Utils class¶
JKS class¶
-
class
glorifiedgrep.android.modules.utils.
JKS
(jks_file: str, jks_password: str)¶ Process and get various information from jks files
Parameters: - str (jks_password) – File path to jks file
- str – password to the jks file
>>> from glorifiedgrep.android.modules.utils import JKS >>> j = JKS('/path/to/file', 'secretpassword')
-
__init__
(jks_file: str, jks_password: str)¶ The init function of the JKS class
Parameters: - jks_file (str) – The path to the .jks file
- jks_password (str) – The password for the jks file
-
jks_certificate
() → list¶ Get the certificate from the jks file
Returns: jks certificates Return type: list Examples
>>> j.jks_certificate()
-
jks_key_alias
() → list¶ Get the keystore alias from jks file
Returns: jks keystore aliases Return type: list Examples
>>> j.jks_key_alias()
-
jks_private_key
() → list¶ Get the private key from jks files
Returns: jks private keys if password is correct Return type: list Examples
>>> j.jks_private_key()
BKS class¶
-
class
glorifiedgrep.android.modules.utils.
BKS
(bks_file, bks_password)¶ Process and get various information from bks files
Parameters: - str (bks_password) – File path to bks file
- str – password to the bks file
>>> from glorifiedgrep.android.modules.utils import BKS >>> b = BKS('/path/to/file', 'secretpassword')
-
__init__
(bks_file, bks_password)¶ Initialize self. See help(type(self)) for accurate signature.
-
bks_certificate
() → list¶ Prints the certificate from the bks file
Returns: bks certificates Return type: list Examples
>>> b.bks_certificate()
-
bks_keystore_alias
() → list¶ Prints the keystore alias of the bks file
Returns: bks keystore aliases Return type: list Examples
>>> b.bks_keystore_alias()
-
bks_keystore_type
() → list¶ Prints the keystore type of the bks file
Returns: bks keystore type Return type: list Examples
>>> b.bks_keystore_type()
NativeELFAnalysis class¶
-
class
glorifiedgrep.android.modules.utils.
NativeELFAnalysis
(elf_path: str)¶ Class is used to handle the processing and analysis of native libraries included in the APK. It relies of lief to handle the processing. To install lief for py 3.7, follow instructions at https://github.com/lief-project/LIEF/issues/214
Parameters: str (elf_path) – path to the lib file >>> from glorifiedgrep.android.modules.utils import NativeELFAnalysis >>> n = NativeELFAnalysis('/path/to/file.so')
-
__init__
(elf_path: str)¶ Initialize self. See help(type(self)) for accurate signature.
-
elf_exported_symbols
() → list¶ Returns a list of exported symbols from the binary
Returns: Array of exports from the binary Return type: list Examples
>>> n.elf_exported_symbols()
-
elf_header_info
() → lief._pylief.ELF.Header¶ Returns a lief header object with information obtained from the binaries header
Returns: _pylief.ELF.Header – Header object object Return type: object Examples
>>> n.elf_header_info()
-
elf_imported_symbols
() → list¶ Returns a list of imported symbols from the binary
Returns: list of imports from the binary Return type: list Examples
>>> n.elf_imported_symbols()
-
elf_libraries_binary
() → list¶ Returns a list of libraries the binary is linked with
Returns: Liked libraries Return type: list Examples
>>> n.elf_libraries_binary()
-
elf_strings_from_binary
() → list¶ Returns a list of strings from the binary
Returns: Array of strings from the binary Return type: list Examples
>>> n.elf_strings_from_binary()
-
NativeDEXAnalysis class¶
-
class
glorifiedgrep.android.modules.utils.
NativeDEXAnalysis
(dex_path: str)¶ Class is used to handle the processing and analysis of dex files obtained from unzipping an APK. It relies of lief to handle the processing. To install lief for py 3.7, follow instructions at https://github.com/lief-project/LIEF/issues/214
Parameters: str (dex_path) – path to the lib file >>> from glorifiedgrep.android.modules.utils import NativeELFAnalysis >>> n = NativeDEXAnalysis('/path/to/classes.dex')
-
__init__
(dex_path: str)¶ This class analyzes native dex files that are not decompiled
Parameters: dex_path (str) – Path to dex file
-
dex_classes
() → Iterable[dict]¶ Parse the dex file and returns a list of class names and other information
Returns: Returns a generator of dictionaries containing the name, full_name, package_name source_file, and method keys Return type: Iteratable Examples
>>> n.dex_dex_classes()
-
dex_info
() → Iterable[lief._pylief.DEX.File.classes]¶ Parse the dex file and returns a lief dex file object
Returns: Returns a generator of containing the class names and their associated methods Return type: Iteratable Examples
>>> n.dex_dex_info()
-
dex_methods
() → Iterable[dict]¶ Parse the dex file and returns a dictionary of method information
Returns: Returns a generator of dictionaries containing the name, class, parameters and return_type keys Return type: Iteratable Examples
>>> n.dex_dex_methods()
-
dex_parse
() → lief._pylief.DEX.File¶ Parse the dex file and returns a lief dex file object
Returns: GreppedOut object Return type: GreppedOut Examples
>>> n.dex_parse()
-
dex_strings
() → Iterable[list]¶ Parse the dex file and returns a generator of string values
Returns: Returns a generator of strings Return type: Iteratable Examples
>>> n.dex_dex_strings()
-
SQL class¶
-
class
glorifiedgrep.android.modules.utils.
SQL
(db_path: str)¶ Class is used to process, and extract various information from sqlite3 db files. It uses python sqlite3 standard library.
Parameters: str (db_path) – path to the db file >>> from glorifiedgrep.android.modules.utils import SQL >>> s = SQL('/path/to/sql_db')
-
__init__
(db_path: str)¶ The init method for the SQL class
Parameters: db_path (str) – Path to a valid sqlite3 database file
-
sqldb_dump_database
() → list¶ Dumps a list of all sql commands. Similar to
sqlite3 file.db .dump
Returns: An array of all dumped data Return type: list Examples
>>> s.sqldb_dump_database()
-
sqldb_table_column_names
(table_name: str) → list¶ Get all the column names for the specified table.
Parameters: table_name (str) – An existing table name Returns: A list of column names from the specified table Return type: list Examples
>>> s.sqldb_table_column_names()
-
sqldb_table_data
(table_name: str) → list¶ Get all the data from the specified table.
Parameters: table_name (str) – An existing table name Returns: Dumps an arry of table data Return type: list Examples
>>> s.sqldb_table_data()
-
sqldb_tables
() → list¶ Get all the table names from the db file
Returns: A list of table names Return type: list Examples
>>> s.sqldb_tables()
-
Utils class¶
-
class
glorifiedgrep.android.modules.utils.
Utils
¶ General class for helpful utilities while working with unzipped or decompiled files
>>> from glorifiedgrep.android.modules.utils import Utils >>> u = Utils()
-
__init__
()¶ The init method for the whole GlorifiedAndroid module. This is interted throughout
Parameters: - apk_path (str) – Path to the APK
- output_dir (str) – Output dir for decompilation and unzipping, defaults to /tmp/glorified_android
- project_dir (str) – Project directory used for already decompiled and processed apks, defaults to None
- rg_path (str) – path to ripgrep. Defaults to looking for it in path
- jadx_path (str) – path to jadx. Defaults to looking for it in path
- clean_dir (bool) – delete the output directory before processing
Raises: - NotValidPythonVersion – Raises if python version 3 is not used
- DifferentAPKExists – Raises if decompiled APK is different than what is already decompiled
- DependentBinaryMissing – Raises if ripgrep, or jadx is not found
>>> # The default output directory is temp/GlorifiedAndroid folder. This can be >>> # overriden using output_dir='some/path' >>> a = GlorifiedAndroid('/path/to/apk', output_dir='/out/dir')
Typically, the prefix for the file path is removed when processing filepaths in the various code analysis classes. This can be adjusted using
>>> a.remove_dir_prefix = ''
If ripgrep or jadx is not in path, analysis will not be complete. To pass a user defined path for either jadx or rg, the GlorifiedAndroid class can be instantiated as follows.
>>> a = GlorifiedAndroid('/path/to/apk', jadx_path='path/to/jadx', rg_path='/path/to/rg')
-
jks_password_bruteforce
(jks_file: str, word_list: str) → str¶ Bruteforce the password for a JKS keystore
Parameters: - jks_file (str) – Path to JKS keystore
- word_list (str) – Path to wordlist
Returns: Valid password if found. Else False
Return type: str
-
utils_xml_to_dict
(file_path: str) → dict¶ Parse xml file and return as a dict object
Parameters: file_path (str) – Path to a valid XML file Returns: A dictionary object representing the xml file Return type: list Examples
>>> u.utils_xml_to_dict('/path/to/file.xml)
-