进销存管理如何推动企业在竞争中脱颖而出
1365
2022-05-25
基于so文件名特征的查壳小软件,支持输入文件路径和导入文件两种模式。
-:
csdn下载
百度网盘下载 提取码: uvmh
下载完成解压后,在 checkapp\dist 目录下启动 check.exe 文件.
原理比较简单,解压apk后根据so文件名称来判断是否出现在我们指定好的加固样本中
python代码:
import zipfile from tkinter import Tk, END,Label,Entry,W,Button,Text import threading from tkinter import filedialog class shellDetector(): def __init__(self): self.shellfeatures={ "libchaosvmp.so":u"娜迦", "libddog.so":u"娜迦", "libfdog.so":u"娜迦", "libedog.so":u"娜迦企业版", "libexec.so":u"爱加密", "libexecmain.so":u"爱加密", "ijiami.dat":u"爱加密", "ijiami.ajm":u"爱加密企业版", "libsecexe.so":u"梆梆免费版", "libsecmain.so":u"梆梆免费版", "libSecShell.so":u"梆梆免费版", "libDexHelper.so":u"梆梆企业版", "libDexHelper-x86.so":u"梆梆企业版", "libprotectClass.so":u"360", "libjiagu.so":u"360", "libjiagu_art.so":u"360", "libjiagu_x86.so":u"360", "libegis.so":u"通付盾", "libNSaferOnly.so":u"通付盾", "libnqshield.so":u"网秦", "libbaiduprotect.so":u"百度", "aliprotect.dat":u"阿里聚安全", "libsgmain.so":u"阿里聚安全", "libsgsecuritybody.so":u"阿里聚安全", "libmobisec.so":u"阿里聚安全", "libtup.so":u"腾讯", "libexec.so":u"腾讯", "libshell.so":u"腾讯", "mix.dex":u"腾讯", "lib/armeabi/mix.dex":u"腾讯", "lib/armeabi/mixz.dex":u"腾讯", "libtosprotection.armeabi.so":u"腾讯御安全", "libtosprotection.armeabi-v7a.so":u"腾讯御安全", "libtosprotection.x86.so":u"腾讯御安全", "libnesec.so":u"网易易盾", "libAPKProtect.so":u"APKProtect", "libkwscmm.so":u"几维安全", "libkwscr.so":u"几维安全", "libkwslinker.so":u"几维安全", "libx3g.so":u"顶像科技", "libapssec.so":u"盛大", "librsprotect.so":u"瑞星" } def shellDetector(self,apkpath): zipfiles=zipfile.ZipFile(apkpath) nameList=zipfiles.namelist() for fileName in nameList: try: for shell in self.shellfeatures.keys(): if shell in fileName: shellType=self.shellfeatures[shell] result = u"该apk使用了《" + shellType + u"》加固" return result except: return u"unknown" return u"该APK未加固或采用未知加固厂商\n" if __name__ == '__main__': root = Tk() root.title('APK查壳工具 by:lx') root.iconbitmap('check.ico') root.geometry('300x320') lable = Label(root, text='请输入apk路径:', font=('楷体', 15)) lable.grid() entry = Entry(root, font=('楷体', 15)) entry.grid(row=1, column=0) def thread_it(func, *args): t = threading.Thread(target=func, args=args) t.setDaemon(True) t.start() def get_apk_path(): return entry.get() def main(): apk_path = get_apk_path() if not apk_path: text1.insert(END,'\n请输入APK路径',) return elif str(apk_path).endswith('.apk') ==False: text1.insert(END,'\n请输入APK的完整路径',) return sd = shellDetector() result = sd.shellDetector(apk_path) text2.insert(END,result) def main2(): apk_path = filedialog.askopenfilename() if not apk_path: text1.insert(END, '\n请选择apk路径', ) return elif str(apk_path).endswith('.apk') == False: text1.insert(END, '\n请选择apk的完整路径', ) return sd = shellDetector() result = sd.shellDetector(apk_path) text2.insert(END, result) button1 = Button(root, text='输入路径后点击开始', font=('楷体', 18), command=lambda: thread_it(main, )) button1.grid(row=2, column=0, sticky=W, padx=30, pady=10) button2 = Button(root, text='可直接导入文件检测', font=('楷体', 18), command=lambda: thread_it(main2, )) button2.grid(row=3, column=0, sticky=W, padx=30, pady=10) text1 = Text(root, width=40, height=8) text1.insert(END,'目前支持检测的加固有:\n [娜迦,娜迦企业版,腾讯,爱加密,爱加密企业版,梆梆免费版,梆梆企业版,360,通付盾,网秦,百度,阿里聚安全,腾讯,网易易盾,APKProtect,几维安全,顶像科技,盛大,瑞星]\n') text1.grid() text2 = Text(root, width=40, height=2) text2.grid() root.mainloop()
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
网络
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。