首页 > 其他 > 详细

读取.dex文件中的所有字符串

时间:2015-04-06 15:43:42      阅读:241      评论:0      收藏:0      [点我收藏+]
import struct
import os
#这里定义一个读取字符串长度的函数
def DecUnsignedLEB128(file):
    result = struct.unpack("i", file.read(4))[0]#读取4字节中的第一个字节
    result = result&0x000000ff  
    file.seek(-3, 1) #倒退回前面的第三个字节  # 不能直接从1字节强转为4字节,所以先取4字节,再清空3字节
    if (result > 0x7f): 
        next = struct.unpack("i", file.read(4))[0]
        next = next&0x000000ff #第一位是个位
        file.seek(-3, 1)
        result = (result&0x7f) | (next&0x7f)<<7
        if(next > 0x7f):
            next = struct.unpack("i", file.read(4))[0]
            next = next&0x000000ff  #加入十位
            file.seek(-3, 1)
            result = result | (next&0x7f)<<14
            if(next > 0x7f):
                next = struct.unpack("i", file.read(4))[0]
                next = next&0x000000ff
                file.seek(-3, 1)
                result = result | (next&0x7f)<<21
                if(next > 0x7f):
                    next = struct.unpack("i", file.read(4))[0]
                    next = next&0x000000ff
                    file.seek(-3, 1)
                    result = result | next<<28
                    
    #print "result:", result
    return result

dex = open("imissTest.dex", 'rb')   #rb的意思是 read and write in binary file
dex.seek(0x38, 0)#string table的偏移
tmp = dex.read(8)
string_count, string_table_off = struct.unpack("II", tmp)  #"II"是分别读取的意思
print ("size:", string_count, " off:", string_table_off)
dex.seek(string_table_off, 0)
DexStrOffList = []
count = 0
while(count<string_count):
    DexStrOffList.append(struct.unpack("i", dex.read(4))[0])#unpack返回一个tuple 取第0个元素
    count+=1
DexStrList = []
nonullcount = 0
for stroff in DexStrOffList:
    dex.seek(stroff, 0)
    strlen = DecUnsignedLEB128(dex)
    if(strlen == 0):
        continue
    input = dex.read(strlen)
    DexStrList.append(struct.unpack(str(strlen)+"s", input)) #解析不定长的字符串
    nonullcount+=1
outputfile = open("string.txt", "w")
count = 0
print ("string:",string_count)

for i in DexStrList:
    outputfile.write('%s\n'%i) #将元组中的元素写入文件
outputfile.close()
dex.close()

读取.dex文件中的所有字符串

原文:http://blog.csdn.net/qq_21970857/article/details/44902229

(0)
(0)
   
举报
评论 一句话评论(0
关于我们 - 联系我们 - 留言反馈 - 联系我们:wmxa8@hotmail.com
© 2014 bubuko.com 版权所有
打开技术之扣,分享程序人生!