pkumza / libradar Goto Github PK

I am unable to find the setup guide to install these tools.

submission@Submissions-MacBook-Pro LibRadar-master % python3 LibRadar/libradar.py ae224b66fa9a.apk    
/Users/Submission/Downloads/LibRadar-master/LibRadar/libradar.py:185: SyntaxWarning: "is not" with a literal. Did you mean "!="?
if class_name[0] is not 'L':
Traceback (most recent call last):
File "/Users/manish/Downloads/LibRadar-master/LibRadar/libradar.py", line 25, in <module>
import dex_tree
File "/Users/manish/Downloads/LibRadar-master/LibRadar/dex_tree.py", line 27, in <module>
import redis
ModuleNotFoundError: No module named 'redis'

For the app CameraFilter, LibRadar found the library Android Support v4 being used and accessing functions requiring the permissions android.permission.ACCESS_NETWORK_STATE, android.permission.WAKE_LOCK and android.permission.VIBRATE. However, the app itself just declares CAMERA, READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE in its Manifest – not a single match here.

So how should the permissions reported for a library be interpreted?

(Note: if you want to check for yourself, the .apk can be downloaded from the page behind the first link)

Why did dropbox fail to download at the last minute?

http://radar.pkuos.org website is down.

redis数据库rdb文件不能下载了，能更新链接吗，谢谢！

After adding the path to the LibRadarData.rdb as suggested in the documentation, I get this error when I ran the command below:

redis-server tool/redis.conf &

ERROR:

*** FATAL CONFIG FILE ERROR ***
Reading the configuration file, at line 80

'protected-mode yes'
Bad directive or wrong number of arguments

Path added is :

dir /home/fringi/Desktop/RA/redis-3.2.7

As our "leftovers" are spread across multiple PRs (most of them closed now), let's consolidate them in an issue (which then can be dealt with / closed via another PR):

• da;Appbrain;http://www.appbrain.com/ (com/appbrain) should probably be:
  ad;AppBrain SDK;https://www.appbrain.com/info/help/sdk/index.html (ref)
• da;javax; (javax) is much too broad¹
• da;Mozilla;https://www.mozilla.org/ (org/mozilla) is much too broad¹
• da;Polidea;https://www.polidea.com/ (pl/polidea) probably too broad as well¹

¹ ref. We should probably "untag" those (emptying the lib and removing the pn) for now, and tag them appropriately once they turn up in a scan and can be properly identified. Some examples for javax I can already provide:

ut;JavaX Dependency Injection;https://docs.oracle.com/javaee/6/api/javax/inject/package-summary.html (javax/inject)
ut;jmDNS library;https://github.com/jmdns/jmdns (javax/jmdns)
ut;JavaX Servlet API;https://www.jcp.org/en/jsr/detail?id=369 (javax/servlet)

The last two are present in our definitions, so I could retag them properly already (leaving unmatched "javax candidates" untagged).

My suggestions are included above – but I want to hear your opinion first, @pkumza 😸 After having decided, we could proceed as with PRs 30..32: I'd do the retagging on the V1 branch, and you later adopt that (migrate my changes) for V2. Deal? Just give me either…

• a "global OK" (if you agree to all my suggestions)
• separate OKs for what you agree with, and your alternative suggestion for the remains
• requests for clarification where things are unclear (and OKs for where I shall start already)

Update: More candidates:

• com/squareup (tagged pn currently). This prefix is used by a bunch of different libraries like Seismic, Picasso, SQLBrite and more. I've retagged the 2 candidates I was able to identify, and left the remaining alone. We should consider "untagging" them and retagging whenever identified correctly.
• com/facebook is not just sn. It has a bunch of ut packages as well, like Fresco (ugly to tag, because it has a bunch of separate directories directly below com/facebook), Stetho or Rebound. So we should be careful what we tag sn;Facebook (com/facebook) here (and check the existing tags again). This, too, I have corrected where I encountered a candidate.

Hello there,

I tried to run your script on a sample app, therefore, I ran the script as it mentioned in the usage part:

python LibRadar/libradar.py test.apk

but I got the following error:

Traceback (most recent call last): File "LibRadar/libradar.py", line 232, in <module> res = lrd.compare() File "LibRadar/libradar.py", line 220, in compare self.tree.get_repackage_main(res, self.hex_sha256) File "/Users/amirsharif/Desktop/HackingTools/LibRadar/LibRadar/dex_tree.py", line 411, in get_repackage_main self.db_rep.zadd("apk_weight", ret_length, hex_sha256 ) File "/anaconda2/lib/python2.7/site-packages/redis/client.py", line 2388, in zadd for pair in iteritems(mapping): File "/anaconda2/lib/python2.7/site-packages/redis/_compat.py", line 81, in iteritems return x.iteritems() AttributeError: 'int' object has no attribute 'iteritems'

Thanks in advance

If I just want to detect third-party libraries in a large number of apk precisely, should I do as written in "For Professional use"?

Users have to go to some directory to run my python script.
It should not be OK!

Solve it in 12 hours !!!

• Solve the PATH bug.

Hi,
I tried to see the different output of LibRadar and LiteRadar，and add more data and tag to export . After I configured redis and the dumped database ， it seems somthing wrong tookplace in attribute not match, any idea if I missed something？

The code I'm using is the master，and the datasets are the dropbox one

[email protected]:~/code/LibRadar/LibRadar$ python libradar.py  com.ss.android.ugc.aweme.apk
Traceback (most recent call last):
  File "libradar.py", line 232, in <module>
    res = lrd.compare()
  File "libradar.py", line 220, in compare
    self.tree.get_repackage_main(res, self.hex_sha256)
  File "/home/butter/code/LibRadar/LibRadar/dex_tree.py", line 411, in get_repackage_main
    self.db_rep.zadd("apk_weight", ret_length, hex_sha256 )
  File "/home/butter/.local/lib/python2.7/site-packages/redis/client.py", line 2650, in zadd
    for pair in iteritems(mapping):
  File "/home/butter/.local/lib/python2.7/site-packages/redis/_compat.py", line 132, in iteritems
    return x.iteritems()
AttributeError: 'int' object has no attribute 'iteritems'

Could you please provide some description/specification on the file formats of the data/*.dat files, especially what the fields are supposed to stand for, and which of them are mandatory? I'd have specifications on several libraries currently not covered. Currently I "overlay" those data in my "wrapper" when evaluating the JSON result. But I'd find it much better to integrate it here (and of course send you a corresponding PR then), if I could do that.

EDIT:

To give you an example, I've identified

{
 "pn": "com/getjar/sdk/vending/billing/',
 "lib": "pa;GetJar Billing;http://www.getjar.com/",
 "dn": 906,
 "cpn": "com/android/"
}

What does cpn stand for? A package Getjar depends on ("called package name")? OK, that's not needed for the .dat file. But for that it seems I'd need the values for bh (B_Hash), btc (B_Total_Call) and btn (B_Total_Number). How to identify those? Or could I simply substitute a 0 for missing values (those 3 are numeric)?

From the couple of test runs done, I could currently contribute 10 library identifications. As I'm planning to use LibRadar a bit longer, more might show up. Would be great if others could benefit from that.

I am using the latest rdb file (https://github.com/pkumza/Data_for_LibRadar/blob/master/LibRadarData0410.rdb) and the latest version of LibRadar. I configured it as described in the readme file, but i get always an
empty output. This is not the case when i use LiteRadar. By looking in the code,
i found that LibRadar is using besides db 0 and 1, db 2.
redis-cli -n 2 followed by keys * results in the following output:

(empty list or set)

Is it possible that you didn't upload the latest version of LibRadar?

1.I can't find APIDict.py anywhere which is written in QuickStart.md,but I find a python file which name is api_dictionary.py. And api_dictionary.py's function is extracting Apis. So I guess the name of APIDict.py may be wrong, is it?
2.Can I skip the third step which is written as follow in QuickStart.md:3. Get android.jar from Android SDK and place them into $Project_HOME$/Data/RawData, Run APIDict.py? Because there is a wrong when I run api_dictionary.py:"Maybe there is something wrong with jad status".Can I run job_dispatching.py directly？
3.I put my apk files to D:\testapk folder and ran job_dispatching.py,but I got results as follows:
C:\Users\Administrator>python d:LibRadar\LibRadar\job_dispatching.py
'rm' 不是内部或外部命令，也不是可运行的程序或批处理文件。
2017-05-23 09:01:30,415: INFO Pool created
2017-05-23 09:01:30,434: INFO Waiting for all sub-processes done.
2017-05-23 09:01:30,638: INFO Process 00 is running
2017-05-23 09:01:30,677: INFO Process 01 is running
2017-05-23 09:01:30,694: INFO Process 02 is running
2017-05-23 09:01:30,730: INFO Process 03 is running
2017-05-23 09:02:00,641: INFO Process 00 returns
2017-05-23 09:02:00,648: INFO Process 04 is running
2017-05-23 09:02:00,678: INFO Process 01 returns
2017-05-23 09:02:00,686: INFO Process 05 is running
2017-05-23 09:02:00,696: INFO Process 02 returns
2017-05-23 09:02:00,701: INFO Process 06 is running
2017-05-23 09:02:00,733: INFO Process 03 returns
2017-05-23 09:02:00,736: INFO Process 07 is running
2017-05-23 09:02:30,651: INFO Process 04 returns
2017-05-23 09:02:30,688: INFO Process 05 returns
2017-05-23 09:02:30,704: INFO Process 06 returns
2017-05-23 09:02:30,740: INFO Process 07 returns
2017-05-23 09:02:30,858: CRITICAL All sub-processes done.
'eject' 不是内部或外部命令，也不是可运行的程序或批处理文件。
I trid to change ded = DexExtractorDispatcher("D:\testapk") to ded = DexExtractorDispatcher("D:\\testapk") ,but I got simmilar Info except more 'rm' 不是内部或外部命令，也不是可运行的程序或批处理文件。. Where are the analysis results put to? Thanks.

No matter which apk I choose, the script always returns empty set.

$ python LibRadar/libradar.py apks/com.flashlight.brightestflashlightpro.1.42.1.apk
[]

I think this may have something to do with my redis env.

If I run the following command, I can return the correct value. So I believe the redis.conf is configured correctly.

$ redis-cli
127.0.0.1:6379> keys *
1) "feature_weight"
2) "un_ob_cnt"
3) "feature_cnt"
4) "un_ob_pn"

However, the following script always returns empty list:

$ redis-cli -n 3
127.0.0.1:6379[3]> keys *
(empty list or set)
127.0.0.1:6379[3]>

I was using the LibRadarData.rdb from newly uploaded dataset-0410-19k.rdb.tar.gz.

$ ls -la
total 178816
drwxr-xr-x   4 Stan  staff       136 Apr 25 10:49 .
drwxr-xr-x  19 Stan  staff       646 Apr 25 10:48 ..
-rw-r--r--@  1 Stan  staff      6148 Apr 25 10:19 .DS_Store
-rw-r--r--   1 Stan  staff  91544212 Apr 25 09:22 LibRadarData.rdb

Do you know how to fix this problem? Thanks.

Some entries in data/tgst5.dat seem to be syntactically incorrect. As far as I understood, syntax for the library name is tt;name;url (with tt standing for the type of the library). Now I found a couple of entries where the url is not an URL at all, e.g.

• "ut;Tapit;Tapit NFC\u6280\u672f"
• "da;jnlua;Java Lua \u4e92\u8054\u5de5\u5177"

Do I misinterprete something, and that's intended? Or should it be fixed? Please clarify and let me know how to deal with such entries. If I'm assuming right concerning the syntax, those entries should be fixed up to

• "ut;Tapit NFC;" (couldn't find a reference URL)
• "da;Java Lua;" (no reference URL here either)

$ python2 LibRadar/libradar.py ../obf_apk_original/com.llamacorp.equate.apk
Traceback (most recent call last):
File "LibRadar/libradar.py", line 232, in
res = lrd.compare()
File "LibRadar/libradar.py", line 220, in compare
self.tree.get_repackage_main(res, self.hex_sha256)
File "/home/cju/tpl/LibRadar/LibRadar/dex_tree.py", line 411, in get_repackage_main
self.db_rep.zadd("apk_weight", ret_length, hex_sha256 )
File "/home/cju/.local/lib/python2.7/site-packages/redis/client.py", line 2685, in zadd
for pair in iteritems(mapping):
File "/home/cju/.local/lib/python2.7/site-packages/redis/_compat.py", line 133, in iteritems
return x.iteritems()
AttributeError: 'int' object has no attribute 'iteritems'

I'm not on the latest code here (too many dependencies for me 😸 ), and the database isn't in there anyway AFAIR – but you might wish to check 6 library definitions which are probably wrong:

-{"dn": 135, "lib": "pa;Bump pay;", "sp": "com/bumptech/glide/disklrucache", "bh": 343072, "btc": 265, "btn": 73, "pn": "com/bump"}
+{"dn": 135, "lib": "da;Glide;https://github.com/bumptech/glide", "sp": "com/bumptech/glide/disklrucache", "bh": 343072, "btc": 265, "btn": 73, "pn": "com/bumptech/glide"}
-{"dn": 102, "lib": "pa;Bump pay;", "sp": "com/bumptech/glide/gifencoder", "bh": 134926, "btc": 59, "btn": 25, "pn": "com/bump"}
+{"dn": 102, "lib": "da;Glide;https://github.com/bumptech/glide", "sp": "com/bumptech/glide/gifencoder", "bh": 134926, "btc": 59, "btn": 25, "pn": "com/bumptech/glide"}
-{"dn": 117, "lib": "pa;Bump pay;", "sp": "com/bumptech/glide/f", "bh": 24660, "btc": 31, "btn": 19, "pn": "com/bump"}
+{"dn": 117, "lib": "da;Glide;https://github.com/bumptech/glide", "sp": "com/bumptech/glide/f", "bh": 24660, "btc": 31, "btn": 19, "pn": "com/bumptech/glide"}
-{"dn": 105, "lib": "pa;Bump pay;", "sp": "com/bumptech/glide/load/resource/transcode", "bh": 15933, "btc": 22, "btn": 13, "pn": "com/bump"}
+{"dn": 105, "lib": "da;Glide;https://github.com/bumptech/glide", "sp": "com/bumptech/glide/load/resource/transcode", "bh": 15933, "btc": 22, "btn": 13, "pn": "com/bumptech/glide"}
-{"dn": 166, "lib": "pa;Bump pay;", "sp": "com/bumptech/glide/e/d/e", "bh": 14882, "btc": 24, "btn": 9, "pn": "com/bump"}
+{"dn": 166, "lib": "da;Glide;https://github.com/bumptech/glide", "sp": "com/bumptech/glide/e/d/e", "bh": 14882, "btc": 24, "btn": 9, "pn": "com/bumptech/glide"}
-{"dn": 172, "lib": "pa;Bump pay;", "sp": "com/bumptech/glide/g", "bh": 8881, "btc": 12, "btn": 7, "pn": "com/bump"}
+{"dn": 172, "lib": "da;Glide;https://github.com/bumptech/glide", "sp": "com/bumptech/glide/g", "bh": 8881, "btc": 12, "btn": 7, "pn": "com/bumptech/glide"}

I have an .apk where some library is not detected, though I know (from the project, and from decoding it with Apktool) it is there: version 0.04 of qutelauncher added Firebase Analytics – and accordingly, there's com/google/firebase/* in the Smali. I cannot find a match on that in data/tgst5.dat, so it's not reported.

So what would be the necessary steps in such a case? Plus, along those lines, is there a way to scan for undetected libraries one might not be aware of (one does not always know what to expect in some .apk – which is why one uses LibRadar in the first place :)?

This is not really an issue, but rather a question. I hope you don't
mind if I ask it here.

For a project of mine, I am interested in knowing which libraries come
with which package names, and possibly also some meta-information on
these libraries. I noticed you have an awesome and fairly complete list
indata/tgst5.dat. How did you obtain it? I am assuming you have some
high-quality source that you parsed?

Link rot "http://lxwiki.oss-cn-beijing.aliyuncs.com/lite_dataset_10.csv" in this page "https://github.com/pkumza/LibRadar/blob/master/docs/QuickStart.md".

On one system, when I run the script, I get the output as:

fringi@ubuntu:~/Desktop/RA/redis-3.2.7/LibRadar$ python LibRadar/libradar.py /home/fringi/Desktop/intent_classification/download/com.noodlecake.bitcoin.apk 

===== RESULT: ============
==========================
==========================

However, on the other, I get:

/Desktop/RA/redis-3.2.7/LibRadar$ python LibRadar/libradar.py /home/intent_classification/download/com.noodlecake.bitcoin.apk
[]

What could possibly be the reason?

For some of the APKs, I get this:

`Traceback (most recent call last):
File "LibRadar/libradar.py", line 215, in
res = lrd.analyse()
File "LibRadar/libradar.py", line 195, in analyse
self.unzip()
File "LibRadar/libradar.py", line 87, in unzip
zf = zipfile.ZipFile(self.apk_path, mode='r')
File "/usr/lib/python2.7/zipfile.py", line 770, in init
self._RealGetContents()
File "/usr/lib/python2.7/zipfile.py", line 811, in _RealGetContents
raise BadZipfile, "File is not a zip file"
zipfile.BadZipfile: File is not a zip file

`

http://radar.pkuos.org/ is not working

Hello @pkumza. I run the tool with setps you provide. but the link for LibRaderData.rdb is dead.
this file is not find.
Can you send it to my mailbox or rebuild the link? My emali is [email protected]
I look forward to receiving your reply as soon as possible. Thank you.

解析app时发生了报错，而且这个app好像也没有被加壳

Traceback (most recent call last):
File "literadar.py", line 256, in
res = lrd.compare()
File "literadar.py", line 236, in compare
self.analyse()
File "literadar.py", line 231, in analyse
self.extract_dex()
File "literadar.py", line 209, in extract_dex
if class_name[0] is not 'L':
IndexError: string index out of range

I downloaded database and configured right, LiteRadar works like a charm but LibRadar is not working for me.

Python version : 2.7.5

Here is my Traceback :

Traceback (most recent call last):
  File "LibRadar/libradar.py", line 232, in <module>
    res = lrd.compare()
  File "LibRadar/libradar.py", line 220, in compare
    self.tree.get_repackage_main(res, self.hex_sha256)
  File "/opt/LibRadar/LibRadar/dex_tree.py", line 411, in get_repackage_main
    self.db_rep.zadd("apk_weight", ret_length, hex_sha256 )
  File "/usr/lib/python2.7/site-packages/redis/client.py", line 2320, in zadd
    for pair in iteritems(mapping):
  File "/usr/lib/python2.7/site-packages/redis/_compat.py", line 81, in iteritems
    return x.iteritems()
AttributeError: 'int' object has no attribute 'iteritems'

I suspect some mis-tagging: what currently is tagged as "FasterXML" (com/fasterxml) at least at several places is rather the Jackson Project (com/fasterxml/jackson) – see e.g. jackson-core (com/fasterxml/jackson/core). Besides, the website fasterxml.com does not resolve. Could you please cross-check that?

Also, there's a related project (com/shaded/fasterxml/jackson). Not sure how that should be tagged, so for now I skip it.

Hello@pkumza I'm trying to delete these libs from my apks, can I use LibRadar to do that?

I was trying to create my own redis database while investigating a set of apps. But apparently dex_extractor.py won't store anything. It looks like the catch_a_class() method from PackageNodeList is the problem. It stores data while iterating over the pn_list. But this cannot happen, since the pn_list is initialized as an empty list.

I click the url,I can't open the website

I'm using pip version 18.1
And when run pip installs LibRadar command, I get below error:

Command "python setup.py egg_info" failed with error code 1 in C:\Users\DRF4E5~1
.JAC\AppData\Local\Temp\pip-install-2fiod06h\Libradar\

--- Logging error ---
Traceback (most recent call last):
  File "c:\python36-32\lib\site-packages\pip\_internal\cli\base_command.py", lin
e 143, in main
    status = self.run(options, args)
  File "c:\python36-32\lib\site-packages\pip\_internal\commands\install.py", lin
e 318, in run
    resolver.resolve(requirement_set)
  File "c:\python36-32\lib\site-packages\pip\_internal\resolve.py", line 102, in
 resolve
    self._resolve_one(requirement_set, req)
  File "c:\python36-32\lib\site-packages\pip\_internal\resolve.py", line 256, in
 _resolve_one
    abstract_dist = self._get_abstract_dist_for(req_to_install)
  File "c:\python36-32\lib\site-packages\pip\_internal\resolve.py", line 209, in
 _get_abstract_dist_for
    self.require_hashes
  File "c:\python36-32\lib\site-packages\pip\_internal\operations\prepare.py", l
ine 298, in prepare_linked_requirement
    abstract_dist.prep_for_dist(finder, self.build_isolation)
  File "c:\python36-32\lib\site-packages\pip\_internal\operations\prepare.py", l
ine 126, in prep_for_dist
    self.req.run_egg_info()
  File "c:\python36-32\lib\site-packages\pip\_internal\req\req_install.py", line
 473, in run_egg_info
    command_desc='python setup.py egg_info')
  File "c:\python36-32\lib\site-packages\pip\_internal\utils\misc.py", line 705,
 in call_subprocess
    % (command_desc, proc.returncode, cwd))
pip._internal.exceptions.InstallationError: Command "python setup.py egg_info" f
ailed with error code 1 in C:\Users\DRF4E5~1.JAC\AppData\Local\Temp\pip-install-
itj9d4nx\Libradar\

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "c:\python36-32\lib\logging\handlers.py", line 71, in emit
    if self.shouldRollover(record):
  File "c:\python36-32\lib\logging\handlers.py", line 185, in shouldRollover
    self.stream = self._open()
  File "c:\python36-32\lib\site-packages\pip\_internal\utils\logging.py", line 1
22, in _open
    ensure_dir(os.path.dirname(self.baseFilename))
  File "c:\python36-32\lib\site-packages\pip\_internal\utils\misc.py", line 89,
in ensure_dir
    os.makedirs(path)
  File "c:\python36-32\lib\os.py", line 220, in makedirs
    mkdir(name, mode)
PermissionError: [WinError 5] Access is denied: 'F:\\'
Call stack:
  File "c:\python36-32\lib\runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "c:\python36-32\lib\runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "C:\Python36-32\Scripts\pip.exe\__main__.py", line 9, in <module>
    sys.exit(main())
  File "c:\python36-32\lib\site-packages\pip\_internal\__init__.py", line 78, in
 main
    return command.main(cmd_args)
  File "c:\python36-32\lib\site-packages\pip\_internal\cli\base_command.py", lin
e 154, in main
    logger.critical(str(exc))
Message: 'Command "python setup.py egg_info" failed with error code 1 in C:\\Use
rs\\DRF4E5~1.JAC\\AppData\\Local\\Temp\\pip-install-itj9d4nx\\Libradar\\'
Arguments: ()
--- Logging error ---
Traceback (most recent call last):
  File "c:\python36-32\lib\site-packages\pip\_internal\cli\base_command.py", lin
e 143, in main
    status = self.run(options, args)
  File "c:\python36-32\lib\site-packages\pip\_internal\commands\install.py", lin
e 318, in run
    resolver.resolve(requirement_set)
  File "c:\python36-32\lib\site-packages\pip\_internal\resolve.py", line 102, in
 resolve
    self._resolve_one(requirement_set, req)
  File "c:\python36-32\lib\site-packages\pip\_internal\resolve.py", line 256, in
 _resolve_one
    abstract_dist = self._get_abstract_dist_for(req_to_install)
  File "c:\python36-32\lib\site-packages\pip\_internal\resolve.py", line 209, in
 _get_abstract_dist_for
    self.require_hashes
  File "c:\python36-32\lib\site-packages\pip\_internal\operations\prepare.py", l
ine 298, in prepare_linked_requirement
    abstract_dist.prep_for_dist(finder, self.build_isolation)
  File "c:\python36-32\lib\site-packages\pip\_internal\operations\prepare.py", l
ine 126, in prep_for_dist
    self.req.run_egg_info()
  File "c:\python36-32\lib\site-packages\pip\_internal\req\req_install.py", line
 473, in run_egg_info
    command_desc='python setup.py egg_info')
  File "c:\python36-32\lib\site-packages\pip\_internal\utils\misc.py", line 705,
 in call_subprocess
    % (command_desc, proc.returncode, cwd))
pip._internal.exceptions.InstallationError: Command "python setup.py egg_info" f
ailed with error code 1 in C:\Users\DRF4E5~1.JAC\AppData\Local\Temp\pip-install-
itj9d4nx\Libradar\

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "c:\python36-32\lib\logging\handlers.py", line 71, in emit
    if self.shouldRollover(record):
  File "c:\python36-32\lib\logging\handlers.py", line 185, in shouldRollover
    self.stream = self._open()
  File "c:\python36-32\lib\site-packages\pip\_internal\utils\logging.py", line 1
22, in _open
    ensure_dir(os.path.dirname(self.baseFilename))
  File "c:\python36-32\lib\site-packages\pip\_internal\utils\misc.py", line 89,
in ensure_dir
    os.makedirs(path)
  File "c:\python36-32\lib\os.py", line 220, in makedirs
    mkdir(name, mode)
PermissionError: [WinError 5] Access is denied: 'F:\\'
Call stack:
  File "c:\python36-32\lib\runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "c:\python36-32\lib\runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "C:\Python36-32\Scripts\pip.exe\__main__.py", line 9, in <module>
    sys.exit(main())
  File "c:\python36-32\lib\site-packages\pip\_internal\__init__.py", line 78, in
 main
    return command.main(cmd_args)
  File "c:\python36-32\lib\site-packages\pip\_internal\cli\base_command.py", lin
e 155, in main
    logger.debug('Exception information:', exc_info=True)
Message: 'Exception information:'
Arguments: ()

这个项目能检测新出来的第三方库吗？

Hi,

This code does not consider all the .dex files in apk.
While upzipping apk (in job_dispatching.py file) only classes.dex file is extracted.
Whereas files such classes1.dex, classes2.dex (and so on) can also be present.
And so only one file is processed in DexExtractor.extract_dex() method

Note that this issue is not in lite version. There while unzipping all classes .dex files are extracted
and then all files are processed in extract_dex() function

Hi,

The redis dump link on the quick start documentation page (https://github.com/pkumza/LibRadar/blob/master/docs/QuickStart.md) is not working any more:
https://www.dropbox.com/s/w31gig6msdo3cdy/dump-20170515-shrink.rdb.tar.gz?dl=0

Could you please update it?

By the way, is the data on that redis dump the same as in the lite_datasetfile .csv file?

Thank you and best regards,
Rodrigo

The Dropbox link (https://www.dropbox.com/s/w31gig6msdo3cdy/dump-20170515-shrink.rdb.tar.gz?dl=0) has expired. Is there an alternative way to get it?

do not match com/bump with com/bumptech/glide again!

• Solve the Matching bug.

I have successfully installed LibRadar.

My script looks like this:

from LibRadar.libradar import LibRadar
from collections import defaultdict
output = defaultdict(list)

if __name__ == '__main__':
        for dirname, dirnames, filenames in os.walk('..\download'):
.........

However, when I try running it, I get this:

Traceback (most recent call last):
File "script.py", line 4, in
from LibRadar.libradar import LibRadar
ImportError: No module named LibRadar.libradar

Not sure why.

Where is the full dataset stored?

I tried to follow your short guide on the Lite version, but the call in step 3 failed:

$ python LibRadar/libradar.py foo.apk
Traceback (most recent call last):
  File "LibRadar/libradar.py", line 25, in <module>
    import dex_tree
  File "/x/LibRadar/dex_tree.py", line 28, in <module>
    import redis
ImportError: No module named redis

Wouldn't help to simply comment out that import, as the modul is used in multiple places in dex_tree.py (and thus commenting out would break the "ordinary version"). But even with commenting out (including the two places it is adressed), the data file is not found as it's looked for relative from where the module was called – so one must cd into the LibRadar directory and call it from there. Which then works.

PS: the library definition changes from V1 should be adopted. It e.g. still counts "Package": "Lcom/bumptech" as "Bump Pay", which is definitely wrong (that would be com/bump – and what that test APK had (and was detected in addition) was "Glide", com/bumptech/glide 😳

• Todo: a pure lite version

Hello author, I successfully ran LibRadar on ubuntu the other day and am amazed at the functionality. I used a file lite_dataset_10.csv, which looks like raw data generated by some rule. I was wondering, how do I generate this file? Because I might have to build it from a specific library file.

Hi, thanks for sharing this repo！
Since the websets is closed, could we run the code locally to check the third-party lib using this repo?
Thanks

i cloned LIbradar in my kali linux machine. then i installed redis 3.2.11 on my machine but still when i run libradar.py i got this error :

Traceback (most recent call last):
File "libradar.py", line 25, in
import dex_tree
File "/root/LibRadar/LibRadar/dex_tree.py", line 27, in
import redis
ImportError: No module named redis

i wonder do i have to download the redis and put it inside the Liradar folder?or there is an other way to make it work ?

edit: i just add the redis inside Libradar/Libradar and still face the same issue. anyone help please?