0
# APK Processing
1
2
Complete Android Package (APK) file analysis capabilities including manifest parsing, resource extraction, signature verification, permission analysis, and file structure inspection.
3
4
## Capabilities
5
6
### APK Class
7
8
The main class for APK file analysis and manipulation, providing comprehensive access to all APK components.
9
10
```python { .api }
11
class APK:
12
def __init__(self, filename: str, raw: bool = False, magic_file: str = None, skip_analysis: bool = False, testzip: bool = False):
13
"""
14
Initialize APK analysis.
15
16
Parameters:
17
- filename: Path to APK file or raw data if raw=True
18
- raw: If True, filename contains raw APK data
19
- magic_file: Legacy parameter (unused, deprecated)
20
- skip_analysis: Skip manifest analysis for faster loading
21
- testzip: Test ZIP file integrity before processing
22
"""
23
```
24
25
### Basic Information
26
27
Extract fundamental APK metadata and identification information.
28
29
```python { .api }
30
def get_filename(self) -> str:
31
"""Return the filename of the APK."""
32
33
def get_package(self) -> str:
34
"""Return the package name from AndroidManifest.xml."""
35
36
def get_app_name(self, locale=None) -> str:
37
"""Return the application name, optionally for specific locale."""
38
39
def get_app_icon(self, max_dpi: int = 65536) -> str:
40
"""Return the path to the app icon file within the APK."""
41
42
def get_androidversion_code(self) -> str:
43
"""Return the android:versionCode attribute."""
44
45
def get_androidversion_name(self) -> str:
46
"""Return the android:versionName attribute."""
47
48
def is_valid_APK(self) -> bool:
49
"""Return True if APK has valid AndroidManifest.xml."""
50
```
51
52
### File System Access
53
54
Access and extract files from the APK archive.
55
56
```python { .api }
57
def get_files(self) -> list[str]:
58
"""Return list of all files in the APK."""
59
60
def get_file(self, filename: str) -> bytes:
61
"""Return raw data of specified file."""
62
63
def get_files_types(self) -> dict[str, str]:
64
"""Return dictionary mapping filenames to detected file types."""
65
66
def get_files_crc32(self) -> dict[str, int]:
67
"""Return dictionary mapping filenames to CRC32 checksums."""
68
69
def get_raw(self) -> bytes:
70
"""Return raw bytes of the entire APK file."""
71
```
72
73
### DEX File Access
74
75
Extract and access Dalvik Executable files from the APK.
76
77
```python { .api }
78
def get_dex(self) -> bytes:
79
"""Return raw data of classes.dex file."""
80
81
def get_all_dex(self) -> Iterator[bytes]:
82
"""Return iterator over all DEX files in the APK."""
83
84
def get_dex_names(self) -> list[str]:
85
"""Return names of all DEX files (classes.dex, classes2.dex, etc.)."""
86
87
def is_multidex(self) -> bool:
88
"""Return True if APK contains multiple DEX files."""
89
```
90
91
### Manifest Analysis
92
93
Parse and extract information from AndroidManifest.xml.
94
95
```python { .api }
96
def get_activities(self) -> list[str]:
97
"""Return list of all activity names."""
98
99
def get_main_activity(self) -> str:
100
"""Return name of the main/launcher activity."""
101
102
def get_main_activities(self) -> set[str]:
103
"""Return set of all main activities."""
104
105
def get_services(self) -> list[str]:
106
"""Return list of all service names."""
107
108
def get_receivers(self) -> list[str]:
109
"""Return list of all broadcast receiver names."""
110
111
def get_providers(self) -> list[str]:
112
"""Return list of all content provider names."""
113
114
def get_intent_filters(self, itemtype: str, name: str) -> dict[str, list[str]]:
115
"""Return intent filters for specified component."""
116
```
117
118
### Permission Analysis
119
120
Analyze declared and requested permissions.
121
122
```python { .api }
123
def get_permissions(self) -> list[str]:
124
"""Return list of all requested permissions."""
125
126
def get_details_permissions(self) -> dict[str, list[str]]:
127
"""Return detailed permission information with protection levels."""
128
129
def get_declared_permissions(self) -> list[str]:
130
"""Return list of permissions declared by this app."""
131
132
def get_declared_permissions_details(self) -> dict[str, list[str]]:
133
"""Return detailed information about declared permissions."""
134
135
def get_uses_implied_permission_list(self) -> list[str]:
136
"""Return permissions implied by target SDK or other permissions."""
137
138
def get_requested_aosp_permissions(self) -> list[str]:
139
"""Return requested permissions from AOSP project."""
140
141
def get_requested_third_party_permissions(self) -> list[str]:
142
"""Return requested permissions not from AOSP."""
143
```
144
145
### SDK and Features
146
147
Extract SDK version requirements and hardware features.
148
149
```python { .api }
150
def get_min_sdk_version(self) -> str:
151
"""Return android:minSdkVersion attribute."""
152
153
def get_target_sdk_version(self) -> str:
154
"""Return android:targetSdkVersion attribute."""
155
156
def get_effective_target_sdk_version(self) -> int:
157
"""Return effective target SDK version (defaults to 1 if not set)."""
158
159
def get_max_sdk_version(self) -> str:
160
"""Return android:maxSdkVersion attribute."""
161
162
def get_libraries(self) -> list[str]:
163
"""Return list of required libraries."""
164
165
def get_features(self) -> list[str]:
166
"""Return list of required hardware features."""
167
168
def is_wearable(self) -> bool:
169
"""Return True if app targets wearable devices."""
170
171
def is_leanback(self) -> bool:
172
"""Return True if app supports Android TV."""
173
174
def is_androidtv(self) -> bool:
175
"""Return True if app targets Android TV."""
176
```
177
178
### Signature Verification
179
180
Analyze APK signatures and certificates.
181
182
```python { .api }
183
def is_signed(self) -> bool:
184
"""Return True if APK has any signature (v1, v2, or v3)."""
185
186
def is_signed_v1(self) -> bool:
187
"""Return True if APK has JAR/v1 signature."""
188
189
def is_signed_v2(self) -> bool:
190
"""Return True if APK has v2 signature."""
191
192
def is_signed_v3(self) -> bool:
193
"""Return True if APK has v3 signature."""
194
195
def get_signature_name(self) -> str:
196
"""Return name of first signature file."""
197
198
def get_signature_names(self) -> list[str]:
199
"""Return list of all signature file names."""
200
201
def get_certificate(self, filename: str) -> object:
202
"""Return X.509 certificate object for signature file."""
203
204
def get_certificates(self) -> list[object]:
205
"""Return list of all certificates from all signature versions."""
206
207
def get_certificates_v1(self) -> list[object]:
208
"""Return list of v1 signature certificates."""
209
210
def get_certificates_v2(self) -> list[object]:
211
"""Return list of v2 signature certificates."""
212
213
def get_certificates_v3(self) -> list[object]:
214
"""Return list of v3 signature certificates."""
215
```
216
217
### Resource Access
218
219
Access Android resources and resource parsing.
220
221
```python { .api }
222
def get_android_manifest_axml(self) -> object:
223
"""Return AXMLPrinter object for AndroidManifest.xml."""
224
225
def get_android_manifest_xml(self) -> object:
226
"""Return parsed XML object for AndroidManifest.xml."""
227
228
def get_android_resources(self) -> object:
229
"""Return ARSCParser object for resources.arsc."""
230
```
231
232
## Usage Examples
233
234
### Basic APK Information
235
236
```python
237
from androguard.core.apk import APK
238
239
# Load APK
240
apk = APK("path/to/app.apk")
241
242
# Get basic information
243
print(f"Package: {apk.get_package()}")
244
print(f"App name: {apk.get_app_name()}")
245
print(f"Version: {apk.get_androidversion_name()} ({apk.get_androidversion_code()})")
246
print(f"Min SDK: {apk.get_min_sdk_version()}")
247
print(f"Target SDK: {apk.get_target_sdk_version()}")
248
```
249
250
### Permission Analysis
251
252
```python
253
# Get all permissions
254
permissions = apk.get_permissions()
255
for perm in permissions:
256
print(f"Permission: {perm}")
257
258
# Get detailed permission info
259
perm_details = apk.get_details_permissions()
260
for perm, details in perm_details.items():
261
protection_level, label, description = details
262
print(f"{perm}: {protection_level} - {description}")
263
```
264
265
### Component Analysis
266
267
```python
268
# Get application components
269
print("Activities:")
270
for activity in apk.get_activities():
271
print(f" {activity}")
272
# Get intent filters for this activity
273
filters = apk.get_intent_filters("activity", activity)
274
if filters:
275
print(f" Intent filters: {filters}")
276
277
print("Services:")
278
for service in apk.get_services():
279
print(f" {service}")
280
281
print("Receivers:")
282
for receiver in apk.get_receivers():
283
print(f" {receiver}")
284
```
285
286
### Signature Verification
287
288
```python
289
# Check signatures
290
if apk.is_signed():
291
print("APK is signed")
292
if apk.is_signed_v1():
293
print(" Has v1 signature")
294
if apk.is_signed_v2():
295
print(" Has v2 signature")
296
if apk.is_signed_v3():
297
print(" Has v3 signature")
298
299
# Get certificates
300
certificates = apk.get_certificates()
301
for cert in certificates:
302
print(f"Certificate: {cert}")
303
else:
304
print("APK is not signed")
305
```
306
307
### Advanced Signature Verification
308
309
Advanced Android signature verification classes for V2 and V3 signature scheme analysis.
310
311
```python { .api }
312
class APKV2SignedData:
313
"""Android APK v2 signature scheme signed data representation."""
314
315
def __init__(self, data: bytes):
316
"""Initialize with v2 signed data block."""
317
318
class APKV3SignedData:
319
"""Android APK v3 signature scheme signed data representation."""
320
321
def __init__(self, data: bytes):
322
"""Initialize with v3 signed data block."""
323
324
class APKV2Signer:
325
"""Individual signer information for v2 signature scheme."""
326
327
def get_public_key(self) -> bytes:
328
"""Return the signer's public key in DER format."""
329
330
def get_certificate(self) -> object:
331
"""Return the X.509 certificate for this signer."""
332
333
def verify_signature(self) -> bool:
334
"""Verify the signature for this signer."""
335
336
class APKV3Signer:
337
"""Individual signer information for v3 signature scheme."""
338
339
def get_public_key(self) -> bytes:
340
"""Return the signer's public key in DER format."""
341
342
def get_certificate(self) -> object:
343
"""Return the X.509 certificate for this signer."""
344
345
def verify_signature(self) -> bool:
346
"""Verify the signature for this signer."""
347
348
def get_min_sdk_version(self) -> int:
349
"""Return minimum SDK version for this signer."""
350
351
def get_max_sdk_version(self) -> int:
352
"""Return maximum SDK version for this signer."""
353
```
354
355
### Advanced Signature API Methods
356
357
Extended APK methods for detailed signature analysis and verification.
358
359
```python { .api }
360
def parse_v2_v3_signature(self) -> None:
361
"""Parse and initialize v2/v3 signature data."""
362
363
def get_public_keys_der_v2(self) -> list[bytes]:
364
"""Return list of v2 signers' public keys in DER format."""
365
366
def get_public_keys_der_v3(self) -> list[bytes]:
367
"""Return list of v3 signers' public keys in DER format."""
368
369
def get_certificates_v2(self) -> list[object]:
370
"""Return list of X.509 certificates from v2 signatures."""
371
372
def get_certificates_v3(self) -> list[object]:
373
"""Return list of X.509 certificates from v3 signatures."""
374
375
def verify_signer_info_against_sig_file(self, sig_file: str, info: dict) -> bool:
376
"""
377
Verify signer information against signature file.
378
379
Parameters:
380
- sig_file: signature file name
381
- info: signer information dictionary
382
383
Returns:
384
bool: True if verification successful
385
"""
386
```
387
388
### Advanced Signature Usage Examples
389
390
#### V2/V3 Signature Analysis
391
392
```python
393
from androguard.core.apk import APK
394
395
apk = APK("signed_app.apk")
396
397
# Parse advanced signature data
398
apk.parse_v2_v3_signature()
399
400
# Check for v2 signatures
401
if apk.is_signed_v2():
402
print("APK has v2 signatures")
403
404
# Get v2 public keys
405
v2_keys = apk.get_public_keys_der_v2()
406
print(f"Found {len(v2_keys)} v2 signers")
407
408
# Get v2 certificates
409
v2_certs = apk.get_certificates_v2()
410
for i, cert in enumerate(v2_certs):
411
print(f"V2 Signer {i+1} Certificate: {cert.subject}")
412
413
# Check for v3 signatures
414
if apk.is_signed_v3():
415
print("APK has v3 signatures")
416
417
# Get v3 public keys
418
v3_keys = apk.get_public_keys_der_v3()
419
print(f"Found {len(v3_keys)} v3 signers")
420
421
# Get v3 certificates with SDK versions
422
v3_certs = apk.get_certificates_v3()
423
for i, cert in enumerate(v3_certs):
424
print(f"V3 Signer {i+1} Certificate: {cert.subject}")
425
```
426
427
#### Signature Verification
428
429
```python
430
from androguard.core.apk import APK, APKV2Signer, APKV3Signer
431
432
apk = APK("app.apk")
433
apk.parse_v2_v3_signature()
434
435
# Verify individual v2 signers
436
if hasattr(apk, '_v2_signing_data'):
437
for signer in apk._v2_signing_data.signers:
438
v2_signer = APKV2Signer(signer)
439
if v2_signer.verify_signature():
440
print("V2 signature verification: PASSED")
441
print(f"Public key: {v2_signer.get_public_key().hex()[:32]}...")
442
else:
443
print("V2 signature verification: FAILED")
444
445
# Verify individual v3 signers
446
if hasattr(apk, '_v3_signing_data'):
447
for signer in apk._v3_signing_data.signers:
448
v3_signer = APKV3Signer(signer)
449
if v3_signer.verify_signature():
450
print("V3 signature verification: PASSED")
451
print(f"SDK range: {v3_signer.get_min_sdk_version()}-{v3_signer.get_max_sdk_version()}")
452
else:
453
print("V3 signature verification: FAILED")
454
```
455
456
## Utility Functions
457
458
```python { .api }
459
def get_apkid(apkfile: str) -> tuple[str, str, str]:
460
"""
461
Extract (appid, versionCode, versionName) from APK quickly.
462
463
Parameters:
464
- apkfile: path to APK file
465
466
Returns:
467
Tuple of (package_name, version_code, version_name)
468
"""
469
470
def show_Certificate(cert: object, short: bool = False) -> None:
471
"""
472
Print certificate information.
473
474
Parameters:
475
- cert: X.509 certificate object
476
- short: Use short form for distinguished names
477
"""
478
```