Why there is nothing in output when using gen_variations.py ?

[YuluandQiuqiu]

I tried "python gen_variations.py -i input -o output". But there is nothing generated in output.

D:\Test_Virus_oversea\ChangeSampleTool\avpass-master\src>python gen_variations.py -i input -o output input/virus.apk virus [*] Decoding apk file to smali apktool d ./input/virus.apk -oinput/virus copyTree input/virus -> input/temp_obfus CALCULATE: _ Generating output/virus____.apk apktool b input/temp_obfus -o output/virus__.apk copyTree input/temp_obfus -> input/___

RESTORE: copyTree input/ -> input/temp_obfus

CALCULATE: A__ python refl.py -f input/temp_obfus.apk reflect -c no; Generating output/virus_A__.apk apktool b input/temp_obfus -o output/virus_A__.apk copyTree input/temp_obfus -> input/A__

[jinhojun]

It seems you are running AVPass on Windows OS. As we mentioned (https://github.com/sslab-gatech/avpass/blob/master/docs/README.md), AVPass doesn't support Windows OS.

I recommend you to run the same script on Linux or Mac.

-Jinho

[YuluandQiuqiu]

This time I tried it on Linux. But issue still exists.

CALCULATE: E_P python api.py -f input/temp_obfus.apk permission -c no; Generating output/0ae44f10cd7480e7c54c65bc15cedcc2_____E_P.apk apktool b input/tempobfus -o output/0ae44f10cd7480e7c54c65bc15cedcc2E_P.apk copyTree input/temp_obfus -> input/____E_P

RESTORE: copyTree input/ -> input/temp_obfus

CALCULATE: R python res.py -f input/temp_obfus image -c no;python res.py -f input/temp_obfus resxml -c no -n yes; Generating output/0ae44f10cd7480e7c54c65bc15cedcc2__R_.apk apktool b input/temp_obfus -o output/0ae44f10cd7480e7c54c65bc15cedcc2__R_.apk copyTree input/temp_obfus -> input/____R

CALCULATE: _RP python api.py -f input/temp_obfus.apk permission -c no; Generating output/0ae44f10cd7480e7c54c65bc15cedcc2__RP.apk apktool b input/temp_obfus -o output/0ae44f10cd7480e7c54c65bc15cedcc2__RP.apk copyTree input/temp_obfus -> input/_____RP

RESTORE: copyTree input/ -> input/temp_obfus

CALCULATE: __P python api.py -f input/temp_obfus.apk permission -c no; Generating output/0ae44f10cd7480e7c54c65bc15cedcc2_P.apk apktool b input/temp_obfus -o output/0ae44f10cd7480e7c54c65bc15cedcc2___P.apk copyTree input/temp_obfus -> input/P

[jinhojun]

Thanks for trying this in Linux environment.

I will assume that you already located multiple APK files in your "input" directory and you are using python gen_variations.py -i input -o output command.

There are many ways to narrow down root cause. 1) Try individual obfuscation by removing (commenting) defined primitives. (you should change OBFUSCATION_LIST) 2) Check if AVPass generate APK file correctly using python gen_disguise.py -i YOUR_MALWARE.apk individual script. 3) Once you identify primitive that AVPass cannot handle, remove the primitive in your setting. 4) Finally, try to use gen_variations.py again. (you should modify INFERRING_LIST)

If there is one problematic primitive is located at the top of the LIST, gen_variabions.py will fail to generate obfuscated APK. For example, AVPass's API-reflection cannot handle APK which is generate from recently released Android Studio, thereby most of the following operation will fail.

Jinho.

[bowen666666]

hello I also encountered the same problem. Can you tell me how to solve it? thank you very much

[tgdh91]

you must try to use python gen_variations.py -i input -o output -d n to let self.dry be False, it's defaule True

[Qian-Han]

Same for me. I think the repo may need to be fixed to resolve this.

[Qian-Han]

I tested it. You need to change line 150 - 153 to all False (false) for "--dry" in gen_variations.py, then the code works. Hope it works :)