Android逆向小工具–apkCheckProtect

android小工具-查壳工具

移动端查壳并不是什么难事,主要就是特征库的维护而已。

这里V1版本仅对so文件做特征检验,其他文件检验将在下个版本体现

由于用几分钟写完,没来得及做各种兼容性适配和跨平台适配,有问题的话 可以直接评论留言


# -*- encoding:utf-8 -*- import os import sys import zipfile import shutil PROTECTFLAG_DICT = { "libSecShell.so": u"梆梆加固-免费版", "secData0.jar": u"梆梆加固-免费版", "libSecShell-x86.so": u"梆梆加固-免费版", "classes.jar": u"梆梆加固-定制版", "DexHelper.so": u"梆梆加固-定制版", "libAPKProtect.so": u"APKProtect加固", "libprotectClass.so": u"360加固", "libjiagu.so": u"360加固", "libNSaferOnly.so": u"通付盾加固", "libegis.so": u"通付盾加固", "libnqshield.so": u"网秦加固", "libshella-xxxx.so": u"腾讯加固", "libshellx-xxxx.so": u"腾讯加固", "mix.dex": u"腾讯加固", "libshell.so": u"腾讯加固", "mixz.dex": u"腾讯加固", "libtosprotection.armeabi-v7a.so": u"腾讯加固-御安全", "libtosprotection.armeabi.so": u"腾讯加固-御安全", "libtosprotection.x86.so": u"腾讯加固-御安全", "tosversion": u"腾讯加固-御安全", "libTmsdk-xxx-mfr.so": u"腾讯加固-御安全", "ijiami.dat": u"爱加密加固", "libexecmain.so": u"爱加密加固", "ijiami.ajm": u"爱加密加固", "libexec.so": u"爱加密加固", "af.bin": u"爱加密加固", "signed.bin": u"爱加密加固", "libx3g.so": u"顶象技术加固", "libddog.so": u"娜迦加固", "libedog.so": u"娜迦加固", "libmobisec.so": u"阿里加固", "libfakejni.so": u"阿里加固", "libzuma.so": u"阿里加固", "libzumadata.so": u"阿里加固", "libpreverify1.so": u"阿里加固", "libbaiduprotect.so": u"百度加固", "baiduprotect1.jar": u"百度加固", "baiduprotect.jar": u"百度加固", "kdpdata.so": u"几维加固", "dex.dat": u"几维加固", "libkdp.so": u"几维加固", "libkwscmm.so": u"几维加固", "dp.arm-v7.so.dat": u"DexProtect加固", "dp.arm.so.dat": u"DexProtect加固", "libitsec.so": u"海云安加固", "libapktoolplus_jiagu.so": u"apktoolplus加固", "libapssec.so": u"盛大加固", "librsprotect.so": u"瑞星加固", "libuusafe.jar.so": u"UU安全加固", "libuusafe.so": u"UU安全加固", "libuusafeempty.so": u"UU安全加固", "libcmvmp.so": u"中国移动安全加固", "libmogosec_dex.so": u"中国移动安全加固", "libmogosec_sodecrypt.so": u"中国移动安全加固", "libmogosecurity.so": u"中国移动安全加固", "libreincp.so": u"珊瑚灵御加固", "libreincp_x86.so": u"珊瑚灵御加固" } UNZIP_PATH = r"." + os.sep + "checkProtectUnzip" def unZipApk(apkPath): z = zipfile.ZipFile(apkPath, 'r') z.extractall(path=UNZIP_PATH) z.close() return 1 def getSoList(): lst = [] for root, dirs, files in os.walk(UNZIP_PATH): for name in files: startIndex = name.find(r".so") if startIndex != -1 and name not in lst: lst.append(name) return lst def removeUnZipFile(): shutil.rmtree(UNZIP_PATH) def checkProtect(): flag = 0 for lstName in getSoList(): tmp = PROTECTFLAG_DICT.get(lstName) if tmp != None: flag = 1 print "该Apk加固方式为:" print "**********************" print tmp print "**********************" break if flag != 1: print "该Apk未加固或特征库未收录!" removeUnZipFile() def main(): if unZipApk(sys.argv[1]) == 1: checkProtect() if __name__ == '__main__': main()

ps:好久没码python,感觉风格又回去了 = =

欢迎提bug,也欢迎其他想法

发表评论

电子邮件地址不会被公开。

You must enable javascript to see captcha here!