Skip to content

Analyzing APKs

Jump to bottom
Vincenzo Musco edited this page Oct 9, 2018 · 3 revisions

This framework proposes a really simple object representation of a smali file. After disassembling an APK, the structure of the APK is represented based on an internal representation.

>>> from smalanalysis.smali.SmaliProject import SmaliProject
>>> proj = SmaliProject()
>>> proj.parseProject('/Users/vince/base.apk.smali')

At this stage proj contains a representation of the project (ie a SmaliProject class).

Example of simple model exploring:

# List available classes:
>>> proj.classes
[<smali.SmaliObject.SmaliClass object at 0x104882f60>,... , <smali.SmaliObject.SmaliClass object at 0x10a935828>]
>>> for aClass in proj.classes:
...     print(aClass.name)
Lorg/slf4j/Logger;
Lorg/slf4j/MarkerFactory;
(...)

# Select a specific class:
>>> aClass = proj.classes[0]
>>> aClass.name
'Lorg/slf4j/LoggerFactory;'

Including/Excluding classes

When parsing a project, a list of packages/classes patterns can be ignored. A good use case of these are for excluding project dependencies from the analysis.

This can be achieved by passing this information to the parseProject method as:

project.parseProject(smali, package=None, skiplists=None, includelist=None, include_unpackaged=False)
  • smali: Absolute path to the smali archive;
  • package: The app package name (default None);
  • skiplists: Files containing excluded list (default None);
  • includelists: Files containing included list (default None);
  • include_unpackaged: Includes classes which are not in a package (default False).

Debugging inclusion/exclusion

The sa-including-debug tool is used to debug how the tool will include/exclude packages accordingly to the passed parameters.

$ ./sa-including-debug --help
usage: sa-including-debug [-h] [--onlyapppackage] [--include-unpackaged]
                          [--exclude-lists [EXCLUDE_LISTS [EXCLUDE_LISTS ...]]]
                          [--include-lists [INCLUDE_LISTS [INCLUDE_LISTS ...]]]
                          smali pkg

List project classes and the way diffdex includes/excludes it.

positional arguments:
  smali                 Folder containing smali files
  pkg                   The app package name

optional arguments:
  -h, --help            show this help message and exit
  --onlyapppackage, -P  Includes only classes in the app package
  --include-unpackaged, -U
                        Includes classes which are not in a package
  --exclude-lists [EXCLUDE_LISTS [EXCLUDE_LISTS ...]], -e [EXCLUDE_LISTS [EXCLUDE_LISTS ...]]
                        Files containing exclude lists
  --include-lists [INCLUDE_LISTS [INCLUDE_LISTS ...]], -i [INCLUDE_LISTS [INCLUDE_LISTS ...]]
                        Files containing included lists
Clone this wiki locally