import struct import os #这里定义一个读取字符串长度的函数 def DecUnsignedLEB128(file): result = struct.unpack("i", file.read(4))[0]#读取4字节中的第一个字节 result = result&0x000000ff file.seek(-3, 1) #倒退回前面的第三个字节 # 不能直接从1字节强转为4字节,所以先取4字节,再清空3字节 if (result > 0x7f): next = struct.unpack("i", file.read(4))[0] next = next&0x000000ff #第一位是个位 file.seek(-3, 1) result = (result&0x7f) | (next&0x7f)<<7 if(next > 0x7f): next = struct.unpack("i", file.read(4))[0] next = next&0x000000ff #加入十位 file.seek(-3, 1) result = result | (next&0x7f)<<14 if(next > 0x7f): next = struct.unpack("i", file.read(4))[0] next = next&0x000000ff file.seek(-3, 1) result = result | (next&0x7f)<<21 if(next > 0x7f): next = struct.unpack("i", file.read(4))[0] next = next&0x000000ff file.seek(-3, 1) result = result | next<<28 #print "result:", result return result dex = open("imissTest.dex", 'rb') #rb的意思是 read and write in binary file dex.seek(0x38, 0)#string table的偏移 tmp = dex.read(8) string_count, string_table_off = struct.unpack("II", tmp) #"II"是分别读取的意思 print ("size:", string_count, " off:", string_table_off) dex.seek(string_table_off, 0) DexStrOffList = [] count = 0 while(count<string_count): DexStrOffList.append(struct.unpack("i", dex.read(4))[0])#unpack返回一个tuple 取第0个元素 count+=1 DexStrList = [] nonullcount = 0 for stroff in DexStrOffList: dex.seek(stroff, 0) strlen = DecUnsignedLEB128(dex) if(strlen == 0): continue input = dex.read(strlen) DexStrList.append(struct.unpack(str(strlen)+"s", input)) #解析不定长的字符串 nonullcount+=1 outputfile = open("string.txt", "w") count = 0 print ("string:",string_count) for i in DexStrList: outputfile.write('%s\n'%i) #将元组中的元素写入文件 outputfile.close() dex.close()
原文:http://blog.csdn.net/qq_21970857/article/details/44902229