zxvzxv
commented
1 year ago 已更新
Closed ohyeah521 closed 1 year ago
zxvzxv
commented
1 year ago 已更新
ohyeah521
commented
1 year ago 已更新
牛逼,我试试
ohyeah521
commented
1 year ago 这个样本不能获取到图标,辛苦老哥在看看。 链接: https://pan.baidu.com/s/1s-N9Rcuwu13DkUuJz_arcw?pwd=thw6 提取码: thw6
zxvzxv
commented
1 year ago 这个样本不能获取到图标,辛苦老哥在看看。 链接: https://pan.baidu.com/s/1s-N9Rcuwu13DkUuJz_arcw?pwd=thw6 提取码: thw6
之前想多了,还以为图片一定要指定后缀,实际不需要后缀也行,放宽了限制可以正常提取了
ohyeah521
commented
1 year ago 这个样本不能获取到图标,辛苦老哥在看看。 链接: https://pan.baidu.com/s/1s-N9Rcuwu13DkUuJz_arcw?pwd=thw6 提取码: thw6
之前想多了,还以为图片一定要指定后缀,实际不需要后缀也行,放宽了限制可以正常提取了
现在这些搞黑产的混淆的特别严重,关键时谷歌它没做任何限制,这是最坑的,苦了咱们这搞安全的了
类似于androguard的这个功能: a = apk.APK(apk_path) icon_name = a.get_app_icon()
另外一个项目androguard中有个错误: File "D:\venv\lib\site-packages\androguard-3.4.0a1-py3.9.egg\androguard\core\bytecodes\apk.py", line 566, in get_app_icon res_parser = self.get_android_resources() File "D:\venv\lib\site-packages\androguard-3.4.0a1-py3.9.egg\androguard\core\bytecodes\apk.py", line 1581, in get_android_resources self.arsc["resources.arsc"] = ARSCParser(self.zip.read("resources.arsc")) File "D:\venv\lib\site-packages\androguard-3.4.0a1-py3.9.egg\androguard\core\bytecodes\axml__init.py", line 1375, in init__ ate = ARSCResTableEntry(self.buff, res_id, pc) File "D:\venv\lib\site-packages\androguard-3.4.0a1-py3.9.egg\androguard\core\bytecodes\axml__init.py", line 2620, in init self.item = ARSCComplex(buff, parent) File "D:\venv\lib\site-packages\androguard-3.4.0a1-py3.9.egg\androguard\core\bytecodes\axml\init.py", line 2678, in init self.items.append((unpack('<I', buff.read(4))[0], ARSCResStringPoolRef(buff, self.parent))) File "D:\venv\lib\site-packages\androguard-3.4.0a1-py3.9.egg\androguard\core\bytecodes\axml\init.py", line 2698, in init__ raise ResParserError("res0 must be always zero!") androguard.core.bytecodes.axml.ResParserError: res0 must be always zero!
样本下载地址: 链接: https://pan.baidu.com/s/13GAKXDe82gd12R-TNevolw?pwd=8qit 提取码: 8qit
请问这个能修复吗?