如何在python脚本中使用Androguard卫士检查网络安全配置

Question

我有一个.apk文件，希望检查res/xml/NetworkSecurityconfig.xml 1信任用户提供的证书。

我读到了机器人护卫的博士论文，我认为它应该能做我想做的事。但是，对于如何从.apk文件的文档而不是已经提取的resources.arsc上运行这样的代码，我感到困惑。

from androguard.core.bytecodes.axml import ARSCParser

with open("resouces.arsc", "rb") as fp:
    res = ARSCParser(fp.read())

# Now you can resolve IDs:
name = res.get_resource_xml_name(0x7F040001)
if name:
    print(name)

# To get the content of an ID, you need to iterate over configurations
# You need to decide which configuration to use...
for config, entry in res.get_res_configs(0x7F040001):
    # You can query `config` for specific configuration
    # or check with `is_default()` if this is a default configuration.
    print("{} = '{}'".format(config.get_qualifier() if not config.is_default() else "<default>", entry.get_key_data()))

如何在不提取.apk文件的情况下检查res/xml/NetworkSecurityconfig.xml文件是否存在，以及如何检查它是否信任用户证书？到目前为止，我只能查到这一点：

from androguard.core.bytecodes import apk
apk_file = apk.APK(app_path)
if 'res/xml/network_security_config.xml' in apk_file.files.keys():
    print("found network_security_config.xml")

示例network_security_config.xml：

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <base-config cleartextTrafficPermitted="true">
        <trust-anchors>
            <certificates src="system" />
            <certificates src="user" />
        </trust-anchors>
    </base-config>
</network-security-config>

编辑:了解如何检查是否存在.xml文件并编辑我的代码

1

Answer 1

我想出来了：

apk_file = apk.APK(app_path)
manifest = apk.get_android_manifest_xml()
if 'res/xml/network_security_config.xml' in apk_file.files.keys():
    print("Network Security Config present in .apk")
axml = AXMLPrinter(apk_file.get_file('res/xml/network_security_config.xml'))
axml_obj = axml.get_xml_obj()
for element in axml_obj.iter("certificates"):
    if element.values() == ['user']:
        print("User certificates trusted by network security configuration")