Getting python struct.error: unpack requires a string argument of length

[StephenQuirolgico]

For some apps, we are getting a python struct error. I don't know if this is a problem with androwarn, python, or the APK file itself. Below is an example error message. How can we fix this?

Traceback (most recent call last): File "/home/blive/androwarn/androwarn-master/androwarn.py", line 116, in main(options, arguments) File "/home/blive/androwarn/androwarn-master/androwarn.py", line 95, in main a, d, x = AnalyzeAPK(APK_FILE) File "/home/blive/androwarn/androwarn-master/androwarn/analysis/analysis.py", line 48, in AnalyzeAPK a = APK(filename, raw) File "/home/blive/androwarn/androwarn-master/androguard/core/bytecodes/apk.py", line 156, in init self.zip = zipfile.ZipFile( StringIO.StringIO( self.raw ), mode=mode ) File "/usr/lib/python2.7/zipfile.py", line 714, in __init self._GetContents() File "/usr/lib/python2.7/zipfile.py", line 748, in _GetContents self._RealGetContents() File "/usr/lib/python2.7/zipfile.py", line 807, in _RealGetContents x._decodeExtra() File "/usr/lib/python2.7/zipfile.py", line 373, in _decodeExtra tp, ln = unpack('<HH', extra[:4]) struct.error: unpack requires a string argument of length 4

Thanks, Steve Quirolgico

[maaaaz]

Hello Steve,

Would it possible for you to give me an example of an APK file leading to the crashes you reported ? If you do not want it to appear publicly, consider sending me a message : tdebize (at) mail (dot) com

Best regards.

[StephenQuirolgico]

We used QuranAndroid which is on Google Play. Also, we have found a workaround for this error by unpacking and repacking the APK using zip/unzip on Ubuntu. However, it should probably still be fixed in androwarn.

[maaaaz]

Hello @StephenQuirolgico,

Could you test again and tell me if the bug stills exists ? FYI I just tested with the current QuranAndroid application on the Play Store (version 2.9.1-p1) and I haven't encountered that issue.

I'm in that environment:

• Kali Rolling
• Python 2.7.15+
• External dependencies

  asn1crypto==0.24.0
  beautifulsoup4==4.6.1
  certifi==2018.11.29
  cffi==1.11.5
  chardet==3.0.4
  cryptography==2.4.2
  enum34==1.1.6
  futures==3.2.0
  idna==2.7
  ipaddress==1.0.22
  Jinja2==2.10
  lxml==4.2.4
  MarkupSafe==1.1.0
  play-scraper==0.5.0
  pycparser==2.19
  pyOpenSSL==18.0.0
  requests==2.20.0
  requests-futures==0.9.7
  six==1.12.0
  urllib3==1.24.1

[StephenQuirolgico]

Thomas,

Thank you very much! I’ll check it out and provide feedback. Again, thanks very much!

Steve

On Sunday, December 30, 2018, Thomas D. notifications@github.com wrote:

Hello @StephenQuirolgico https://github.com/StephenQuirolgico,

Could you test again and tell me if the bug stills exists. FYI I just tested with the current QuranAndroid application on the Play Store (version 2.9.1-p1) and I haven't encountered that issue, in that environment:

• Kali Rolling
• Python 2.7.15+
• External dependencies

asn1crypto==0.24.0 beautifulsoup4==4.6.1 certifi==2018.11.29 cffi==1.11.5 chardet==3.0.4 cryptography==2.4.2 enum34==1.1.6 futures==3.2.0 idna==2.7 ipaddress==1.0.22 Jinja2==2.10 lxml==4.2.4 MarkupSafe==1.1.0 play-scraper==0.5.0 pycparser==2.19 pyOpenSSL==18.0.0 requests==2.20.0 requests-futures==0.9.7 six==1.12.0 urllib3==1.24.1

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/maaaaz/androwarn/issues/1#issuecomment-450573482, or mute the thread https://github.com/notifications/unsubscribe-auth/AEvorc__KVm3xg9An64rL5P8BeNOUAWRks5u-PEqgaJpZM4AzQZc .

[StephenQuirolgico]

Thomas,

I installed the latest version of Androguard and Androwarn and but I'm getting a path error when running Androwarn:

File "/data/appvetBin/androwarn/androwarn.py", line 30, in from androguard.misc import AnalyzeAPK ImportError: No module named androguard.misc

Also, what versions of Python are you using for Androguard and Androwarn? The new version of Androguard recommends v3.6 but Androwarn still says to use v2.7.

Thanks, Steve

On Sun, Dec 30, 2018 at 4:18 PM Steve Quirolgico < stephen.quirolgico@gmail.com> wrote:

Thomas,

Thank you very much! I’ll check it out and provide feedback. Again, thanks very much!

Steve

On Sunday, December 30, 2018, Thomas D. notifications@github.com wrote:

Hello @StephenQuirolgico https://github.com/StephenQuirolgico,

Could you test again and tell me if the bug stills exists. FYI I just tested with the current QuranAndroid application on the Play Store (version 2.9.1-p1) and I haven't encountered that issue, in that environment:

• Kali Rolling
• Python 2.7.15+
• External dependencies

asn1crypto==0.24.0 beautifulsoup4==4.6.1 certifi==2018.11.29 cffi==1.11.5 chardet==3.0.4 cryptography==2.4.2 enum34==1.1.6 futures==3.2.0 idna==2.7 ipaddress==1.0.22 Jinja2==2.10 lxml==4.2.4 MarkupSafe==1.1.0 play-scraper==0.5.0 pycparser==2.19 pyOpenSSL==18.0.0 requests==2.20.0 requests-futures==0.9.7 six==1.12.0 urllib3==1.24.1

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/maaaaz/androwarn/issues/1#issuecomment-450573482, or mute the thread https://github.com/notifications/unsubscribe-auth/AEvorc__KVm3xg9An64rL5P8BeNOUAWRks5u-PEqgaJpZM4AzQZc .

[maaaaz]

Hello @StephenQuirolgico,

The minimum androguard version is documented in the requirements.txt file, to date it's >= 3.2.1.

Could you try a simple pip install androwarn ?

[StephenQuirolgico]

Thomas,

For some reason, I'm unable to run pip install androwarn from this machine, so I did a git clone and ran pip install -r requirements.txt instead Now, I am getting a different error message:

-bash-4.2# python /data/androwarn-master/androwarn.py -i /home/squirolgico/test-apps/GrouPing.apk -v 1 -d -L ERROR -n Traceback (most recent call last): File "/data/androwarn-master/androwarn.py", line 31, in from warn.search.search import grab_application_package_name File "/data/androwarn-master/warn/search/search.py", line 25, in from warn.util.util import * File "/data/androwarn-master/warn/util/util.py", line 25, in from HTMLParser import HTMLParser ModuleNotFoundError: No module named 'HTMLParser'

I am using Python 3.6.6.

Also, there were a couple of print statements in androwarn.py that needed parentheses (for Python 3.x).

Thanks, Steve

On Tue, Jan 22, 2019 at 2:35 PM Thomas D. notifications@github.com wrote:

Hello @StephenQuirolgico https://github.com/StephenQuirolgico,

The minimum androguard version is documented in the requirements.txt file https://github.com/maaaaz/androwarn/blob/master/requirements.txt, to date it's >= 3.2.1.

Could you try a simple pip install androwarn ?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/maaaaz/androwarn/issues/1#issuecomment-456533553, or mute the thread https://github.com/notifications/unsubscribe-auth/AEvorSt-YU0a-7CpofI7KK560dyR3AOqks5vF2gbgaJpZM4AzQZc .

[maaaaz]

Okay, androwarn is, for the moment, a Python 2-only program.

[StephenQuirolgico]

Thanks, Thomas. Please let me know if Androwarn moves to Python >=3.6. Also, are there plans to implement CVSS (Common Vulnerability Scoring System) and/or NIAP to Androwarn? Androwarn is currently being used by the US Govt as part of a suite of tools for testing Android apps. Having CVSS and/or NIAP would help to maintain its position as a cost-effective solution for helping to ensure the safety of Android apps used by federal agencies.

Thanks, Steve

On Wed, Jan 23, 2019 at 1:41 PM Thomas D. notifications@github.com wrote:

Okay, androwarn is, for the moment, a Python 2-only program.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/maaaaz/androwarn/issues/1#issuecomment-456918362, or mute the thread https://github.com/notifications/unsubscribe-auth/AEvorWNlSf-hdRewpal_buzjHgbm_O--ks5vGKzSgaJpZM4AzQZc .

[maaaaz]

Hello @StephenQuirolgico,

Androwarn now works with Python 3.

Cheers.

[StephenQuirolgico]

Thanks Thomas — I’ll check it out.

Steve

On Thursday, May 30, 2019, Thomas D. notifications@github.com wrote:

Hello @StephenQuirolgico https://github.com/StephenQuirolgico,

Androwarn now works with Python 3.

Cheers.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/maaaaz/androwarn/issues/1?email_source=notifications&email_token=ABF6RLN4ED2S4HZ4ZQ5LR4TPX7I45A5CNFSM4AGNAZOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWSKF4Y#issuecomment-497328883, or mute the thread https://github.com/notifications/unsubscribe-auth/ABF6RLMPFLHEXYQKN2ZZEPLPX7I45ANCNFSM4AGNAZOA .