APK查壳软件(根据so名)

基于so文件名特征的查壳小软件，支持输入文件路径和导入文件两种模式。

下载地址:

csdn下载

百度网盘下载 提取码: uvmh

下载完成解压后,在 checkapp\dist 目录下启动 check.exe 文件.

原理比较简单,解压apk后根据so文件名称来判断是否出现在我们指定好的加固样本中

python代码:

import zipfile from tkinter import Tk, END,Label,Entry,W,Button,Text import threading from tkinter import filedialog class shellDetector(): def __init__(self): self.shellfeatures={ "libchaosvmp.so":u"娜迦", "libddog.so":u"娜迦", "libfdog.so":u"娜迦", "libedog.so":u"娜迦企业版", "libexec.so":u"爱加密", "libexecmain.so":u"爱加密", "ijiami.dat":u"爱加密", "ijiami.ajm":u"爱加密企业版", "libsecexe.so":u"梆梆免费版", "libsecmain.so":u"梆梆免费版", "libSecShell.so":u"梆梆免费版", "libDexHelper.so":u"梆梆企业版", "libDexHelper-x86.so":u"梆梆企业版", "libprotectClass.so":u"360", "libjiagu.so":u"360", "libjiagu_art.so":u"360", "libjiagu_x86.so":u"360", "libegis.so":u"通付盾", "libNSaferOnly.so":u"通付盾", "libnqshield.so":u"网秦", "libbaiduprotect.so":u"百度", "aliprotect.dat":u"阿里聚安全", "libsgmain.so":u"阿里聚安全", "libsgsecuritybody.so":u"阿里聚安全", "libmobisec.so":u"阿里聚安全", "libtup.so":u"腾讯", "libexec.so":u"腾讯", "libshell.so":u"腾讯", "mix.dex":u"腾讯", "lib/armeabi/mix.dex":u"腾讯", "lib/armeabi/mixz.dex":u"腾讯", "libtosprotection.armeabi.so":u"腾讯御安全", "libtosprotection.armeabi-v7a.so":u"腾讯御安全", "libtosprotection.x86.so":u"腾讯御安全", "libnesec.so":u"网易易盾", "libAPKProtect.so":u"APKProtect", "libkwscmm.so":u"几维安全", "libkwscr.so":u"几维安全", "libkwslinker.so":u"几维安全", "libx3g.so":u"顶像科技", "libapssec.so":u"盛大", "librsprotect.so":u"瑞星" } def shellDetector(self,apkpath): zipfiles=zipfile.ZipFile(apkpath) nameList=zipfiles.namelist() for fileName in nameList: try: for shell in self.shellfeatures.keys(): if shell in fileName: shellType=self.shellfeatures[shell] result = u"该apk使用了《" + shellType + u"》加固" return result except: return u"unknown" return u"该APK未加固或采用未知加固厂商\n" if __name__ == '__main__': root = Tk() root.title('APK查壳工具 by:lx') root.iconbitmap('check.ico') root.geometry('300x320') lable = Label(root, text='请输入apk路径:', font=('楷体', 15)) lable.grid() entry = Entry(root, font=('楷体', 15)) entry.grid(row=1, column=0) def thread_it(func, *args): t = threading.Thread(target=func, args=args) t.setDaemon(True) t.start() def get_apk_path(): return entry.get() def main(): apk_path = get_apk_path() if not apk_path: text1.insert(END,'\n请输入APK路径',) return elif str(apk_path).endswith('.apk') ==False: text1.insert(END,'\n请输入APK的完整路径',) return sd = shellDetector() result = sd.shellDetector(apk_path) text2.insert(END,result) def main2(): apk_path = filedialog.askopenfilename() if not apk_path: text1.insert(END, '\n请选择apk路径', ) return elif str(apk_path).endswith('.apk') == False: text1.insert(END, '\n请选择apk的完整路径', ) return sd = shellDetector() result = sd.shellDetector(apk_path) text2.insert(END, result) button1 = Button(root, text='输入路径后点击开始', font=('楷体', 18), command=lambda: thread_it(main, )) button1.grid(row=2, column=0, sticky=W, padx=30, pady=10) button2 = Button(root, text='可直接导入文件检测', font=('楷体', 18), command=lambda: thread_it(main2, )) button2.grid(row=3, column=0, sticky=W, padx=30, pady=10) text1 = Text(root, width=40, height=8) text1.insert(END,'目前支持检测的加固有:\n [娜迦,娜迦企业版,腾讯,爱加密,爱加密企业版,梆梆免费版,梆梆企业版,360,通付盾,网秦,百度,阿里聚安全,腾讯,网易易盾,APKProtect,几维安全,顶像科技,盛大,瑞星]\n') text1.grid() text2 = Text(root, width=40, height=2) text2.grid() root.mainloop()

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

网络

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。