forked from xiabodan/JebDecrypt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
JEB2AutoRenameByTypeInfo.py
176 lines (154 loc) · 6.13 KB
/
JEB2AutoRenameByTypeInfo.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
# -*- coding: utf-8 -*-
"""
Sample client script for PNF Software's JEB2.
More samples are available on our website and within the scripts/ folder.
Refer to SCRIPTS.TXT for more information.
"""
import string
import re,collections
from com.pnfsoftware.jeb.client.api import IScript
from com.pnfsoftware.jeb.client.api import IScript, IGraphicalClientContext
from com.pnfsoftware.jeb.core import RuntimeProjectUtil
from com.pnfsoftware.jeb.core.actions import Actions, ActionContext, ActionXrefsData
from com.pnfsoftware.jeb.core.events import JebEvent, J
from com.pnfsoftware.jeb.core.output import AbstractUnitRepresentation, UnitRepresentationAdapter
from com.pnfsoftware.jeb.core.units.code import ICodeUnit, ICodeItem
from com.pnfsoftware.jeb.core.units.code.java import IJavaSourceUnit, IJavaStaticField, IJavaNewArray, IJavaConstant, IJavaCall, IJavaField, IJavaMethod, IJavaClass
from com.pnfsoftware.jeb.core.actions import ActionTypeHierarchyData
from com.pnfsoftware.jeb.core.actions import ActionRenameData
from com.pnfsoftware.jeb.core.util import DecompilerHelper
from com.pnfsoftware.jeb.core.output.text import ITextDocument
from com.pnfsoftware.jeb.core.units.code.android import IDexUnit
from java.lang import Runnable
class JEB2AutoRenameByTypeInfo(IScript):
def run(self, ctx):
ctx.executeAsync("Running name detection...", JEB2AutoRename(ctx))
print('Done')
class JEB2AutoRename(Runnable):
def __init__(self, ctx):
self.ctx = ctx
def run(self):
ctx = self.ctx
engctx = ctx.getEnginesContext()
if not engctx:
print('Back-end engines not initialized')
return
projects = engctx.getProjects()
if not projects:
print('There is no opened project')
return
print('begin.....')
# 逻辑开始
prj = projects[0]
print('JEB2AutoRename code units of %s...' % prj)
codeUnits = RuntimeProjectUtil.findUnitsByType(prj, ICodeUnit, False)
'''
bcUnits = []
for unit in codeUnits:
print(unit)
print(unit.getName().lower())
classes = unit.getClasses()
if classes and unit.getName().lower() == "bytecode":
bcUnits.append(unit)
'''
targetUnit = codeUnits[0]
self.targetUnit = targetUnit
# units = RuntimeProjectUtil.findUnitsByType(prj, IJavaSourceUnit, False)
# self.targetUnit = targetUnit
# print(targetUnit.getClass(javaclz.getSupertype().getSignature()))
# this is a single classes.dex item
print('----------------------------')
fuckingClasses = []
cnt = 0
for clz in targetUnit.getClasses():
# the name maybe renamed
# print(clz.getSignature(False))#False is for original Name
if isFuckingName(clz.getName(False)):
determinedName = self.tryDetermineGoodName(clz)
if determinedName is None:
determinedName = genNameFromIdx(cnt)
else:
determinedName = genNameFromIdx(cnt) + determinedName.split('/')[-1][:-1]
self.commenceRename(clz.getSignature(False), determinedName, 0)
print(clz.getName(False) + " clz cnt is " + str(cnt) + " determined name is " + str(determinedName))
cnt += 1
#rename all fields
cnt = 0
for field in targetUnit.getFields():
if isFuckingName(field.getName(False)):
#get field type(renamed Type)
fieldType = field.getFieldType().getName(True)
newName = genNameFromIdx(cnt) + fieldType
self.commenceRename(field.getAddress(), newName, 1)
print(field.getName(False) + " field cnt is " + str(cnt) + " determined name is " + str(newName))
cnt += 1
#rename all functions
cnt = 0
for mtd in targetUnit.getMethods():
if isFuckingName(mtd.getName(False)):
print(mtd.getName(False))
#get method arguments
#new mtd name is paramTypeJoin
newName = genNameFromIdx(cnt) + ''.join(map(lambda x: x.getName(True), mtd.getParameterTypes()))
self.commenceRename(mtd.getAddress(), newName, 2)
print(mtd.getName(False) + " functions cnt is " + str(cnt) + " determined name is " + str(newName))
cnt += 1
def commenceRename(self, originName, newName, isClass):
if isClass == 0:
clz = self.targetUnit.getClass(originName)
elif isClass == 1:
clz = self.targetUnit.getField(originName)
else:
clz = self.targetUnit.getMethod(originName)
actCntx = ActionContext(self.targetUnit, Actions.RENAME, clz.getItemId(), clz.getAddress())
actData = ActionRenameData()
actData.setNewName(newName)
if(self.targetUnit.prepareExecution(actCntx, actData)):
# 执行重命名动作
try:
bRlt = self.targetUnit.executeAction(actCntx, actData)
if(not bRlt):
print(u'executeAction fail!')
except Exception,e:
print Exception,":",e
def tryDetermineGoodName(self, clzElement):
decomp = DecompilerHelper.getDecompiler(self.targetUnit)
javaunit = decomp.decompile(clzElement.getAddress())
clzElement = javaunit.getClassElement()
if not isFuckingName(clzElement.getName()):
return clzElement.getName()
ssupers = clzElement.getImplementedInterfaces()
supers = []
supers.extend(ssupers)
# do not directly append on returned list!
superSig = clzElement.getSupertype().getSignature()
supers.append(clzElement.getSupertype())
for superItem in supers:
sig = superItem.getSignature()
if sig == "Ljava/lang/Object;":
continue
if not isFuckingName(sig):
return sig
resolvedType = self.targetUnit.getClass(sig)
if resolvedType:
#this is a concret class
guessedName = self.tryDetermineGoodName(resolvedType)
if guessedName:
return guessedName
else:
#this is a SDK class
return sig
return None
def isFuckingName(s):
if s.find('/') != -1:
s = s.split('/')[-1][:-1]
elif s[-1] == ';':
s = s[1:-1]
return set(list(s.lower())) == set(list('iiii'))
def genNameFromIdx(idx):
ret = ''
while idx / 26 != 0:
ret += chr(ord('a') + idx % 26)
idx = idx /26
ret += chr(ord('a') + idx % 26)
return ret