improve is_dyn_code - Githubissues

GoogleCodeExporter commented 8 years ago

Add the following packages to dynamic code loading check:
def is_dyn_code(dx):
    """
        Dynamic code loading is present ?
        :param dx : the analysis virtual machine
        :type dx: a :class:`VMAnalysis` object
        :rtype: boolean
    """
    paths = dx.get_tainted_packages().search_methods("Ldalvik/system/DexClassLoader;", ".", ".")
    if paths != []:
        return True
     paths = dx.get_tainted_packages().search_methods("Ljava/lang/Runtime;", "load", ".")
    if paths != []:
        return True
    paths = dx.get_tainted_packages().search_methods("Ljava/lang/Runtime;", "loadLibrary", ".")
    if paths != []:
        return True
    paths = dx.get_tainted_packages().search_methods("Ljava/lang/ClassLoader", ".", ".")
    if paths != []:
        return True
    paths = dx.get_tainted_packages().search_methods("Ljava/security/SecureClassLoader", ".", ".")
    if paths != []:
        return True
    paths = dx.get_tainted_packages().search_methods("Ljava/net/URLClassLoader", ".", ".")
    if paths != []:
        return True
    return False

Original issue reported on code.google.com by liadalex82@gmail.com on 3 Jan 2013 at 9:06

GoogleCodeExporter commented 8 years ago

Original comment by anthony....@gmail.com on 3 Jan 2013 at 5:33

Changed state: Accepted

GoogleCodeExporter commented 8 years ago

mv load* to is_native_code

Original comment by anthony....@gmail.com on 3 Jan 2013 at 6:04

Changed state: Fixed

andreimunteanu / androguard

improve is_dyn_code #98