Utils class¶

JKS class¶

class glorifiedgrep.android.modules.utils.JKS(jks_file: str, jks_password: str)¶

Process and get various information from jks files

Parameters:	str (jks_password) – File path to jks file str – password to the jks file

>>> from glorifiedgrep.android.modules.utils import JKS
>>> j = JKS('/path/to/file', 'secretpassword')

__init__(jks_file: str, jks_password: str)¶

The init function of the JKS class

Parameters:	jks_file (str) – The path to the .jks file jks_password (str) – The password for the jks file

jks_certificate() → list¶

Get the certificate from the jks file

Returns:	jks certificates
Return type:	list

Examples

>>> j.jks_certificate()

jks_key_alias() → list¶

Get the keystore alias from jks file

Returns:	jks keystore aliases
Return type:	list

Examples

>>> j.jks_key_alias()

jks_private_key() → list¶

Get the private key from jks files

Returns:	jks private keys if password is correct
Return type:	list

Examples

>>> j.jks_private_key()

BKS class¶

class glorifiedgrep.android.modules.utils.BKS(bks_file, bks_password)¶

Process and get various information from bks files

Parameters:	str (bks_password) – File path to bks file str – password to the bks file

>>> from glorifiedgrep.android.modules.utils import BKS
>>> b = BKS('/path/to/file', 'secretpassword')

__init__(bks_file, bks_password)¶: Initialize self. See help(type(self)) for accurate signature.

bks_certificate() → list¶

Prints the certificate from the bks file

Returns:	bks certificates
Return type:	list

Examples

>>> b.bks_certificate()

bks_keystore_alias() → list¶

Prints the keystore alias of the bks file

Returns:	bks keystore aliases
Return type:	list

Examples

>>> b.bks_keystore_alias()

bks_keystore_type() → list¶

Prints the keystore type of the bks file

Returns:	bks keystore type
Return type:	list

Examples

>>> b.bks_keystore_type()

NativeELFAnalysis class¶

class glorifiedgrep.android.modules.utils.NativeELFAnalysis(elf_path: str)¶

Class is used to handle the processing and analysis of native libraries included in the APK. It relies of lief to handle the processing. To install lief for py 3.7, follow instructions at https://github.com/lief-project/LIEF/issues/214

Parameters:	str (elf_path) – path to the lib file

>>> from glorifiedgrep.android.modules.utils import NativeELFAnalysis
>>> n = NativeELFAnalysis('/path/to/file.so')

__init__(elf_path: str)¶: Initialize self. See help(type(self)) for accurate signature.

elf_exported_symbols() → list¶

Returns a list of exported symbols from the binary

Returns:	Array of exports from the binary
Return type:	list

Examples

>>> n.elf_exported_symbols()

elf_header_info() → lief._pylief.ELF.Header¶

Returns a lief header object with information obtained from the binaries header

Returns:	_pylief.ELF.Header – Header object object
Return type:	object

Examples

>>> n.elf_header_info()

elf_imported_symbols() → list¶

Returns a list of imported symbols from the binary

Returns:	list of imports from the binary
Return type:	list

Examples

>>> n.elf_imported_symbols()

elf_libraries_binary() → list¶

Returns a list of libraries the binary is linked with

Returns:	Liked libraries
Return type:	list

Examples

>>> n.elf_libraries_binary()

elf_strings_from_binary() → list¶

Returns a list of strings from the binary

Returns:	Array of strings from the binary
Return type:	list

Examples

>>> n.elf_strings_from_binary()

NativeDEXAnalysis class¶

class glorifiedgrep.android.modules.utils.NativeDEXAnalysis(dex_path: str)¶

Class is used to handle the processing and analysis of dex files obtained from unzipping an APK. It relies of lief to handle the processing. To install lief for py 3.7, follow instructions at https://github.com/lief-project/LIEF/issues/214

Parameters:	str (dex_path) – path to the lib file

>>> from glorifiedgrep.android.modules.utils import NativeELFAnalysis
>>> n = NativeDEXAnalysis('/path/to/classes.dex')

__init__(dex_path: str)¶

This class analyzes native dex files that are not decompiled

Parameters:	dex_path (str) – Path to dex file

dex_classes() → Iterable[dict]¶

Parse the dex file and returns a list of class names and other information

Returns:	Returns a generator of dictionaries containing the name, full_name, package_name source_file, and method keys
Return type:	Iteratable

Examples

>>> n.dex_dex_classes()

dex_info() → Iterable[lief._pylief.DEX.File.classes]¶

Parse the dex file and returns a lief dex file object

Returns:	Returns a generator of containing the class names and their associated methods
Return type:	Iteratable

Examples

>>> n.dex_dex_info()

dex_methods() → Iterable[dict]¶

Parse the dex file and returns a dictionary of method information

Returns:	Returns a generator of dictionaries containing the name, class, parameters and return_type keys
Return type:	Iteratable

Examples

>>> n.dex_dex_methods()

dex_parse() → lief._pylief.DEX.File¶

Parse the dex file and returns a lief dex file object

Returns:	GreppedOut object
Return type:	GreppedOut

Examples

>>> n.dex_parse()

dex_strings() → Iterable[list]¶

Parse the dex file and returns a generator of string values

Returns:	Returns a generator of strings
Return type:	Iteratable

Examples

>>> n.dex_dex_strings()

SQL class¶

class glorifiedgrep.android.modules.utils.SQL(db_path: str)¶

Class is used to process, and extract various information from sqlite3 db files. It uses python sqlite3 standard library.

Parameters:	str (db_path) – path to the db file

>>> from glorifiedgrep.android.modules.utils import SQL
>>> s = SQL('/path/to/sql_db')

__init__(db_path: str)¶

The init method for the SQL class

Parameters:	db_path (str) – Path to a valid sqlite3 database file

sqldb_dump_database() → list¶

Dumps a list of all sql commands. Similar to sqlite3 file.db .dump

Returns:	An array of all dumped data
Return type:	list

Examples

>>> s.sqldb_dump_database()

sqldb_table_column_names(table_name: str) → list¶

Get all the column names for the specified table.

Parameters:	table_name (str) – An existing table name
Returns:	A list of column names from the specified table
Return type:	list

Examples

>>> s.sqldb_table_column_names()

sqldb_table_data(table_name: str) → list¶

Get all the data from the specified table.

Parameters:	table_name (str) – An existing table name
Returns:	Dumps an arry of table data
Return type:	list

Examples

>>> s.sqldb_table_data()

sqldb_tables() → list¶

Get all the table names from the db file

Returns:	A list of table names
Return type:	list

Examples

>>> s.sqldb_tables()

Utils class¶

class glorifiedgrep.android.modules.utils.Utils¶

General class for helpful utilities while working with unzipped or decompiled files

>>> from glorifiedgrep.android.modules.utils import Utils
>>> u = Utils()

__init__()¶

The init method for the whole GlorifiedAndroid module. This is interted throughout

Parameters:

apk_path (str) – Path to the APK
output_dir (str) – Output dir for decompilation and unzipping, defaults to /tmp/glorified_android
project_dir (str) – Project directory used for already decompiled and processed apks, defaults to None
rg_path (str) – path to ripgrep. Defaults to looking for it in path
jadx_path (str) – path to jadx. Defaults to looking for it in path
clean_dir (bool) – delete the output directory before processing

Raises:

NotValidPythonVersion – Raises if python version 3 is not used
DifferentAPKExists – Raises if decompiled APK is different than what is already decompiled
DependentBinaryMissing – Raises if ripgrep, or jadx is not found

>>> # The default output directory is temp/GlorifiedAndroid folder. This can be
>>> # overriden using output_dir='some/path'
>>> a = GlorifiedAndroid('/path/to/apk', output_dir='/out/dir')

Typically, the prefix for the file path is removed when processing filepaths in the various code analysis classes. This can be adjusted using

>>> a.remove_dir_prefix = ''

If ripgrep or jadx is not in path, analysis will not be complete. To pass a user defined path for either jadx or rg, the GlorifiedAndroid class can be instantiated as follows.

>>> a = GlorifiedAndroid('/path/to/apk', jadx_path='path/to/jadx', rg_path='/path/to/rg')

jks_password_bruteforce(jks_file: str, word_list: str) → str¶

Bruteforce the password for a JKS keystore

Parameters:	jks_file (str) – Path to JKS keystore word_list (str) – Path to wordlist
Returns:	Valid password if found. Else False
Return type:	str

utils_xml_to_dict(file_path: str) → dict¶

Parse xml file and return as a dict object

Parameters:	file_path (str) – Path to a valid XML file
Returns:	A dictionary object representing the xml file
Return type:	list

Examples

>>> u.utils_xml_to_dict('/path/to/file.xml)

Utils class¶

JKS class¶

BKS class¶

NativeELFAnalysis class¶

NativeDEXAnalysis class¶

SQL class¶

Utils class¶

glorifiedgrep

Navigation

Related Topics