Add a Shuriken-based core library (#697)

Author: zinwang

.github/workflows/pytest.yml

@@ -60,6 +60,10 @@ jobs:
         sh install.sh -y
         cargo install project_ares
 
+    - name: Install Shuriken-Analyzer
+      run: |
+        pip install git+https://github.com/Fare9/Shuriken-Analyzer.git@main#subdirectory=shuriken/bindings/Python/
+
     - name: Install Quark-Engine
       run: pip install .
 

.github/workflows/smoke_test.yml

@@ -41,7 +41,17 @@ jobs:
 
         # Install click <= 8.1.7 for CLI supports
         python -m pip install "click<=8.1.7"
-        
+   
+    - name: Install Shuriken-Analyzer for Linux
+      run: |
+        pip install git+https://github.com/Fare9/Shuriken-Analyzer.git@main#subdirectory=shuriken/bindings/Python/
+      if: matrix.os == 'ubuntu-latest'
+
+    - name: Install Shuriken-Analyzer for MacOS
+      run: |
+        pip install git+https://github.com/Fare9/Shuriken-Analyzer.git@main#subdirectory=shuriken/bindings/Python/
+      if: matrix.os == 'macos-13'
+
     - name: Install MacPorts
       uses: melusina-org/setup-macports@v1
       if: matrix.os == 'macos-13'

quark/cli.py

@@ -133,7 +133,10 @@
     "--core-library",
     "core_library",
     help="Specify the core library used to analyze an APK",
-    type=click.Choice(("androguard", "rizin", "radare2"), case_sensitive=False),
+    type=click.Choice(
+        ("androguard", "rizin", "radare2", "shuriken"),
+        case_sensitive=False
+    ),
     required=False,
     default="androguard",
 )

quark/core/apkinfo.py

@@ -12,7 +12,7 @@
 from androguard.core.bytecodes.dvm_types import Operand
 from androguard.misc import AnalyzeAPK, AnalyzeDex
 
-from quark.core.interface.baseapkinfo import BaseApkinfo, XMLElement
+from quark.core.interface.baseapkinfo import BaseApkinfo
 from quark.core.struct.bytecodeobject import BytecodeObject
 from quark.core.struct.methodobject import MethodObject
 from quark.evaluator.pyeval import PyEval
@@ -21,7 +21,7 @@
 class AndroguardImp(BaseApkinfo):
     """Information about apk based on androguard analysis"""
 
-    __slots__ = ("apk", "dalvikvmformat", "analysis")
+    __slots__ = ("apk", "dalvikvmformat", "analysis", "_manifest")
 
     def __init__(self, apk_filepath: Union[str, PathLike]):
         super().__init__(apk_filepath, "androguard")
@@ -32,55 +32,10 @@ def __init__(self, apk_filepath: Union[str, PathLike]):
         elif self.ret_type == "DEX":
             # return the sha256hash, DalvikVMFormat, and Analysis objects
             _, _, self.analysis = AnalyzeDex(apk_filepath)
+            self._manifest = None
         else:
             raise ValueError("Unsupported File type.")
 
-    @property
-    def permissions(self) -> List[str]:
-        if self.ret_type == "APK":
-            return self.apk.get_permissions()
-
-        if self.ret_type == "DEX":
-            return []
-
-    @property
-    def application(self) -> XMLElement:
-        """Get the application element from the manifest file.
-
-        :return: an application element
-        """
-        if self.ret_type == "DEX":
-            return []
-
-        manifest_root = self.apk.get_android_manifest_xml()
-
-        return manifest_root.find("application")
-
-    @property
-    def activities(self) -> List[XMLElement]:
-        if self.ret_type == "DEX":
-            return []
-
-        manifest_root = self.apk.get_android_manifest_xml()
-        application = manifest_root.find("application")
-
-        return application.findall("activity")
-
-    @property
-    def receivers(self) -> List[XMLElement]:
-        """
-        Return all receivers from the given APK.
-
-        :return: a list of all receivers
-        """
-        if self.ret_type == "DEX":
-            return []
-
-        manifest_root = self.apk.get_android_manifest_xml()
-        application = manifest_root.find("application")
-
-        return application.findall("receiver")
-
     @property
     def android_apis(self) -> Set[MethodObject]:
         apis = set()

quark/core/axmlreader/__init__.py

@@ -1,3 +1,7 @@
+# -*- coding: utf-8 -*-
+# This file is part of Quark-Engine - https://github.com/quark-engine/quark-engine
+# See the file 'LICENSE' for copying permission.
+
 import enum
 import functools
 import os.path
@@ -80,9 +84,9 @@ def __init__(self, message):
         super(AxmlException, self).__init__(message)
 
 
-class AxmlReader(object):
+class AxmlReader:
     """
-    A Class that parses the Android XML file
+    A Class that parses the Android XML file using Rizin/Radare2
     """
 
     def __init__(self, file_path, core_library="rizin", structure_path=None):
@@ -205,6 +209,12 @@ def __init__(self, file_path, core_library="rizin", structure_path=None):
             if self._ptr >= self._axml_size:
                 return
 
+    def __enter__(self):
+        return self
+
+    def __exit__(self, exc_type, exc_val, exc_tb):
+        pass
+
     def __iter__(self) -> Iterator[ResChunkHeader]:
         """Get an iterator that walks through the content of the Android XML
          binary.
@@ -373,7 +383,7 @@ def __convert_tag_to_xml_element(
 
         return XMLElement(name, attributes)
 
-    def __find_manifest(
+    def _find_manifest(
         self, chunk_iterator: Iterator[ResChunkHeader]
     ) -> XMLElement:
         """Find the resource chunk of the first XML label named manifest and
@@ -402,7 +412,7 @@ def get_xml_tree(self) -> XMLElementTree:
         :return: the content of the file
         """
         file_iterator = iter(self)
-        root = self.__find_manifest(file_iterator)
+        root = self._find_manifest(file_iterator)
 
         stack = [root]
         for tag in file_iterator: