本地工人包
andrototal-cli的Python项目详细描述
命令行工具,用于分析android上的apk病毒。
需要:
- Adapers套餐
- Androplot软件包
- avds(安装了杀毒软件)在home/.android/avd/
安装:
- pip install andrototal cli–进程依赖链接
基本用法: andrototal cli path/of/sample/apk病毒名
病毒名称: 一个来自适配器包(必须存在和AVD:No..F.Health/Adv//Adv/P>
示例: andrototal cli malware.apk comanivirus
- 用法:andrototal cli[-h][-测试方法{install,copy}]
- [-日志级别{debug,info,warning,error}] [-window[window][-file日志文件\u日志] [-最大重试次数{1,2,3,4}] [-存储设备数据[存储设备数据]] 恶意软件示例防病毒[防病毒…]
- 位置参数:
- APK样本的恶意软件样本路径 防病毒软件的防病毒名称
可选参数:
-h, –help show this help message and exit
- -test-method {install,copy}, -t {install,copy}
- test method
- -log-level {DEBUG,INFO,WARNING,ERROR}, -l {DEBUG,INFO,WARNING,ERROR}
- logging level.
- -window [WINDOW], -w [WINDOW]
- display emulator’s graphical window
- -file-log FILE_LOG, -fl FILE_LOG
- Redirect logger to file
- -max-retries {1,2,3,4}, -m {1,2,3,4}
- maximum number of scan retries when a non fatal exceptions occurs
- -store-device-data [STORE_DEVICE_DATA], -sd [STORE_DEVICE_DATA]
- store device logcat and snapshot in device_data folder
输出:
- {
- “示例”:{
'sha256':'1944d8ee5bda3a1bd0655fdb10d3267ab0cc451d1e4061baf3ce1b81e5e8',
“MD5”:“77b0105632e309b48e66f7cdb4678e02”,
'sha1':'4de0d8997949265a4b5647bb9f9d42926bd88191'
},
“测试计数”:1, “成功计数”:1, “测试”:[
- {
‘status’: ‘SUCCESS’,
‘ended_at’: ‘2016-06-08 14:01:27’,
‘detected_threat’: ‘THREAT_FOUND’,
‘antivirus’: ‘ComAntivirus’,
‘started_at’: ‘2016-06-08 14:00:34’,
‘analysis_time’: 19
}
]我是说, “失败计数”:0
}