = QtGui.QFont() font.setBold(True) font.setWeight(75) diff --git a/GUI/dexinfor_ui.ui b/GUI/dexinfor_ui.ui index b2cea4b..a44fcd7 100644 --- a/GUI/dexinfor_ui.ui +++ b/GUI/dexinfor_ui.ui @@ -60,7 +60,7 @@ 6 20 - 81 + 98 16 @@ -136,7 +136,7 @@ 6 144 - 71 + 74 16 diff --git a/i18n/en.qm b/i18n/en.qm new file mode 100644 index 0000000000000000000000000000000000000000..89aef203a556ed99ede71a96fb1f3892b8b8e3b4 GIT binary patch literal 3694 zcmb7GZAe>J7=9Bqi7^@pRb-8F`vHTE4gFCN)-r9=_0v^mX}d9sQKJohWl8M1F@~14 zR;x`*u|jG6fL6EBXk0sIb=Gz3uR__^uWc0Ck$V$=jL8^dFh=*Bo8;yu_arhUxgPI% zp7-l{-*dJvw3I#k{o2T*P4<<>$>qm8iF6l9_hTcG$w;NkN3rgt>c|XH&SBc+tRgb6 z(4H#~h^Uqt&DV(xf7AUp&tg5T+y7S$k+DjzKh{l@_l^FIXCdH&`nPwS#J+d+9$yc5 z9_s(`ennIe$|3JTYV&5{13cHv+mHW?XRrAY+ixKA&s!^zhuMP4#v0haWHCM!VCPRu zdCMB?m@F>@;E(C3MXV1Y?gy6N#3sT|Vd0KOyx&t;{vqt^9v43Kd4TII{53cV{+yzB zdKcl}TUOI$_+#m{nnuRq*H6|>C9mK)XuUtn`25z@HRM%a?#8C&91xcx=k;`e9ONQD zKF#vC*Tjq(@F}RRKj3irUCn-%*O<1}F#-cS&}2rK^W_jwb6he+vsKR9D+t#$%l1P zUe@T!m~`Q$H1oOG7l=$RahC$VaqRL#hqIi!8R0kz(QwnB4Z`3)qG4l!W$}M4! zYdpK!isE|rb~^p;?k){Wk)ql(tB@JbsttYIgI4T77JYPriB$2lKnz?GqLV{HwD*k0 zP%)Iu6wOrGfs}7iVEHjEih(aQAl8VoG?K!~&{dXL<&!c?$yE`&c4F$ZvsO?EEshe0 z&WIO>HP-)^($ef5k%RTY`;^{~44e}LLArK}V=M)dnjye|;bq8z3FpIaPiiG1!FvL$ zMtE^iW2p!NV=cgDi-Qg*b+ANkFGZHdqf>p-+-VIeTQaN=OM2%S9j;Ss(8^j(s4T8k z#bjcWY)uWY$7Q*WxZ@DDxYaCWh?EuFjnWJBI+D~0>841w&e`T}##oO}^@KyR*BfNG z2TjyNkzt7l9xP}Dv%p??l3jCWnruUMda30c;T~{hmorvDgWW|ZqC5Vlfg!X zDaM_(CfSc>E2v^eGZW;DwgjarRq%YV#q`K3kx`PHA!>FBI{{g!tB{?KWlTA`QY60K zeZ`s>40l#XR>Z|Ajjn_=owmq2<+)QLUAZgW9$8Oi6&WH-@1rs`9ds63^7K$lyX2#e z9UyGfb}CJrFHKCYemWGH=+ngY94=n($rq_C-4~f#Qd&8@5R5H(E>v*XxH(cYW>di~ zbfFW`u%W=Ng9X! Zds;@(+f*Fs&RCOpt-{aY)}`0!{sU@zwK@O* literal 0 HcmV?d00001 diff --git a/i18n/en.ts b/i18n/en.ts new file mode 100644 index 0000000..09f3b88 --- /dev/null +++ b/i18n/en.ts @@ -0,0 +1,263 @@ + + + + + APKDetecter + + + APKDetecter + APKDetecter + + + + 文 件 + File + + + + 打 开 + Open + + + + DEX信息 + Dex Information + + + + 连接段大小 + Link Seg. Size + + + + DEX 标 识 + Dex Flags + + + + DEX头大小 + Header Size + + + + 连接段偏移 + Link Seg. Offset + + + + 文件大小 + File Size + + + + 字节序列 + Endian Tag + + + + 扩展信息 + Extra Info + + + + About + About + + + + ApkInfo + Apk Info + + + + ApkInfo + + + ApkInformation + ApkInformation + + + + 文件信息 + File Information + + + + 文件大小 + File Size + + + + 文件包名 + Package + + + + 版 本 + Version + + + + 版本号 + Version # + + + + 系统要求 + Min SDK + + + + 序列号 + Serial # + + + + 发 行 者 + Publisher + + + + 签 发 人 + Issuer + + + + APKMD5 + APK MD5 + + + + DEXMD5 + Dex MD5 + + + + DexInfo + + + DexInformation + DexInformation + + + + DexInfo + DexInfo + + + + Magic标识 + Magic Number + + + + 校验码 + Checksum + + + + DEX文件大小 + File Size + + + + 文件头长度 + Header Size + + + + 字节序标记 + Endian Tag + + + + 链接段大小 + Link Size + + + + 链接段基地址 + Link Offset + + + + Map数据基地址 + Map Offset + + + + 字符串列表的字符串数 + String IDs Size + + + + 字符串列表表基地址 + String IDs Offset + + + + 字段列表里字段数 + Field IDs Size + + + + 原型列表里原型数 + Proto IDs Size + + + + 方法列表里方法数 + Method IDs Size + + + + 字段列表基地址 + Data Size + + + + 方法列表基地址 + Proto Ids Offset + + + + 数据段的大小 + Method IDs Offset + + + + 原型列表基地址 + Data Size + + + + 类型列表基地址 + Type IDs Offset + + + + 类定义类表中类的数 + Class Defs Size + + + + 类定义列表基地址 + Class Defs Offset + + + + 类型列表中类型数 + Type IDs Size + + + + 数据段基地址 + Data Offset + + + + SHA-1签名 + File SHA1 + + + From 4de53ae167eae71e9a99cd8535aa672691edf26b Mon Sep 17 00:00:00 2001 From: Tim Strazzere Date: Sun, 12 Apr 2015 18:33:40 -0700 Subject: [PATCH 7/8] Localize Protector Dictionary Add localization support and add translations --- CheckProtect.py | 37 ++++++++++++++++------- i18n/en.qm | Bin 3694 -> 5479 bytes i18n/en.ts | 78 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 105 insertions(+), 10 deletions(-) diff --git a/CheckProtect.py b/CheckProtect.py index a745b2c..a7438b4 100644 --- a/CheckProtect.py +++ b/CheckProtect.py @@ -4,17 +4,34 @@ import os from UnzipAPK import UnzipAPK from AnalysisXML.AXML import AXML +from PyQt4 import QtGui +try: + _encoding = QtGui.QApplication.UnicodeUTF8 + def _translate(context, text, disambig): + return QtGui.QApplication.translate(context, text, disambig, _encoding) +except AttributeError: + def _translate(context, text, disambig): + return QtGui.QApplication.translate(context, text, disambig) + + class CheckProtect(): def __init__(self, apkPath): #self.apkPath = r"D:\original.apk" self.apkPath = apkPath self.protectflag = "" - self.protectflag_dict = {"libsecexe.so": u"该APK已加固=>梆梆加固", "libAPKProtect.so": u"该APK已加固=>APKProtect加固", - "libprotectClass.so": u"该APK已加固=>360加固", "libNSaferOnly.so": u"该APK已加固=>通付盾加固", - "libnqshield.so": u"该APK已加固=>网秦加固", "libshell.so": u"该APK已加固=>腾讯加固", - "ijiami.dat": u"该APK已加固=>爱加密加固", "libddog.so": u"该APK已加固=>娜迦加固", - "libmobisec.so": u"该APK已加固=>阿里加固", "libbaiduprotect.so": u"该APK已加固=>百度加固"} + self.protectflag_dict = { + "libsecexe.so": _translate("ProtectDictionary", "该APK已加固=>梆梆加固", None), + "libAPKProtect.so": _translate("ProtectDictionary", "该APK已加固=>梆梆加固(APKProtect)", None), + "libprotectClass.so": _translate("ProtectDictionary", "该APK已加固=>360加固", None), + "libNSaferOnly.so": _translate("ProtectDictionary", "该APK已加固=>通付盾加固", None), + "libnqshield.so": _translate("ProtectDictionary", "该APK已加固=>网秦加固", None), + "libshell.so": _translate("ProtectDictionary", "该APK已加固=>腾讯加固", None), + "ijiami.dat": _translate("ProtectDictionary", "该APK已加固=>腾讯加固(Ijiami)", None), + "libddog.so": _translate("ProtectDictionary", "该APK已加固=>娜迦加固", None), + "libmobisec.so": _translate("ProtectDictionary", "该APK已加固=>阿里加固", None), + "libbaiduprotect.so": _translate("ProtectDictionary", "该APK已加固=>百度加固", None) + } def getactivity(self, path): axml_analysis = AXML(path + os.path.sep +"AndroidManifest.xml") @@ -61,8 +78,8 @@ def check_protectflag(self): self.protectflag = self.protectflag + self.protectflag_dict[key] if file_name.has_key("key.dat") and all_dir_name.has_key("apkprotect.com"): - if self.protectflag == "" or (u"APKProtect加固" not in self.protectflag): - self.protectflag = self.protectflag + u"APKProtect加固" + if self.protectflag == "" or (_translate("ProtectDictionary", "APKProtect加固", None) not in self.protectflag): + self.protectflag = self.protectflag + _translate("ProtectDictionary", "APKProtect加固", None) if self.protectflag != "": return self.protectflag @@ -76,10 +93,10 @@ def check_protectflag(self): self.flag = 1 if self.protectflag == "" and self.flag == 1: - self.protectflag = u"疑似未知加密" + self.protectflag = _translate("ProtectDictionary", "疑似未知加密", None) if self.protectflag == "": - self.protectflag = u"该APK未加密" + self.protectflag = _translate("ProtectDictionary", "该APK未加密", None) return self.protectflag @@ -87,4 +104,4 @@ def check_protectflag(self): if __name__ == "__main__": obj = CheckProtect() - obj.check_protectflag() \ No newline at end of file + obj.check_protectflag() diff --git a/i18n/en.qm b/i18n/en.qm index 89aef203a556ed99ede71a96fb1f3892b8b8e3b4..e39f68b35aab5c1e9d101614ecd8dd2409f4a3d7 100644 GIT binary patch delta 1905 zcma)7O-K}B7=9*qZQayeEia+8Lc(s48G?xDqT)q`Wy98@L$R%*qw9>VW9Fg8f;JHk zEkgN6g`kCpggOM~DqTC(#Y0{s+#iiPcq$?2{bsk>&CQ)T%r`slH~T$5-}8R+qcnEz z@hR?SsHD-veRyyiDE=1m)LzXQe`*G-`-b!V*QhpV=;nrjoU?|B&+I;HnEBcU6l@u5 z?{@-uTgJBiPr!+0V`upnAU|x}F0<0T-WZQP19C6sR?GBW!HrP3%4(XP`~?)<%G)@o z0}4H%@8xG4ldA;hHP>JN4H(AEouzv;wP}`SJ_45QsS>W&RCw;$4WBZ0!3H}9lQn^AJiPR_AEPuQLP-7^p}K@# zs@Nu<5VqjCn_zxPvS+v z8yMvn#TFu$pmvyshXDHN5-~!f?T`qOB-!A>5K-t-p^IZrLOW|~(fMUL_I#0nuLQGz z*CqX7YK9aDFDdM2OVU#VoHRC*a-N=t|CtY{kf-A-izGPm?oC2#gR{D(Dl#E!=yvLW zzDz^}BE&}N2>7xL_{gjI_{Nf~>AW5WOuT>|;@~G17tleY4=x%-)qqR}(S=}CUI=P3 z&}0Aq0!(|aqB}D5GxUXEQoo&LF%djRmLM=M25IB71)+&N;FU&T&A{^bH!LYODKC=v z4bIridSrD;(+ii5JTSx|HK?prJE%E%+6})F*mOoR^_J3&DM|?r#3&q!z0_t@uY(aw zf`nVdA<>~JN3!6@AFjt=uV^|_sRO^2jv#h)4S-h@QK2M4PVdNcM0;x=?;YT?rJ+#= z@+HFUrL##yHEK|mkq6Sx&O%#8Ja@-tcivCO=GHY0sMSHkMdEwt%7~+U#OCi#Z|pvr t)Woi&CKr`e)4v=%)dVGgEy~8L-xJk*OG0mSzG9hS9C`YVlQ+jW?holb4#NNd delta 105 zcmaE^^-gAj2;+o_q7D;dEeu#v8A}-$m{nN1E`sP;tQL)73=EvNS-n18U|`^OVtpVh zz`(#`!}{X+JO&0f!-;PVChIaPvfIS{Wnf@wn4HU)G5Ic|25Tlz(caBMOnZ6QI~W)k Hm>3xWL#G^T diff --git a/i18n/en.ts b/i18n/en.ts index 09f3b88..9271509 100644 --- a/i18n/en.ts +++ b/i18n/en.ts @@ -260,4 +260,82 @@ File SHA1 + + ProtectDictionary + + + 该APK已加固=>梆梆加固 + APK is Packed => Bangcle/SecNeo + + + + 该APK已加固=>通付盾加固 + APK is Packed => Qihoo360 Packer + + + + 该APK已加固=>网秦加固 + APK is Packed => Pass Pay Shield Packer + + + + 该APK已加固=>腾讯加固 + APK is Packed => Netqin Packer + + + + 该APK已加固=>娜迦加固 + APK is Packed => Tencent Packer + + + + 该APK已加固=>阿里加固 + APK is Packed => Naga Packer + + + + 该APK已加固=>百度加固 + Apk is Packed => Alibaba Packer + + + + 该APK已加固=>梆梆加固(2) + APK is Packed => APKProtector + + + + 该APK已加固=>360加固 + APK is Packed => Baidu Packer + + + + 该APK已加固=>梆梆加固(APKProtect) + APK is Packed => APKProtector + + + + 该APK已加固=>腾讯加固(Ijimai) + APK is Packed => Ijiami + + + + 该APK已加固=>腾讯加固(Ijiami) + APK is Packed => Ijiami + + + + APKProtect加固 + APKProtected (potentially only with bad code injected) + + + + 疑似未知加密 + Potentially Unknown Protector Used + + + + 该APK未加密 + No Protections Detected + + From 5866413c033f071fe63ac891ec1019aa3162d3a6 Mon Sep 17 00:00:00 2001 From: Tim Strazzere Date: Sat, 18 Apr 2015 20:14:46 -0700 Subject: [PATCH 8/8] Add LIAPP and Medusa detections/translations. --- CheckProtect.py | 4 +++- i18n/en.qm | Bin 5479 -> 5706 bytes i18n/en.ts | 16 +++++++++++++--- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/CheckProtect.py b/CheckProtect.py index a7438b4..1ca1556 100644 --- a/CheckProtect.py +++ b/CheckProtect.py @@ -30,7 +30,9 @@ def __init__(self, apkPath): "ijiami.dat": _translate("ProtectDictionary", "该APK已加固=>腾讯加固(Ijiami)", None), "libddog.so": _translate("ProtectDictionary", "该APK已加固=>娜迦加固", None), "libmobisec.so": _translate("ProtectDictionary", "该APK已加固=>阿里加固", None), - "libbaiduprotect.so": _translate("ProtectDictionary", "该APK已加固=>百度加固", None) + "libbaiduprotect.so": _translate("ProtectDictionary", "该APK已加固=>百度加固", None), + "libmd.so": _translate("ProtectDictionary", "该APK已加固=>Medusa", None), + "LIAPPClient.sc": _translate("ProtectDictionary", "该APK已加固=>LIAPP", None) } def getactivity(self, path): diff --git a/i18n/en.qm b/i18n/en.qm index e39f68b35aab5c1e9d101614ecd8dd2409f4a3d7..b7c69fe5f29d7657fbfd6d984ca143c47ec06c79 100644 GIT binary patch delta 269 zcmaE^bxKFnW=D#|srPfHo>i3DpRjQ6T_*+xCXR`sZcM`aCdS%n2_9w9&5mMV5O!us zWh`Z2U{+!2x(K3YvCMqr#lXOOn`MEdBLf59-idqDxP)9d_y4kDVBpu7tjnk-C1}EB z6Ze;afu(^fOy(6(cqLcK%u@^u0-Go2G6u4H<}d&?hECqgD90qUck*3EJ$3=DOa=xK z#mz!Yk$j9glNm*nHGLR785|h`7y>wesu|dTSnS36rH%pKPq%M++O^>6>|M5YKAw&N t0h2EZNKbATR?+cgNM%T2C}k*SNQCPV$I#=Ono?Sv2-IZ1xnJN03jnu;QFQmPx0ut+yT|OcZ@&qkwS^xkN za0F!mbpQYZBm|1lbpQYZngp5RN&o;2+mXd)3K4M$zxp}=01j1?H323X5Mc^DUi|<7 z1b_-w9O?i74%P~EnaThF58#t^0a26A0UZJn>XYpOE(Z@+X#fBdPO~BcSq_uW5hSy6 G5!eKG*D&+| diff --git a/i18n/en.ts b/i18n/en.ts index 9271509..b146618 100644 --- a/i18n/en.ts +++ b/i18n/en.ts @@ -323,19 +323,29 @@ APK is Packed => Ijiami - + APKProtect加固 APKProtected (potentially only with bad code injected) - + 疑似未知加密 Potentially Unknown Protector Used - + 该APK未加密 No Protections Detected + + + 该APK已加固=>Medusa + APK is Packed => Medusa + + + + 该APK已加固=>LIAPP + APK is Packed => LIAPP +