├── KRS-Gui ├── obj │ ├── Release │ │ └── netcoreapp3.1 │ │ │ ├── KRS-Gui.csproj.CopyComplete │ │ │ ├── KRS-Gui.AssemblyInfoInputs.cache │ │ │ ├── KRS-Gui.genruntimeconfig.cache │ │ │ ├── KRS-Gui.csproj.CoreCompileInputs.cache │ │ │ ├── KRS-Gui.dll │ │ │ ├── KRS-Gui.pdb │ │ │ ├── apphost.exe │ │ │ ├── KRS-Gui.assets.cache │ │ │ ├── KRS_Gui.GuiForm.resources │ │ │ ├── KRS-Gui.csproj.GenerateResource.cache │ │ │ ├── KRS-Gui.csproj.AssemblyReference.cache │ │ │ ├── KRS_Gui.Properties.Resources.resources │ │ │ ├── KRS-Gui.GeneratedMSBuildEditorConfig.editorconfig │ │ │ ├── .NETCoreApp,Version=v3.1.AssemblyAttributes.cs │ │ │ ├── KRS-Gui.AssemblyInfo.cs │ │ │ └── KRS-Gui.csproj.FileListAbsolute.txt │ ├── KRS-Gui.csproj.nuget.g.targets │ ├── project.nuget.cache │ ├── KRS-Gui.csproj.nuget.g.props │ ├── KRS-Gui.csproj.nuget.dgspec.json │ └── project.assets.json ├── KRS.ico ├── AgentPlug.jar ├── .vs │ └── KRS-Gui │ │ ├── v16 │ │ └── .suo │ │ └── DesignTimeBuild │ │ └── .dtbcache.v2 ├── Resources │ ├── class_obj.png │ ├── package_obj.png │ └── field_public_obj.png ├── KRSFinder │ ├── .vs │ │ └── KRS-Gui │ │ │ ├── v16 │ │ │ └── .suo │ │ │ └── DesignTimeBuild │ │ │ └── .dtbcache.v2 │ ├── MessageSaver │ │ ├── SaverConfig.cs │ │ ├── SourceNameSaver.cs │ │ └── RelationSaver.cs │ ├── Base │ │ ├── Config.cs │ │ ├── Method.cs │ │ └── Var.cs │ ├── Handler │ │ ├── IBaseHandler.cs │ │ ├── MethodNameHandler.cs │ │ ├── NewInstanceOpCodeHandler.cs │ │ ├── InstanceOfOpCodeHandler.cs │ │ ├── KlazzNameHandler.cs │ │ ├── GotoOpCodeHandler.cs │ │ ├── CalcOpCodeHandler.cs │ │ ├── CmpOpCodeHandler.cs │ │ ├── FieldOpCodeHandler.cs │ │ ├── ArrayOpCodeHandler.cs │ │ ├── LocalNameHandler.cs │ │ ├── SourceNameHandler.cs │ │ ├── ConstOpCodeHandler.cs │ │ ├── GetOpCodeHandler.cs │ │ ├── IfOpCodeHandler.cs │ │ ├── PutOpCodeHandler.cs │ │ ├── MoveOpCodeHandler.cs │ │ └── InvokeOpCodeHandler.cs │ ├── LogPrinter │ │ └── Log.cs │ ├── KRS-Gui.sln │ ├── Module │ │ ├── Smali │ │ │ ├── Utils.cs │ │ │ ├── TempRegister.cs │ │ │ ├── TempRegisterMap.cs │ │ │ └── OpCode.cs │ │ ├── SmaliFileAnalyseModule.cs │ │ └── MethodCodeAnalyseModule.cs │ └── SmaliHandler.cs ├── bin │ └── Release │ │ └── netcoreapp3.1 │ │ ├── KRS-Gui.dll │ │ ├── KRS-Gui.exe │ │ ├── KRS-Gui.pdb │ │ ├── AgentPlug.jar │ │ ├── Newtonsoft.Json.dll │ │ ├── KRS-Gui.runtimeconfig.json │ │ ├── KRS-Gui.runtimeconfig.dev.json │ │ └── KRS-Gui.deps.json ├── GuiForm.cs ├── KRS-Gui.csproj.user ├── KRS-Gui.sln ├── KRS-Gui.csproj ├── JadxConfig.cs ├── Program.cs ├── GuiForm.resx ├── Properties │ ├── Resources.Designer.cs │ └── Resources.resx ├── JadxConfig.Designer.cs ├── GuiForm.Designer.cs └── GuiForm.Method.cs ├── KRS.png ├── KRS1.png ├── KRS2.png ├── KRS3.png ├── KRS4.png └── README.md /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.csproj.CopyComplete: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /KRS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS.png -------------------------------------------------------------------------------- /KRS1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS1.png -------------------------------------------------------------------------------- /KRS2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS2.png -------------------------------------------------------------------------------- /KRS3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS3.png -------------------------------------------------------------------------------- /KRS4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS4.png -------------------------------------------------------------------------------- /KRS-Gui/KRS.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/KRS.ico -------------------------------------------------------------------------------- /KRS-Gui/AgentPlug.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/AgentPlug.jar -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.AssemblyInfoInputs.cache: -------------------------------------------------------------------------------- 1 | d073f054e5aa9fab89fc3775411398a7b8ab131e 2 | -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.genruntimeconfig.cache: -------------------------------------------------------------------------------- 1 | 58d2e5d88e54959b91e831f47ceae6f3f278a267 2 | -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.csproj.CoreCompileInputs.cache: -------------------------------------------------------------------------------- 1 | 756966ed73c0042b2662ab4e9ec0738fceae5a5a 2 | -------------------------------------------------------------------------------- /KRS-Gui/.vs/KRS-Gui/v16/.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/.vs/KRS-Gui/v16/.suo -------------------------------------------------------------------------------- /KRS-Gui/Resources/class_obj.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/Resources/class_obj.png -------------------------------------------------------------------------------- /KRS-Gui/Resources/package_obj.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/Resources/package_obj.png -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/.vs/KRS-Gui/v16/.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/KRSFinder/.vs/KRS-Gui/v16/.suo -------------------------------------------------------------------------------- /KRS-Gui/Resources/field_public_obj.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/Resources/field_public_obj.png -------------------------------------------------------------------------------- /KRS-Gui/bin/Release/netcoreapp3.1/KRS-Gui.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/bin/Release/netcoreapp3.1/KRS-Gui.dll -------------------------------------------------------------------------------- /KRS-Gui/bin/Release/netcoreapp3.1/KRS-Gui.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/bin/Release/netcoreapp3.1/KRS-Gui.exe -------------------------------------------------------------------------------- /KRS-Gui/bin/Release/netcoreapp3.1/KRS-Gui.pdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/bin/Release/netcoreapp3.1/KRS-Gui.pdb -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.dll -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.pdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.pdb -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/apphost.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/obj/Release/netcoreapp3.1/apphost.exe -------------------------------------------------------------------------------- /KRS-Gui/.vs/KRS-Gui/DesignTimeBuild/.dtbcache.v2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/.vs/KRS-Gui/DesignTimeBuild/.dtbcache.v2 -------------------------------------------------------------------------------- /KRS-Gui/bin/Release/netcoreapp3.1/AgentPlug.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/bin/Release/netcoreapp3.1/AgentPlug.jar -------------------------------------------------------------------------------- /KRS-Gui/bin/Release/netcoreapp3.1/Newtonsoft.Json.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/bin/Release/netcoreapp3.1/Newtonsoft.Json.dll -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.assets.cache: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.assets.cache -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/.vs/KRS-Gui/DesignTimeBuild/.dtbcache.v2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/KRSFinder/.vs/KRS-Gui/DesignTimeBuild/.dtbcache.v2 -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS_Gui.GuiForm.resources: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/obj/Release/netcoreapp3.1/KRS_Gui.GuiForm.resources -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.csproj.GenerateResource.cache: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.csproj.GenerateResource.cache -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.csproj.AssemblyReference.cache: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.csproj.AssemblyReference.cache -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS_Gui.Properties.Resources.resources: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MG1937/AntiProguard-KRSFinder/HEAD/KRS-Gui/obj/Release/netcoreapp3.1/KRS_Gui.Properties.Resources.resources -------------------------------------------------------------------------------- /KRS-Gui/bin/Release/netcoreapp3.1/KRS-Gui.runtimeconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "runtimeOptions": { 3 | "tfm": "netcoreapp3.1", 4 | "framework": { 5 | "name": "Microsoft.WindowsDesktop.App", 6 | "version": "3.1.0" 7 | } 8 | } 9 | } -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.GeneratedMSBuildEditorConfig.editorconfig: -------------------------------------------------------------------------------- 1 | is_global = true 2 | build_property.RootNamespace = KRS_Gui 3 | build_property.ProjectDir = D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\ 4 | -------------------------------------------------------------------------------- /KRS-Gui/GuiForm.cs: -------------------------------------------------------------------------------- 1 | using System.Windows.Forms; 2 | 3 | namespace KRS_Gui 4 | { 5 | public partial class GuiForm : Form 6 | { 7 | public GuiForm() 8 | { 9 | InitializeComponent(); 10 | } 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/.NETCoreApp,Version=v3.1.AssemblyAttributes.cs: -------------------------------------------------------------------------------- 1 | // 2 | using System; 3 | using System.Reflection; 4 | [assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETCoreApp,Version=v3.1", FrameworkDisplayName = "")] 5 | -------------------------------------------------------------------------------- /KRS-Gui/bin/Release/netcoreapp3.1/KRS-Gui.runtimeconfig.dev.json: -------------------------------------------------------------------------------- 1 | { 2 | "runtimeOptions": { 3 | "additionalProbingPaths": [ 4 | "C:\\Users\\Administrator\\.dotnet\\store\\|arch|\\|tfm|", 5 | "C:\\Users\\Administrator\\.nuget\\packages", 6 | "E:\\Microsoft Visual Studio\\Shared\\NuGetPackages" 7 | ] 8 | } 9 | } -------------------------------------------------------------------------------- /KRS-Gui/obj/KRS-Gui.csproj.nuget.g.targets: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | $(MSBuildAllProjects);$(MSBuildThisFileFullPath) 5 | 6 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/MessageSaver/SaverConfig.cs: -------------------------------------------------------------------------------- 1 | using System; 2 | using System.Collections.Generic; 3 | using System.Text; 4 | 5 | namespace KRS_Gui.KRSFinder.MessageSaver 6 | { 7 | //TODO:模式控制 8 | class SaverConfig 9 | { 10 | public static bool saveMembership = true; 11 | 12 | public static bool saveDataFlow = true; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Base/Config.cs: -------------------------------------------------------------------------------- 1 | using System.Collections; 2 | 3 | namespace KlazzRelationShipFinder.KRSFinder.Base 4 | { 5 | /// 6 | /// 此公共类的内容任何模块都可以获取或修改 7 | /// 用于储存一些处理对象的基础值,如储存路径一类 8 | /// 9 | class Config 10 | { 11 | public static ArrayList smaliFiles { set; get; } 12 | 13 | public static int totalFiles { set; get; } 14 | 15 | public static bool isBakSmali = true; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /KRS-Gui/obj/project.nuget.cache: -------------------------------------------------------------------------------- 1 | { 2 | "version": 2, 3 | "dgSpecHash": "Qs+ih+QFtLP1EjnA0dFjLrTa9+iWGsD/UBNn1BT+FQY/56XJf14LkYO76J/IO9bhsQ3m6ZBf2x3w8Krz4LoQzg==", 4 | "success": true, 5 | "projectFilePath": "D:\\VisualStudioWorkSpace\\CSharpWorkSpace\\AntiProguard-KRSFinder\\KRS-Gui\\KRS-Gui.csproj", 6 | "expectedPackageFiles": [ 7 | "C:\\Users\\Administrator\\.nuget\\packages\\newtonsoft.json\\13.0.1\\newtonsoft.json.13.0.1.nupkg.sha512" 8 | ], 9 | "logs": [] 10 | } -------------------------------------------------------------------------------- /KRS-Gui/KRS-Gui.csproj.user: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form 6 | 7 | 8 | Form 9 | 10 | 11 | Form 12 | 13 | 14 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/IBaseHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Module; 2 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 3 | 4 | namespace KlazzRelationShipFinder.KRSFinder.Handler 5 | { 6 | interface IBaseHandler 7 | { 8 | /// 9 | /// 处理单行Smali代码 10 | /// 11 | /// 单行Smali代码 12 | /// 返回处理结果 13 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/MethodNameHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Module; 2 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 3 | using System.Text.RegularExpressions; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.Handler 6 | { 7 | class MethodNameHandler : IBaseHandler 8 | { 9 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 10 | { 11 | //.method public A(III)LA/B/C; 12 | Regex reg = new Regex("(\\w+\\(.*\\))"); 13 | if (lineCode.Contains("constructor")) 14 | { 15 | reg = new Regex("constructor\\s+(.+\\(.*\\))"); 16 | } 17 | Match match = reg.Match(lineCode); 18 | return match.Groups[1].Value; 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/LogPrinter/Log.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KRS_Gui; 3 | using System; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.LogPrinter 6 | { 7 | class Log 8 | { 9 | public static void log(string log) 10 | { 11 | //Console.WriteLine("[" + TAG + "]" + ":" + log); 12 | Program.gui.AppendText(log); 13 | } 14 | 15 | public static void log(string TAG, string log) 16 | { 17 | //Console.WriteLine("[" + TAG + "]" + ":" + log); 18 | //Program.gui.AppendText("[" + TAG + "]" + ":" + log); 19 | } 20 | 21 | public static void show(int sum) 22 | { 23 | Program.gui.ShowText(sum + "/" + Config.totalFiles); 24 | } 25 | 26 | public static void show(string sum) 27 | { 28 | Program.gui.ShowText(sum + "/" + Config.totalFiles); 29 | } 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/NewInstanceOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Module; 2 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 3 | 4 | namespace KlazzRelationShipFinder.KRSFinder.Handler 5 | { 6 | class NewInstanceOpCodeHandler : IBaseHandler 7 | { 8 | /// 9 | /// 处理instance操作码 10 | /// 11 | /// NEED 12 | /// NONEED 13 | /// NEED 14 | /// NULL 15 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 16 | { 17 | //new-instance vx,type 18 | string register = lineCode.Replace("new-instance", "").Split(",")[0].Trim(); 19 | tempRegister.removeRegister(register); 20 | return null; 21 | } 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/InstanceOfOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Module; 2 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 3 | 4 | namespace KlazzRelationShipFinder.KRSFinder.Handler 5 | { 6 | class InstanceOfOpCodeHandler : IBaseHandler 7 | { 8 | /// 9 | /// 处理instance操作码 10 | /// 11 | /// NEED 12 | /// NONEED 13 | /// NEED 14 | /// null 15 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 16 | { 17 | //instance-of vx,vy,type_id 18 | string register = lineCode.Replace("instance-of", "").Split(",")[0].Trim(); 19 | tempRegister.removeRegister(register); 20 | return null; 21 | } 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/KlazzNameHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Module; 2 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 3 | 4 | namespace KlazzRelationShipFinder.KRSFinder.Handler 5 | { 6 | class KlazzNameHandler : IBaseHandler 7 | { 8 | /// 9 | /// 提取.class操作码包含的类名 10 | /// 11 | /// 12 | /// (string)当前的klazz名称 13 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 14 | { 15 | //.class public LA/B/C; 16 | string opCode = ".class"; 17 | lineCode = lineCode.Replace(opCode, "").Trim(); 18 | lineCode = lineCode.Substring(lineCode.IndexOf("L") + 1); 19 | lineCode = lineCode.Substring(0, lineCode.Length - 1); 20 | //return A/B/C 21 | return lineCode; 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/GotoOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Module; 2 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 3 | using System.Text.RegularExpressions; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.Handler 6 | { 7 | class GotoOpCodeHandler : IBaseHandler 8 | { 9 | /// 10 | /// GOTO相关操作码处理 11 | /// 12 | /// NEED 13 | /// NONEED 14 | /// NONEED 15 | /// GOTO_target 16 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 17 | { 18 | string head = lineCode.Split(" ")[0].Trim(); 19 | lineCode = lineCode.Replace(head + " ", "").Trim(); 20 | 21 | Regex reg = new Regex(":(.+)"); 22 | return reg.Match(lineCode).Groups[1].Value.Trim(); 23 | } 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.AssemblyInfo.cs: -------------------------------------------------------------------------------- 1 | //------------------------------------------------------------------------------ 2 | // 3 | // This code was generated by a tool. 4 | // Runtime Version:4.0.30319.42000 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | using System; 12 | using System.Reflection; 13 | 14 | [assembly: System.Reflection.AssemblyCompanyAttribute("KRS-Gui")] 15 | [assembly: System.Reflection.AssemblyConfigurationAttribute("Release")] 16 | [assembly: System.Reflection.AssemblyFileVersionAttribute("1.0.0.0")] 17 | [assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0")] 18 | [assembly: System.Reflection.AssemblyProductAttribute("KRS-Gui")] 19 | [assembly: System.Reflection.AssemblyTitleAttribute("KRS-Gui")] 20 | [assembly: System.Reflection.AssemblyVersionAttribute("1.0.0.0")] 21 | 22 | // Generated by the MSBuild WriteCodeFragment class. 23 | 24 | -------------------------------------------------------------------------------- /KRS-Gui/KRS-Gui.sln: -------------------------------------------------------------------------------- 1 | 2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio Version 16 4 | VisualStudioVersion = 16.0.31702.278 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "KRS-Gui", "KRS-Gui.csproj", "{45761D6B-E334-4485-99B0-C299DD800622}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|Any CPU = Debug|Any CPU 11 | Release|Any CPU = Release|Any CPU 12 | EndGlobalSection 13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 14 | {45761D6B-E334-4485-99B0-C299DD800622}.Debug|Any CPU.ActiveCfg = Debug|Any CPU 15 | {45761D6B-E334-4485-99B0-C299DD800622}.Debug|Any CPU.Build.0 = Debug|Any CPU 16 | {45761D6B-E334-4485-99B0-C299DD800622}.Release|Any CPU.ActiveCfg = Release|Any CPU 17 | {45761D6B-E334-4485-99B0-C299DD800622}.Release|Any CPU.Build.0 = Release|Any CPU 18 | EndGlobalSection 19 | GlobalSection(SolutionProperties) = preSolution 20 | HideSolutionNode = FALSE 21 | EndGlobalSection 22 | GlobalSection(ExtensibilityGlobals) = postSolution 23 | SolutionGuid = {75CADFA8-98F1-4823-ABC3-45DCC4E47D91} 24 | EndGlobalSection 25 | EndGlobal 26 | -------------------------------------------------------------------------------- /KRS-Gui/bin/Release/netcoreapp3.1/KRS-Gui.deps.json: -------------------------------------------------------------------------------- 1 | { 2 | "runtimeTarget": { 3 | "name": ".NETCoreApp,Version=v3.1", 4 | "signature": "" 5 | }, 6 | "compilationOptions": {}, 7 | "targets": { 8 | ".NETCoreApp,Version=v3.1": { 9 | "KRS-Gui/1.0.0": { 10 | "dependencies": { 11 | "Newtonsoft.Json": "13.0.1" 12 | }, 13 | "runtime": { 14 | "KRS-Gui.dll": {} 15 | } 16 | }, 17 | "Newtonsoft.Json/13.0.1": { 18 | "runtime": { 19 | "lib/netstandard2.0/Newtonsoft.Json.dll": { 20 | "assemblyVersion": "13.0.0.0", 21 | "fileVersion": "13.0.1.25517" 22 | } 23 | } 24 | } 25 | } 26 | }, 27 | "libraries": { 28 | "KRS-Gui/1.0.0": { 29 | "type": "project", 30 | "serviceable": false, 31 | "sha512": "" 32 | }, 33 | "Newtonsoft.Json/13.0.1": { 34 | "type": "package", 35 | "serviceable": true, 36 | "sha512": "sha512-ppPFpBcvxdsfUonNcvITKqLl3bqxWbDCZIzDWHzjpdAHRFfZe0Dw9HmA0+za13IdyrgJwpkDTDA9fHaxOrt20A==", 37 | "path": "newtonsoft.json/13.0.1", 38 | "hashPath": "newtonsoft.json.13.0.1.nupkg.sha512" 39 | } 40 | } 41 | } -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/CalcOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.Module; 3 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.Handler 6 | { 7 | class CalcOpCodeHandler : IBaseHandler 8 | { 9 | /// 10 | /// 处理计算相关操作码 11 | /// 12 | /// NEED 13 | /// NONEED 14 | /// NEED 15 | /// NULL 16 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 17 | { 18 | string head = lineCode.Split(" ")[0].Trim(); 19 | string[] blocks = lineCode.Replace(head, "").Split(","); 20 | string register = blocks[0].Trim(); 21 | object value = tempRegister.getRegister(register); 22 | if (value is Var && ((Var)value).isFuncArg) return null; 23 | tempRegister.removeRegister(register); 24 | return null; 25 | } 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/KRS-Gui.sln: -------------------------------------------------------------------------------- 1 | 2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio Version 16 4 | VisualStudioVersion = 16.0.31702.278 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "KRS-Gui", "..\KRS-Gui.csproj", "{290B4576-3B8D-4FE8-91C5-140AFF4C3A4F}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|Any CPU = Debug|Any CPU 11 | Release|Any CPU = Release|Any CPU 12 | EndGlobalSection 13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 14 | {290B4576-3B8D-4FE8-91C5-140AFF4C3A4F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU 15 | {290B4576-3B8D-4FE8-91C5-140AFF4C3A4F}.Debug|Any CPU.Build.0 = Debug|Any CPU 16 | {290B4576-3B8D-4FE8-91C5-140AFF4C3A4F}.Release|Any CPU.ActiveCfg = Release|Any CPU 17 | {290B4576-3B8D-4FE8-91C5-140AFF4C3A4F}.Release|Any CPU.Build.0 = Release|Any CPU 18 | EndGlobalSection 19 | GlobalSection(SolutionProperties) = preSolution 20 | HideSolutionNode = FALSE 21 | EndGlobalSection 22 | GlobalSection(ExtensibilityGlobals) = postSolution 23 | SolutionGuid = {CCA88B9E-43BB-446E-8C58-2E050A28086C} 24 | EndGlobalSection 25 | EndGlobal 26 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/CmpOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.Module; 3 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.Handler 6 | { 7 | class CmpOpCodeHandler : IBaseHandler 8 | { 9 | /// 10 | /// 处理cmp相关操作码 11 | /// 12 | /// NEED 13 | /// NONEED 14 | /// NEED 15 | /// NULL 16 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 17 | { 18 | string head = lineCode.Split(" ")[0].Trim(); 19 | string[] blocks = lineCode.Replace(head, "").Split(","); 20 | //cmpl-float v0, v6, v7 21 | string register = blocks[0].Trim(); 22 | object value = tempRegister.getRegister(register); 23 | if (value is Var && ((Var)value).isFuncArg) return null; 24 | tempRegister.removeRegister(register); 25 | return null; 26 | } 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/FieldOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.Handler; 3 | using KlazzRelationShipFinder.KRSFinder.MessageSaver; 4 | using KlazzRelationShipFinder.KRSFinder.Module; 5 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 6 | using System.Text.RegularExpressions; 7 | 8 | namespace KRS_Gui.KRSFinder.Handler 9 | { 10 | class FieldOpCodeHandler : IBaseHandler 11 | { 12 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 13 | { 14 | if (!lineCode.Contains("=")) return null; 15 | string value = lineCode.Split("=")[1].Trim(); 16 | if (!value.StartsWith("\"")) 17 | { 18 | return null; 19 | } 20 | 21 | Regex regex = new Regex("(\\w+):L"); 22 | string var_name = regex.Match(lineCode).Groups[1].Value; 23 | Var var = new Var(); 24 | var.klazz = smaliFileAnalyseModule.klazz_name; 25 | var.var_name = var_name; 26 | var.addComment_setStaticField(value); 27 | 28 | RelationSaver.saveVar(var); 29 | return null; 30 | } 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Module/Smali/Utils.cs: -------------------------------------------------------------------------------- 1 | using System.Text.RegularExpressions; 2 | 3 | namespace KlazzRelationShipFinder.KRSFinder.Module.Smali 4 | { 5 | class Utils 6 | { 7 | /// 8 | /// 从代码中提取class信息 9 | /// 10 | /// xxx LA/B/C;->xxx 11 | /// A/B/C 12 | public static string getKlazz(string code) 13 | { 14 | Regex reg = new Regex("L(.*?);"); 15 | return reg.Match(code).Groups[1].Value; 16 | } 17 | 18 | /// 19 | /// 从代码中提取成员名 20 | /// 21 | /// opcode LA/B/C;->xxx:LA/B/C; 22 | /// xxx 23 | public static string getReferedVar(string code) 24 | { 25 | Regex reg = new Regex(";->(.+):"); 26 | return reg.Match(code).Groups[1].Value; 27 | } 28 | 29 | /// 30 | /// 从代码中提取调用的方法名 31 | /// 32 | /// invoke LA/B/C;->a()V 33 | /// a() 34 | public static string getMethodName(string code) 35 | { 36 | Regex reg = new Regex("->(.+\\(.*\\))"); 37 | return reg.Match(code).Groups[1].Value; 38 | } 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /KRS-Gui/KRS-Gui.csproj: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | WinExe 5 | netcoreapp3.1 6 | KRS_Gui 7 | true 8 | KRS.ico 9 | 10 | 11 | 12 | 13 | 14 | 5 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | True 24 | True 25 | Resources.resx 26 | 27 | 28 | 29 | 30 | 31 | PublicResXFileCodeGenerator 32 | Resources.Designer.cs 33 | 34 | 35 | 36 | 37 | 38 | Always 39 | 40 | 41 | 42 | -------------------------------------------------------------------------------- /KRS-Gui/JadxConfig.cs: -------------------------------------------------------------------------------- 1 | using System; 2 | using System.Diagnostics; 3 | using System.IO; 4 | using System.Windows.Forms; 5 | 6 | namespace KRS_Gui 7 | { 8 | public partial class JadxConfig : Form 9 | { 10 | public JadxConfig() 11 | { 12 | InitializeComponent(); 13 | } 14 | 15 | private void button1_Click(object sender, EventArgs e) 16 | { 17 | string jadx = jadxPath.Text.ToString() + "/lib/jadx-gui-dev.jar"; 18 | if (!File.Exists(jadx)) 19 | { 20 | warning.Text = "jadx-gui-dev.jar no found in Jadx root path!"; 21 | return; 22 | } 23 | 24 | StreamWriter writer = new StreamWriter(new FileStream("./jadxPath.txt", FileMode.Create)); 25 | writer.Write(jadxPath.Text.ToString()); 26 | writer.Close(); 27 | 28 | string callstack = callstackPath.Text.ToString(); 29 | string result = resultPath.Text.ToString(); 30 | Process process = new Process(); 31 | process.StartInfo.FileName = "java.exe"; 32 | process.StartInfo.Arguments = "-javaagent:./AgentPlug.jar=\"" + result + "|" + callstack + "\" -jar " + jadx; 33 | process.StartInfo.UseShellExecute = false; 34 | process.Start(); 35 | process.WaitForExit(); 36 | } 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/ArrayOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.Module; 3 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.Handler 6 | { 7 | class ArrayOpCodeHandler : IBaseHandler 8 | { 9 | /// 10 | /// 处理array操作码 11 | /// 12 | /// NEED 13 | /// NONEED 14 | /// NEED 15 | /// NULL 16 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 17 | { 18 | string head = lineCode.Split(" ")[0].Trim(); 19 | string[] blocks = lineCode.Replace(head, "").Split(","); 20 | if (head.Equals("array-length") || head.Equals("new-array")) 21 | { 22 | //array-length vx,vy 23 | string register = blocks[0].Trim(); 24 | object value = tempRegister.getRegister(register); 25 | if (value is Var && ((Var)value).isFuncArg) return null; 26 | tempRegister.removeRegister(register); 27 | return null; 28 | } 29 | return null; 30 | } 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /KRS-Gui/obj/KRS-Gui.csproj.nuget.g.props: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | True 5 | NuGet 6 | $(MSBuildThisFileDirectory)project.assets.json 7 | $(UserProfile)\.nuget\packages\ 8 | C:\Users\Administrator\.nuget\packages\;E:\Microsoft Visual Studio\Shared\NuGetPackages 9 | PackageReference 10 | 5.11.0 11 | 12 | 13 | 14 | 15 | 16 | 17 | $(MSBuildAllProjects);$(MSBuildThisFileFullPath) 18 | 19 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/LocalNameHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.MessageSaver; 3 | using KlazzRelationShipFinder.KRSFinder.Module; 4 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 5 | 6 | namespace KlazzRelationShipFinder.KRSFinder.Handler 7 | { 8 | class LocalNameHandler : IBaseHandler 9 | { 10 | /// 11 | /// 处理.local操作码 12 | /// 13 | /// NEED 14 | /// NEED 15 | /// NEED 16 | /// null 17 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 18 | { 19 | //.local vx,"var_name":LXXX; 20 | string[] blocks = lineCode.Replace(".local", "").Split(","); 21 | string register = blocks[0].Trim(); 22 | string local_var_name = blocks[1].Split(":")[0].Trim().Replace("\"", ""); 23 | 24 | //获取成员对象 25 | object var = tempRegister.getRegister(register); 26 | if (!(var is Var)) return null; 27 | 28 | //储存成员对象 29 | ((Var)var).addComment_beSetLocalName(local_var_name, smaliFileAnalyseModule.klazz_name, smaliFileAnalyseModule.method); 30 | RelationSaver.saveVar((Var)var); 31 | return null; 32 | } 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/SourceNameHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Module; 2 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 3 | using System; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.Handler 6 | { 7 | class SourceNameHandler : IBaseHandler 8 | { 9 | /// 10 | /// 获取.source操作码的原文件名 11 | /// 若获取失败或当前文件名可能被ProGuard保护则返回null 12 | /// 13 | /// 14 | /// (string)当前的sourceName,e.g:SourceName 15 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 16 | { 17 | //.source "Example.java" 18 | if (lineCode == null) return null; 19 | 20 | string opCode = ".source"; 21 | lineCode = lineCode.Trim(); 22 | 23 | try 24 | { 25 | lineCode = lineCode.Replace(opCode, "").Trim(); 26 | //Example.java 27 | string sourceName = lineCode.Substring(lineCode.IndexOf("\"") + 1, lineCode.Length - 2); 28 | //ProGuard!!! 29 | if (!sourceName.EndsWith(".java")) return null; 30 | 31 | sourceName = sourceName.Replace(".java", ""); 32 | 33 | if (sourceName != null && !string.IsNullOrEmpty(sourceName)) return sourceName; 34 | } 35 | catch (Exception) 36 | { 37 | return null; 38 | } 39 | return null; 40 | } 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/ConstOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Module; 2 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 3 | 4 | namespace KlazzRelationShipFinder.KRSFinder.Handler 5 | { 6 | class ConstOpCodeHandler : IBaseHandler 7 | { 8 | /// 9 | /// 处理const相关操作码 10 | /// 11 | /// NEED 12 | /// NONEED 13 | /// NEED 14 | /// NULL 15 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 16 | { 17 | string head = lineCode.Split(" ")[0].Trim(); 18 | string[] blocks = lineCode.Replace(head, "").Split(","); 19 | if (head.Contains("const-string")) 20 | { 21 | //const-string vx,"str" 22 | //若操作码设置string类型的常量,则储存相应寄存器 23 | string register = blocks[0].Trim(); 24 | string conststr = blocks[1].Trim(); 25 | 26 | if (register.StartsWith("p")) smaliFileAnalyseModule.polluteFuncArgReg.Add(register); 27 | tempRegister.putRegister(register, new TempRegister(conststr)); 28 | return null; 29 | } 30 | else 31 | { 32 | //若储存非string类型的常量,则删除目标寄存器 33 | string register = blocks[0].Trim(); 34 | if (register.StartsWith("p")) smaliFileAnalyseModule.polluteFuncArgReg.Add(register); 35 | tempRegister.removeRegister(register); 36 | return null; 37 | } 38 | } 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/MessageSaver/SourceNameSaver.cs: -------------------------------------------------------------------------------- 1 | using System.Collections.Generic; 2 | using System.Runtime.CompilerServices; 3 | 4 | namespace KlazzRelationShipFinder.KRSFinder.MessageSaver 5 | { 6 | class SourceNameSaver 7 | { 8 | /// 9 | /// Dictionary 10 | /// 11 | private static Dictionary sourceNameMap = new Dictionary(); 12 | 13 | /// 14 | /// 记录每个sourceName的总和 15 | /// 16 | private static Dictionary sourceNameSum = new Dictionary(); 17 | 18 | 19 | [MethodImpl(MethodImplOptions.Synchronized)] 20 | public static void saveSourceName(string origName, string sourceName) 21 | { 22 | if (origName == null || sourceName == null) 23 | { 24 | return; 25 | } 26 | 27 | sourceNameMap[origName] = sourceName; 28 | int sum = sourceNameSum.GetValueOrDefault(sourceName, 0); 29 | sum += 1; 30 | sourceNameSum[sourceName] = sum; 31 | } 32 | 33 | /// 34 | /// 获取指定sourceName出现过的次数 35 | /// 36 | /// 37 | public static int getSourceNameSum(string sourceName) 38 | { 39 | if (sourceName == null) return 0; 40 | 41 | return sourceNameSum.GetValueOrDefault(sourceName, 0); 42 | } 43 | 44 | /// 45 | /// 根据origName获取sourceName 46 | /// 47 | /// 48 | public static string getSourceName(string origName) 49 | { 50 | if (origName == null) return null; 51 | 52 | return sourceNameMap.GetValueOrDefault(origName, null); 53 | } 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /KRS-Gui/Program.cs: -------------------------------------------------------------------------------- 1 | using System; 2 | using Newtonsoft.Json; 3 | using System.Collections.Generic; 4 | using System.Runtime.InteropServices; 5 | using System.Text.Json.Serialization; 6 | using System.Windows.Forms; 7 | using Newtonsoft.Json.Linq; 8 | using System.Diagnostics; 9 | 10 | namespace KRS_Gui 11 | { 12 | public static class Program 13 | { 14 | public static GuiForm gui; 15 | [DllImport("kernel32.dll")] 16 | static extern bool AllocConsole(); 17 | 18 | /// 19 | /// The main entry point for the application. 20 | /// 21 | [STAThread] 22 | static void Main(string[] args) 23 | { 24 | //Console.WriteLine("Hello"); 25 | //AllocConsole(); 26 | 27 | //JObject json = new JObject(); 28 | 29 | 30 | //Console.WriteLine("Hello"); 31 | //List msgs = new List(); 32 | //for (int i = 0; i < 10; i++) 33 | //{ 34 | // Msg m = new Msg(); 35 | // m.init(); 36 | // m.key = i + "!!"; 37 | // msgs.Add(m); 38 | //} 39 | //Console.WriteLine(json.ToString()); 40 | //Console.ReadKey(); 41 | Application.SetHighDpiMode(HighDpiMode.SystemAware); 42 | Application.EnableVisualStyles(); 43 | Application.SetCompatibleTextRenderingDefault(false); 44 | gui = new GuiForm(); 45 | Application.Run(gui); 46 | } 47 | } 48 | 49 | public class Msg 50 | { 51 | public string key { set; get; } 52 | public object comments; 53 | public void init() 54 | { 55 | comments = new List(); 56 | for (int i = 0; i < 10; i++) 57 | { 58 | ((List)comments).Add("List<" + i + ">"); 59 | } 60 | } 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/GetOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.Module; 3 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 4 | using System.Text.RegularExpressions; 5 | 6 | namespace KlazzRelationShipFinder.KRSFinder.Handler 7 | { 8 | class GetOpCodeHandler : IBaseHandler 9 | { 10 | public Var var = new Var(); 11 | 12 | /// 13 | /// 分析get类型的操作码 14 | /// 15 | /// 16 | /// 17 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 18 | { 19 | //对象存放的目标寄存器 20 | string register = null; 21 | //成员隶属的类 22 | string klazz = null; 23 | //成员名 24 | string var_name = null; 25 | 26 | string temp_var_data = null; 27 | 28 | lineCode = lineCode.Trim(); 29 | 30 | string head = lineCode.Split(" ")[0]; 31 | 32 | //忽略aget 33 | if (head.Contains("aget")) return null; 34 | 35 | string[] blocks = lineCode.Replace(head, "").Trim().Split(","); 36 | 37 | if (head.Contains("iget")) 38 | { 39 | //iget v0, v1, LTest2;->i6:I 40 | register = blocks[0].Trim(); 41 | temp_var_data = blocks[2].Trim(); 42 | } 43 | else if (head.Contains("sget")) 44 | { 45 | //sget v0, LTest3;->is1:I 46 | register = blocks[0].Trim(); 47 | temp_var_data = blocks[1].Trim(); 48 | } 49 | 50 | Regex regex = new Regex("L(.+);->(.+):"); 51 | Match match = regex.Match(temp_var_data); 52 | klazz = match.Groups[1].Value; 53 | var_name = match.Groups[2].Value; 54 | 55 | var.var_name = var_name; 56 | var.klazz = klazz; 57 | 58 | //向目标寄存器储存成员对象 59 | tempRegister.putRegister(register, new TempRegister(var)); 60 | return null; 61 | } 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Module/Smali/TempRegister.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using System; 3 | 4 | namespace KlazzRelationShipFinder.KRSFinder.Module.Smali 5 | { 6 | class TempRegister 7 | { 8 | public const int TYPE_CONST_STR = 0; 9 | 10 | public const int TYPE_VAR = 1; 11 | 12 | public const int TYPE_METHOD = 2; 13 | 14 | public const int TYPE_OTHER = 999; 15 | 16 | public int TYPE = -1; 17 | 18 | private object value { set; get; } 19 | 20 | public TempRegister(object value) 21 | { 22 | setValue(value); 23 | } 24 | 25 | private void setType(int TYPE) 26 | { 27 | this.TYPE = TYPE; 28 | } 29 | 30 | public void setValue(object value) 31 | { 32 | if (value is string) 33 | { 34 | setType(TYPE_CONST_STR); 35 | } 36 | else if (value is Var) 37 | { 38 | setType(TYPE_VAR); 39 | } 40 | else if (value is Method) 41 | { 42 | setType(TYPE_METHOD); 43 | } 44 | this.value = value; 45 | 46 | } 47 | 48 | public object getValue() 49 | { 50 | return value; 51 | } 52 | 53 | public override bool Equals(object t) 54 | { 55 | try 56 | { 57 | TempRegister temp = (TempRegister)t; 58 | if (temp.TYPE == this.TYPE) 59 | { 60 | if (TYPE == TYPE_CONST_STR) 61 | { 62 | return temp.value.Equals(this.value); 63 | } 64 | else if (TYPE == TYPE_VAR) 65 | { 66 | return ((Var)value).Equals(temp.value); 67 | } 68 | else if (TYPE == TYPE_METHOD) 69 | { 70 | return ((Method)value).Equals(temp.value); 71 | } 72 | } 73 | } 74 | catch (Exception) 75 | { 76 | return false; 77 | } 78 | 79 | return false; 80 | } 81 | 82 | public override int GetHashCode() 83 | { 84 | return base.GetHashCode(); 85 | } 86 | } 87 | } 88 | -------------------------------------------------------------------------------- /KRS-Gui/obj/Release/netcoreapp3.1/KRS-Gui.csproj.FileListAbsolute.txt: -------------------------------------------------------------------------------- 1 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\bin\Release\netcoreapp3.1\KRS-Gui.exe 2 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\bin\Release\netcoreapp3.1\AgentPlug.jar 3 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\bin\Release\netcoreapp3.1\KRS-Gui.deps.json 4 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\bin\Release\netcoreapp3.1\KRS-Gui.runtimeconfig.json 5 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\bin\Release\netcoreapp3.1\KRS-Gui.runtimeconfig.dev.json 6 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\bin\Release\netcoreapp3.1\KRS-Gui.dll 7 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\bin\Release\netcoreapp3.1\KRS-Gui.pdb 8 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\bin\Release\netcoreapp3.1\Newtonsoft.Json.dll 9 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.csproj.AssemblyReference.cache 10 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS_Gui.GuiForm.resources 11 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS_Gui.Properties.Resources.resources 12 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.csproj.GenerateResource.cache 13 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.GeneratedMSBuildEditorConfig.editorconfig 14 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.AssemblyInfoInputs.cache 15 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.AssemblyInfo.cs 16 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.csproj.CoreCompileInputs.cache 17 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.csproj.CopyComplete 18 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.dll 19 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.pdb 20 | D:\VisualStudioWorkSpace\CSharpWorkSpace\AntiProguard-KRSFinder\KRS-Gui\obj\Release\netcoreapp3.1\KRS-Gui.genruntimeconfig.cache 21 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/IfOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Module; 2 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 3 | using System.Collections.Generic; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.Handler 6 | { 7 | class IfOpCodeHandler : IBaseHandler 8 | { 9 | public string target_block { set; get; } 10 | 11 | /// 12 | /// 分析分支的目标区块 13 | /// 14 | /// 15 | /// 16 | /// 17 | /// 返回目标区块名 18 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 19 | { 20 | //if-eq vx,vy,:L0 21 | string[] blocks = lineCode.Split(","); 22 | target_block = blocks[blocks.Length - 1].Replace(":", "").Trim(); 23 | return target_block; 24 | } 25 | 26 | /// 27 | /// 设置目标分支的临时寄存器集 28 | /// 29 | /// 储存其他区块的临时寄存器集 30 | /// 主寄存器集 31 | /// Dictionary> 32 | public void setTargetBlockTempRegister(Dictionary>> temp, TempRegisterMap tempMap, List analysedMap) 33 | { 34 | //若分支目标成员为空,则需先执行lineHandler函数 35 | if (target_block == null) return; 36 | 37 | //若目标转跳区块已经存在于temp中 38 | if (temp.ContainsKey(target_block)) 39 | { 40 | /** 41 | * 若目标转跳区块作为key已经存在于temp成员中(即跳转目标实际上已被解析过,即此处为loop状态) 42 | * 则需要验证这个key下的寄存器集是否 43 | * 与当前传入的临时寄存器集tempMap有一致 44 | * 若一致,则完全没有必要再将当前的寄存器集添加进temp成员 45 | */ 46 | foreach (TempRegisterMap t in (temp[target_block].Keys)) 47 | { 48 | if (t.Equals(tempMap)) 49 | { 50 | t.isLoop = tempMap.isLoop; 51 | return; 52 | } 53 | } 54 | 55 | temp[target_block][tempMap] = new List(analysedMap); 56 | return; 57 | } 58 | 59 | //若temp成员中确实不存在与当前传入的临时寄存器集一致的寄存器集 60 | //则将传入的寄存器集加入temp成员 61 | Dictionary> news = new Dictionary>(); 62 | news[tempMap] = new List(analysedMap); 63 | temp[target_block] = news; 64 | } 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # KRSFinder 2 | 3 | **如果这个项目对您有用,请点击Star** 4 | ## 项目介绍 5 | 该项目是一个用以对抗ProGuard混淆规则的工具 6 | 现有的apk基本上都被ProGuard所保护,所有类,成员,方法全部被混淆为无意义的短字母 7 | 该项目可以通过提取在smali层残留下来的信息用以帮助逆向人员对抗这类混淆 8 | **目前该项目已利用JavaAgent技术实现与JADX联动** 9 | 10 | **关于本项目的更多细节:https://www.cnblogs.com/aldys4/p/16325580.html** 11 | 12 | * 那些信息? 13 | * 提取被混淆的原类名 `.source "XXX.java"` 14 | * 提取全局变量在某些方法内的局部变量变量名 `String someName = this.a;` 15 | * 提取全局变量曾被赋予那些常量 `a = "const";` 16 | * 提取全局变量曾被赋予那些方法的返回数据 `a = new SomeClass().someMethod();` 17 | * 提取全局变量曾被那些其他变量所赋值 `a = new SomeClass().b;` 18 | 19 | * 与JADX联动实现了那些功能? 20 | * 可标记函数参数为污点,并分析函数参数的传播方向,对着目标函数按'c'即可显示函数方法的传播方向 21 | * 可在JADX内显示KRSFinder提取出的节点信息,对着目标节点按'm'即可. 22 | 23 | 逆向人员可以根据提取的信息初步判断函数功能,成员间关系. 24 | ## 技术亮点 25 | 26 | 项目可以在那些情况下提取信息? 27 | 假设您想分析`SomeClass.b`这个成员的信息 28 | 比如该成员曾被赋予那些常量 29 | 这里例举以下几个Java代码的片段转换为Smali代码时被项目分析的场景 30 | ```java 31 | String a = "const"; 32 | if(Some_expression()){ SomeClass.b = a; } 33 | ``` 34 | ![KRS2](https://user-images.githubusercontent.com/89259981/139191385-c51b8a03-8c3f-45ab-a027-9ecfb076fb92.png) 35 | 36 | ```java 37 | String a = SomeClass.b; 38 | String c = "some_useless_word"; 39 | switch(some_key){ 40 | case ...; 41 | case XXX: 42 | c = "Key_Word!!"; 43 | break; 44 | case ...; 45 | } 46 | a = c; 47 | ``` 48 | ![KRS3](https://user-images.githubusercontent.com/89259981/139191583-f4282fb7-d2ff-40af-8211-aa6ad994d818.png) 49 | ```java 50 | String a = SomeClass.b; 51 | String c = "useless_word"; 52 | do{ 53 | a = c; 54 | c = "Real_Key_Word!"; 55 | }while(true); 56 | ``` 57 | ![KRS4](https://user-images.githubusercontent.com/89259981/139191614-c167cab3-d4ae-4ef1-ab08-3222d58bee1d.png) 58 | 59 | **是的,如这些截图所见,该项目是可以分析这类代码的 60 | 该工具会自动遍历大部分可能产生的分支, 61 | 即使是比以上更加复杂的分支和场景,项目都可以分析, 62 | 并尽可能收集所有可以用以对抗ProGuard的信息** 63 | 64 | ## 使用说明 65 | 工具内第一个'Path'输入栏用于输入Apktool反编译Apk输出的根目录. 66 | 接着点击'KRS Start'即可开始分析函数调用栈,若勾选下方的'获取成员间关系'选项, 67 | 就可以分析成员间关系. 68 | 分析完成后点击'JADX Start',将出现一个基本配置框, 69 | 'Jadx root path'栏输入Jadx的根目录(注意,必须为Jar版本的JADX,exe版本的JADX不支持!) 70 | 剩下两个输入栏分别为callstack.json与result.json(即分析生成的结果文件)的默认路径 71 | 接着点击下方的Start按钮即可联动JADX. 72 | 73 | ![JADX-PLUG](https://user-images.githubusercontent.com/89259981/169800658-77955e9d-5c94-4980-8e81-fa5440a14985.png) 74 | 75 | ![57a1c809fc4ac4d4977083a81114ad1bbc190296](https://user-images.githubusercontent.com/89259981/169809694-6bf42d1e-6999-4331-9cbf-96020f707a81.gif) 76 | 77 | This is my blog 78 | https://www.cnblogs.com/aldys4/ 79 | 80 | 其他项目截图如下 81 | 82 | ![KRS](https://user-images.githubusercontent.com/89259981/139191644-6ac1ce00-4343-4a4c-8979-c95dcd2d7fb4.png) 83 | ![KRS1](https://user-images.githubusercontent.com/89259981/139191653-ef00f37a-b299-4c43-b46d-21849e457240.png) 84 | 85 | -------------------------------------------------------------------------------- /KRS-Gui/obj/KRS-Gui.csproj.nuget.dgspec.json: -------------------------------------------------------------------------------- 1 | { 2 | "format": 1, 3 | "restore": { 4 | "D:\\VisualStudioWorkSpace\\CSharpWorkSpace\\AntiProguard-KRSFinder\\KRS-Gui\\KRS-Gui.csproj": {} 5 | }, 6 | "projects": { 7 | "D:\\VisualStudioWorkSpace\\CSharpWorkSpace\\AntiProguard-KRSFinder\\KRS-Gui\\KRS-Gui.csproj": { 8 | "version": "1.0.0", 9 | "restore": { 10 | "projectUniqueName": "D:\\VisualStudioWorkSpace\\CSharpWorkSpace\\AntiProguard-KRSFinder\\KRS-Gui\\KRS-Gui.csproj", 11 | "projectName": "KRS-Gui", 12 | "projectPath": "D:\\VisualStudioWorkSpace\\CSharpWorkSpace\\AntiProguard-KRSFinder\\KRS-Gui\\KRS-Gui.csproj", 13 | "packagesPath": "C:\\Users\\Administrator\\.nuget\\packages\\", 14 | "outputPath": "D:\\VisualStudioWorkSpace\\CSharpWorkSpace\\AntiProguard-KRSFinder\\KRS-Gui\\obj\\", 15 | "projectStyle": "PackageReference", 16 | "fallbackFolders": [ 17 | "E:\\Microsoft Visual Studio\\Shared\\NuGetPackages" 18 | ], 19 | "configFilePaths": [ 20 | "C:\\Users\\Administrator\\AppData\\Roaming\\NuGet\\NuGet.Config", 21 | "C:\\Program Files (x86)\\NuGet\\Config\\Microsoft.VisualStudio.FallbackLocation.config", 22 | "C:\\Program Files (x86)\\NuGet\\Config\\Microsoft.VisualStudio.Offline.config" 23 | ], 24 | "originalTargetFrameworks": [ 25 | "netcoreapp3.1" 26 | ], 27 | "sources": { 28 | "C:\\Program Files (x86)\\Microsoft SDKs\\NuGetPackages\\": {}, 29 | "https://api.nuget.org/v3/index.json": {} 30 | }, 31 | "frameworks": { 32 | "netcoreapp3.1": { 33 | "targetAlias": "netcoreapp3.1", 34 | "projectReferences": {} 35 | } 36 | }, 37 | "warningProperties": { 38 | "warnAsError": [ 39 | "NU1605" 40 | ] 41 | } 42 | }, 43 | "frameworks": { 44 | "netcoreapp3.1": { 45 | "targetAlias": "netcoreapp3.1", 46 | "dependencies": { 47 | "Newtonsoft.Json": { 48 | "target": "Package", 49 | "version": "[13.0.1, )" 50 | } 51 | }, 52 | "imports": [ 53 | "net461", 54 | "net462", 55 | "net47", 56 | "net471", 57 | "net472", 58 | "net48" 59 | ], 60 | "assetTargetFallback": true, 61 | "warn": true, 62 | "frameworkReferences": { 63 | "Microsoft.NETCore.App": { 64 | "privateAssets": "all" 65 | }, 66 | "Microsoft.WindowsDesktop.App.WindowsForms": { 67 | "privateAssets": "none" 68 | } 69 | }, 70 | "runtimeIdentifierGraphPath": "C:\\Program Files\\dotnet\\sdk\\5.0.401\\RuntimeIdentifierGraph.json" 71 | } 72 | } 73 | } 74 | } 75 | } -------------------------------------------------------------------------------- /KRS-Gui/GuiForm.resx: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | text/microsoft-resx 50 | 51 | 52 | 2.0 53 | 54 | 55 | System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 56 | 57 | 58 | System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 59 | 60 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Module/Smali/TempRegisterMap.cs: -------------------------------------------------------------------------------- 1 | using System; 2 | using System.Collections.Generic; 3 | 4 | namespace KlazzRelationShipFinder.KRSFinder.Module.Smali 5 | { 6 | /// 7 | /// 充当临时寄存器集 8 | /// 9 | class TempRegisterMap : Dictionary 10 | { 11 | string TAG = "TempRegister"; 12 | 13 | //若分支目标属于循环,则启用此标记 14 | public bool isLoop = false; 15 | 16 | /// 17 | /// 向临时寄存器集内储存寄存器 18 | /// 19 | /// 寄存器,格式如v0,p0 20 | /// 寄存器对应的值 21 | public void putRegister(string reg, TempRegister value) 22 | { 23 | if (!checkRegister(reg)) return; 24 | this[reg] = value; 25 | } 26 | 27 | /// 28 | /// 从临时寄存器集中移除指定寄存器 29 | /// 30 | /// 指定寄存器 31 | public void removeRegister(string reg) 32 | { 33 | if (!checkRegister(reg)) return; 34 | Remove(reg); 35 | } 36 | 37 | /// 38 | /// 从临时寄存器集中获取指定寄存器的值 39 | /// 40 | public object getRegister(string reg) 41 | { 42 | if (!checkRegister(reg)) return null; 43 | TempRegister value = this.GetValueOrDefault(reg, null); 44 | if (value == null) return null; 45 | return value.getValue(); 46 | } 47 | 48 | /// 49 | /// 检测寄存器合法性 50 | /// 51 | /// 52 | /// 53 | private bool checkRegister(string reg) 54 | { 55 | if (reg == null || reg.Length < 2) 56 | { 57 | throw new Exception("寄存器格式错误!"); 58 | } 59 | 60 | if (reg == "result") return true; 61 | 62 | string head = reg.Substring(0, 1); 63 | if (!head.Equals("v") && !head.Equals("p")) return false; 64 | 65 | return true; 66 | } 67 | 68 | public override bool Equals(object obj) 69 | { 70 | try 71 | { 72 | TempRegisterMap temp = (TempRegisterMap)obj; 73 | if (this.Count == temp.Count) 74 | { 75 | foreach (string k in this.Keys) 76 | { 77 | if (!temp[k].Equals(this[k])) 78 | { 79 | return false; 80 | } 81 | } 82 | return true; 83 | } 84 | } 85 | catch (Exception) 86 | { 87 | return false; 88 | } 89 | 90 | return false; 91 | } 92 | 93 | public override int GetHashCode() 94 | { 95 | return base.GetHashCode(); 96 | } 97 | 98 | public TempRegisterMap Clone() 99 | { 100 | TempRegisterMap clone = new TempRegisterMap(); 101 | foreach (string k in Keys) 102 | { 103 | clone[k] = this[k]; 104 | } 105 | clone.isLoop = isLoop; 106 | return clone; 107 | } 108 | } 109 | } 110 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/PutOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.MessageSaver; 3 | using KlazzRelationShipFinder.KRSFinder.Module; 4 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 5 | 6 | namespace KlazzRelationShipFinder.KRSFinder.Handler 7 | { 8 | class PutOpCodeHandler : IBaseHandler 9 | { 10 | /// 11 | /// 分析put操作码 12 | /// 13 | /// NEED! 14 | /// NEED! 15 | /// NEED! 16 | /// null 17 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 18 | { 19 | string head = lineCode.Split(" ")[0].Trim(); 20 | 21 | string[] blocks = lineCode.Replace(head, "").Trim().Split(","); 22 | if (head.Contains("aput")) 23 | { 24 | //aput vx,vy,vz 25 | //aput的目标寄存器应该被废弃 26 | string register = blocks[1].Trim(); 27 | tempRegister.removeRegister(register); 28 | return null; 29 | } 30 | else if (head.Contains("sput")) 31 | { 32 | //sput vx, field_id 33 | /** 34 | * GaborPaller DalvikOpcodes 35 | * Puts vx into a static field. 36 | */ 37 | string register = blocks[0].Trim(); 38 | object reg_data = tempRegister.getRegister(register); 39 | if (reg_data == null) return null; 40 | if (!(reg_data is Var) && !(reg_data is string)) return null; 41 | 42 | string data = blocks[1]; 43 | string klazz = Utils.getKlazz(data); 44 | string var_name = Utils.getReferedVar(data); 45 | 46 | Var var = new Var(); 47 | var.var_name = var_name; 48 | var.klazz = klazz; 49 | var.addComment_setValue(reg_data, smaliFileAnalyseModule.klazz_name, smaliFileAnalyseModule.method); 50 | RelationSaver.saveVar(var); 51 | return null; 52 | } 53 | else if (head.Contains("iput")) 54 | { 55 | //iput vx,vy, field_id 56 | /** 57 | * GaborPaller DalvikOpcodes 58 | * Puts vx into an instance field. The instance is referenced by vy. 59 | */ 60 | string register = blocks[0].Trim(); 61 | object reg_data = tempRegister.getRegister(register); 62 | if (reg_data == null) return null; 63 | //20220517 新增对方法赋值的支持 64 | if (!(reg_data is Var) && !(reg_data is Method) && !(reg_data is string)) return null; 65 | 66 | string data = blocks[2]; 67 | string klazz = Utils.getKlazz(data); 68 | string var_name = Utils.getReferedVar(data); 69 | 70 | Var var = new Var(); 71 | var.var_name = var_name; 72 | var.klazz = klazz; 73 | if (reg_data is Var && ((Var)reg_data).isFuncArg) 74 | { 75 | //被覆盖寄存器为方法参数 76 | tempRegister.removeRegister(register); 77 | tempRegister.putRegister(register, new TempRegister(var)); 78 | return null; 79 | } 80 | var.addComment_setValue(reg_data, smaliFileAnalyseModule.klazz_name, smaliFileAnalyseModule.method); 81 | RelationSaver.saveVar(var); 82 | return null; 83 | } 84 | 85 | return null; 86 | } 87 | } 88 | } 89 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/SmaliHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.LogPrinter; 3 | using KlazzRelationShipFinder.KRSFinder.Module; 4 | using System; 5 | using System.Collections; 6 | using System.IO; 7 | 8 | namespace KlazzRelationShipFinder.KRSFinder 9 | { 10 | public class SmaliHandler 11 | { 12 | string TAG = "SmaliHandler"; 13 | string BakSmaliDecodePath { set; get; } 14 | 15 | ArrayList SmaliPaths = new ArrayList(); 16 | 17 | /// 18 | /// 初始化SmaliHandler类 19 | /// 20 | /// apk经baksmali反编译后的文件夹路径 21 | public SmaliHandler(string baksmaliDecode) 22 | { 23 | try 24 | { 25 | BakSmaliDecodePath = baksmaliDecode; 26 | Log.log(TAG, "set direct:" + BakSmaliDecodePath); 27 | 28 | foreach (string path in Directory.EnumerateDirectories(BakSmaliDecodePath, "smali*")) 29 | { 30 | SmaliPaths.Add(path); 31 | Log.log(TAG, "[-]Smali path:" + path); 32 | } 33 | 34 | if (SmaliPaths.Count == 0) 35 | { 36 | Log.show("No smali dir!"); 37 | return; 38 | } 39 | 40 | //if (SmaliPaths.Count > 1) isMultiDex = true; 41 | 42 | ArrayList temp_smali = new ArrayList(); 43 | 44 | foreach (string path in SmaliPaths) 45 | { 46 | listSmaliFileFromDir(path, temp_smali); 47 | } 48 | 49 | //储存smali文件列表至Config类,以便其他模块调用 50 | Config.smaliFiles = temp_smali; 51 | 52 | //释放对象,至此初始化结束 53 | temp_smali = null; 54 | } 55 | catch (Exception) 56 | { 57 | Log.show("Something goes wrong with your path"); 58 | } 59 | } 60 | 61 | 62 | /// 63 | /// 列出指定目录下的所有.smali文件,并存入指定的ArrayList对象 64 | /// 65 | /// 指定目录 66 | /// 存入对象 67 | private void listSmaliFileFromDir(string path, ArrayList temp) 68 | { 69 | foreach (string p in Directory.EnumerateFiles(path, "*.smali")) 70 | { 71 | temp.Add(p); 72 | Log.log(TAG, "[-]List:" + p); 73 | } 74 | 75 | foreach (string dir in Directory.EnumerateDirectories(path)) 76 | { 77 | listSmaliFileFromDir(dir, temp); 78 | } 79 | } 80 | 81 | /// 82 | /// 开始分析搜集到的Smali文件 83 | /// 84 | public void analyseSmaliFiles() 85 | { 86 | if (Config.smaliFiles == null) return; 87 | Config.totalFiles = Config.smaliFiles.Count; 88 | //TODO:多线程 89 | int sum = 0; 90 | SmaliFileAnalyseModule lineAnalyseModule = new SmaliFileAnalyseModule(); 91 | foreach (string smaliFile in Config.smaliFiles) 92 | { 93 | sum += 1; 94 | Log.show(sum); 95 | using (StreamReader reader = new StreamReader(smaliFile)) 96 | { 97 | string line = null; 98 | while ((line = reader.ReadLine()) != null) 99 | { 100 | //该方法只需要关心读取smali代码的问题 101 | //所有读取到的行由LineAnalyseModule处理 102 | lineAnalyseModule.lineAnalyse(line); 103 | } 104 | } 105 | } 106 | } 107 | 108 | } 109 | } 110 | -------------------------------------------------------------------------------- /KRS-Gui/Properties/Resources.Designer.cs: -------------------------------------------------------------------------------- 1 | //------------------------------------------------------------------------------ 2 | // 3 | // This code was generated by a tool. 4 | // Runtime Version:4.0.30319.42000 5 | // 6 | // Changes to this file may cause incorrect behavior and will be lost if 7 | // the code is regenerated. 8 | // 9 | //------------------------------------------------------------------------------ 10 | 11 | namespace KRS_Gui.Properties { 12 | using System; 13 | 14 | 15 | /// 16 | /// A strongly-typed resource class, for looking up localized strings, etc. 17 | /// 18 | // This class was auto-generated by the StronglyTypedResourceBuilder 19 | // class via a tool like ResGen or Visual Studio. 20 | // To add or remove a member, edit your .ResX file then rerun ResGen 21 | // with the /str option, or rebuild your VS project. 22 | [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "16.0.0.0")] 23 | [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] 24 | [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] 25 | public class Resources { 26 | 27 | private static global::System.Resources.ResourceManager resourceMan; 28 | 29 | private static global::System.Globalization.CultureInfo resourceCulture; 30 | 31 | [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")] 32 | internal Resources() { 33 | } 34 | 35 | /// 36 | /// Returns the cached ResourceManager instance used by this class. 37 | /// 38 | [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] 39 | public static global::System.Resources.ResourceManager ResourceManager { 40 | get { 41 | if (object.ReferenceEquals(resourceMan, null)) { 42 | global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("KRS_Gui.Properties.Resources", typeof(Resources).Assembly); 43 | resourceMan = temp; 44 | } 45 | return resourceMan; 46 | } 47 | } 48 | 49 | /// 50 | /// Overrides the current thread's CurrentUICulture property for all 51 | /// resource lookups using this strongly typed resource class. 52 | /// 53 | [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] 54 | public static global::System.Globalization.CultureInfo Culture { 55 | get { 56 | return resourceCulture; 57 | } 58 | set { 59 | resourceCulture = value; 60 | } 61 | } 62 | 63 | /// 64 | /// Looks up a localized resource of type System.Drawing.Bitmap. 65 | /// 66 | public static System.Drawing.Bitmap class_obj { 67 | get { 68 | object obj = ResourceManager.GetObject("class_obj", resourceCulture); 69 | return ((System.Drawing.Bitmap)(obj)); 70 | } 71 | } 72 | 73 | /// 74 | /// Looks up a localized resource of type System.Drawing.Bitmap. 75 | /// 76 | public static System.Drawing.Bitmap field_public_obj { 77 | get { 78 | object obj = ResourceManager.GetObject("field_public_obj", resourceCulture); 79 | return ((System.Drawing.Bitmap)(obj)); 80 | } 81 | } 82 | 83 | /// 84 | /// Looks up a localized resource of type System.Drawing.Bitmap. 85 | /// 86 | public static System.Drawing.Bitmap package_obj { 87 | get { 88 | object obj = ResourceManager.GetObject("package_obj", resourceCulture); 89 | return ((System.Drawing.Bitmap)(obj)); 90 | } 91 | } 92 | } 93 | } 94 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Base/Method.cs: -------------------------------------------------------------------------------- 1 | using KRS_Gui.KRSFinder.MessageSaver; 2 | using System; 3 | using System.Collections.Generic; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.Base 6 | { 7 | public class Method 8 | { 9 | /// 10 | /// 当前方法的隶属类 11 | /// 12 | public string klazz { set; get; } 13 | 14 | /// 15 | /// 方法名 16 | /// 17 | public string methodName { set; get; } 18 | 19 | /// 20 | /// 参数流入栈 21 | /// Key:px 22 | /// 23 | public Dictionary> flow = new Dictionary>(); 24 | 25 | /// 26 | /// 携带污点列表,污点由invoke处产生 27 | /// 28 | public List carryPollute = new List(); 29 | 30 | public void addPollute(Var var) 31 | { 32 | if (var.isFuncArg && !carryPollute.Contains(var)) 33 | { 34 | carryPollute.Add(var); 35 | } 36 | } 37 | 38 | public override bool Equals(object obj) 39 | { 40 | try 41 | { 42 | Method m = (Method)obj; 43 | if (m.klazz.Equals(this.klazz) && m.methodName.Equals(this.methodName)) 44 | { 45 | return true; 46 | } 47 | } 48 | catch (Exception) 49 | { 50 | return false; 51 | } 52 | return false; 53 | } 54 | 55 | /// 56 | /// 添加调用栈 57 | /// 58 | /// 59 | /// 60 | /// 流入目标函数的参数下标 61 | public void addCallStack(Var arg, Method flowIn, int indexOfFlowIn) 62 | { 63 | if (!SaverConfig.saveDataFlow) return; 64 | //此处传入的名为arg的Var对象,是为了记录作为污染源的方法参数. 65 | //flowIn作为污染源最终流入的目标方法 66 | //indexOfFlowIn为污染源再次作为方法参数流入目标方法的指定下标 67 | if (!arg.isFuncArg) return; 68 | string arg_p = arg.var_name; 69 | string flow_str = flowIn.klazz + ";->" + flowIn.methodName + ";->" + indexOfFlowIn; 70 | List stack = flow.ContainsKey(arg_p) ? flow[arg_p] : new List(); 71 | if (!stack.Contains(flow_str)) 72 | { 73 | stack.Add(flow_str); 74 | } 75 | flow[arg_p] = stack; 76 | } 77 | 78 | public void addNullArgCallStack(Method flowIn) 79 | { 80 | if (!SaverConfig.saveDataFlow) return; 81 | string flow_str = flowIn.klazz + ";->" + flowIn.methodName + ";->-1"; 82 | List stack = flow.ContainsKey("-1") ? flow["-1"] : new List(); 83 | if (!stack.Contains(flow_str)) 84 | { 85 | stack.Add(flow_str); 86 | } 87 | flow["-1"] = stack; 88 | } 89 | 90 | public void addCallStacks(Var arg, Method flowIn) 91 | { 92 | if (!SaverConfig.saveDataFlow) return; 93 | if (!arg.isFuncArg) return; 94 | string arg_p = arg.var_name; 95 | List flowin_stacks = flowIn.flow.GetValueOrDefault(arg_p, new List()); 96 | List stacks = flow.GetValueOrDefault(arg_p, null); 97 | if (stacks == null) 98 | { 99 | stacks = new List(flowIn.flow.GetValueOrDefault(arg_p, new List())); 100 | flow[arg_p] = stacks; 101 | return; 102 | } 103 | foreach (string str in flowin_stacks) 104 | { 105 | if (!stacks.Contains(str)) 106 | { 107 | stacks.Add(str); 108 | } 109 | } 110 | flow[arg_p] = stacks; 111 | } 112 | 113 | public void Clear() 114 | { 115 | flow.Clear(); 116 | } 117 | 118 | public object Clone() 119 | { 120 | Method m = (Method)MemberwiseClone(); 121 | m.flow = new Dictionary>(flow); 122 | return m; 123 | } 124 | } 125 | } 126 | -------------------------------------------------------------------------------- /KRS-Gui/obj/project.assets.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": 3, 3 | "targets": { 4 | ".NETCoreApp,Version=v3.1": { 5 | "Newtonsoft.Json/13.0.1": { 6 | "type": "package", 7 | "compile": { 8 | "lib/netstandard2.0/Newtonsoft.Json.dll": {} 9 | }, 10 | "runtime": { 11 | "lib/netstandard2.0/Newtonsoft.Json.dll": {} 12 | } 13 | } 14 | } 15 | }, 16 | "libraries": { 17 | "Newtonsoft.Json/13.0.1": { 18 | "sha512": "ppPFpBcvxdsfUonNcvITKqLl3bqxWbDCZIzDWHzjpdAHRFfZe0Dw9HmA0+za13IdyrgJwpkDTDA9fHaxOrt20A==", 19 | "type": "package", 20 | "path": "newtonsoft.json/13.0.1", 21 | "files": [ 22 | ".nupkg.metadata", 23 | ".signature.p7s", 24 | "LICENSE.md", 25 | "lib/net20/Newtonsoft.Json.dll", 26 | "lib/net20/Newtonsoft.Json.xml", 27 | "lib/net35/Newtonsoft.Json.dll", 28 | "lib/net35/Newtonsoft.Json.xml", 29 | "lib/net40/Newtonsoft.Json.dll", 30 | "lib/net40/Newtonsoft.Json.xml", 31 | "lib/net45/Newtonsoft.Json.dll", 32 | "lib/net45/Newtonsoft.Json.xml", 33 | "lib/netstandard1.0/Newtonsoft.Json.dll", 34 | "lib/netstandard1.0/Newtonsoft.Json.xml", 35 | "lib/netstandard1.3/Newtonsoft.Json.dll", 36 | "lib/netstandard1.3/Newtonsoft.Json.xml", 37 | "lib/netstandard2.0/Newtonsoft.Json.dll", 38 | "lib/netstandard2.0/Newtonsoft.Json.xml", 39 | "newtonsoft.json.13.0.1.nupkg.sha512", 40 | "newtonsoft.json.nuspec", 41 | "packageIcon.png" 42 | ] 43 | } 44 | }, 45 | "projectFileDependencyGroups": { 46 | ".NETCoreApp,Version=v3.1": [ 47 | "Newtonsoft.Json >= 13.0.1" 48 | ] 49 | }, 50 | "packageFolders": { 51 | "C:\\Users\\Administrator\\.nuget\\packages\\": {}, 52 | "E:\\Microsoft Visual Studio\\Shared\\NuGetPackages": {} 53 | }, 54 | "project": { 55 | "version": "1.0.0", 56 | "restore": { 57 | "projectUniqueName": "D:\\VisualStudioWorkSpace\\CSharpWorkSpace\\AntiProguard-KRSFinder\\KRS-Gui\\KRS-Gui.csproj", 58 | "projectName": "KRS-Gui", 59 | "projectPath": "D:\\VisualStudioWorkSpace\\CSharpWorkSpace\\AntiProguard-KRSFinder\\KRS-Gui\\KRS-Gui.csproj", 60 | "packagesPath": "C:\\Users\\Administrator\\.nuget\\packages\\", 61 | "outputPath": "D:\\VisualStudioWorkSpace\\CSharpWorkSpace\\AntiProguard-KRSFinder\\KRS-Gui\\obj\\", 62 | "projectStyle": "PackageReference", 63 | "fallbackFolders": [ 64 | "E:\\Microsoft Visual Studio\\Shared\\NuGetPackages" 65 | ], 66 | "configFilePaths": [ 67 | "C:\\Users\\Administrator\\AppData\\Roaming\\NuGet\\NuGet.Config", 68 | "C:\\Program Files (x86)\\NuGet\\Config\\Microsoft.VisualStudio.FallbackLocation.config", 69 | "C:\\Program Files (x86)\\NuGet\\Config\\Microsoft.VisualStudio.Offline.config" 70 | ], 71 | "originalTargetFrameworks": [ 72 | "netcoreapp3.1" 73 | ], 74 | "sources": { 75 | "C:\\Program Files (x86)\\Microsoft SDKs\\NuGetPackages\\": {}, 76 | "https://api.nuget.org/v3/index.json": {} 77 | }, 78 | "frameworks": { 79 | "netcoreapp3.1": { 80 | "targetAlias": "netcoreapp3.1", 81 | "projectReferences": {} 82 | } 83 | }, 84 | "warningProperties": { 85 | "warnAsError": [ 86 | "NU1605" 87 | ] 88 | } 89 | }, 90 | "frameworks": { 91 | "netcoreapp3.1": { 92 | "targetAlias": "netcoreapp3.1", 93 | "dependencies": { 94 | "Newtonsoft.Json": { 95 | "target": "Package", 96 | "version": "[13.0.1, )" 97 | } 98 | }, 99 | "imports": [ 100 | "net461", 101 | "net462", 102 | "net47", 103 | "net471", 104 | "net472", 105 | "net48" 106 | ], 107 | "assetTargetFallback": true, 108 | "warn": true, 109 | "frameworkReferences": { 110 | "Microsoft.NETCore.App": { 111 | "privateAssets": "all" 112 | }, 113 | "Microsoft.WindowsDesktop.App.WindowsForms": { 114 | "privateAssets": "none" 115 | } 116 | }, 117 | "runtimeIdentifierGraphPath": "C:\\Program Files\\dotnet\\sdk\\5.0.401\\RuntimeIdentifierGraph.json" 118 | } 119 | } 120 | } 121 | } -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/MoveOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.MessageSaver; 3 | using KlazzRelationShipFinder.KRSFinder.Module; 4 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 5 | using System; 6 | 7 | namespace KlazzRelationShipFinder.KRSFinder.Handler 8 | { 9 | class MoveOpCodeHandler : IBaseHandler 10 | { 11 | /// 12 | /// 处理move操作码 13 | /// 14 | /// NEED 15 | /// NEED 16 | /// NEED 17 | /// null 18 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 19 | { 20 | //注意!move也可以有赋值行为! 21 | string head = lineCode.Split(" ")[0]; 22 | string[] blocks = lineCode.Replace(head, "").Trim().Split(","); 23 | object value; 24 | //move-result vx 25 | if (head.Contains("result")) 26 | { 27 | string register = blocks[0].Trim(); 28 | value = tempRegister.getRegister("result"); 29 | if (value == null) return null; 30 | tempRegister.removeRegister("result"); 31 | tempRegister.removeRegister(register); 32 | tempRegister.putRegister(register, new TempRegister(value)); 33 | return null; 34 | } 35 | else if (head.Contains("exception")) 36 | { 37 | //move-exception vx 38 | string register = blocks[0].Trim(); 39 | tempRegister.removeRegister(register); 40 | return null; 41 | } 42 | //move vx,vy 43 | string vx = blocks[0].Trim(); 44 | string vy = blocks[1].Trim(); 45 | 46 | value = tempRegister.getRegister(vy); 47 | 48 | //判断方法参数 49 | //local vx = px时,vx作为被px污染的参数继续传播 50 | //px = local vx时,认为px已经被普通局部变量污染,传播中止. 51 | if (vy.Substring(0, 1).Equals("p")) 52 | { 53 | if ((!smaliFileAnalyseModule.isStatic && vy.Equals("p0")) || smaliFileAnalyseModule.polluteFuncArgReg.Contains(vy)) 54 | {; } 55 | else if (value == null) 56 | { 57 | //px寄存器未被占用时,可作为方法参数 58 | Var arg_p = new Var(); 59 | arg_p.isFuncArg = true; 60 | int index = Convert.ToInt32(vy.Substring(1)) + ((smaliFileAnalyseModule.isStatic) ? 1 : 0); 61 | arg_p.var_name = index + ""; 62 | tempRegister.putRegister(vy, new TempRegister(arg_p)); 63 | } 64 | else 65 | { 66 | //px寄存器被占用,且明确为非方法参数时标记被污染寄存器 67 | if ((value is Var && !((Var)value).isFuncArg) || !(value is Var)) 68 | { 69 | smaliFileAnalyseModule.polluteFuncArgReg.Add(vy); 70 | } 71 | } 72 | } 73 | 74 | object temp_value = tempRegister.getRegister(vx); 75 | 76 | if (value == null) 77 | { 78 | if (!(temp_value is Var)) 79 | { 80 | //move vx,vy时vy为空,且vx非Var时则没有必要储存vx 81 | tempRegister.removeRegister(vx); 82 | smaliFileAnalyseModule.polluteFuncArgReg.Add(vx); 83 | } 84 | return null; 85 | } 86 | 87 | tempRegister.removeRegister(vy); 88 | 89 | 90 | //若vx数据类型为成员对象 91 | if (temp_value is Var) 92 | { 93 | if (value is Var && ((Var)value).isFuncArg) 94 | { 95 | //若vx处为方法参数,则标记污染 96 | smaliFileAnalyseModule.polluteFuncArgReg.Add(vx); 97 | tempRegister.removeRegister(vx); 98 | //方法参数已被覆盖 99 | tempRegister.putRegister(vx, new TempRegister(value)); 100 | return null; 101 | } 102 | ((Var)temp_value).addComment_setValue(value, smaliFileAnalyseModule.klazz_name, smaliFileAnalyseModule.method); 103 | RelationSaver.saveVar((Var)temp_value); 104 | } 105 | else 106 | { 107 | tempRegister.putRegister(vx, new TempRegister(value)); 108 | } 109 | 110 | return null; 111 | } 112 | } 113 | } 114 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/MessageSaver/RelationSaver.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KRS_Gui.KRSFinder.MessageSaver; 3 | using Newtonsoft.Json.Linq; 4 | using System.Collections.Generic; 5 | using System.Runtime.CompilerServices; 6 | 7 | namespace KlazzRelationShipFinder.KRSFinder.MessageSaver 8 | { 9 | /// 10 | /// 储存各个类,变量间的关系 11 | /// 注意,该类可能会在多线程的情况下储存类信息 12 | /// 应当注意线程锁的设计 13 | /// 14 | public class RelationSaver 15 | { 16 | /// 17 | /// 全局对象,用以储存各个类中成员的关系 18 | /// Key:class_name 19 | /// 20 | public static Dictionary> relations = new Dictionary>(); 21 | 22 | /// 23 | /// 储存调用栈 24 | /// Key:class_name 25 | /// 26 | public static Dictionary> methodCallStack = new Dictionary>(); 27 | 28 | public static string convertRelationToJson() 29 | { 30 | if (!SaverConfig.saveMembership) return "{}"; 31 | JObject Json = new JObject(); 32 | 33 | foreach (string klazz in relations.Keys) 34 | { 35 | JObject data = new JObject(); 36 | foreach (Var var in relations[klazz]) 37 | { 38 | data.Add(var.var_name, new JArray(var.comments)); 39 | } 40 | Json.Add(klazz, data); 41 | } 42 | return Json.ToString(); 43 | } 44 | 45 | public static string convertCallStackToJson() 46 | { 47 | if (!SaverConfig.saveDataFlow) return "{}"; 48 | JObject Json = new JObject(); 49 | foreach (string klazz in methodCallStack.Keys) 50 | { 51 | JObject ms = new JObject(); 52 | foreach (Method method in methodCallStack[klazz]) 53 | { 54 | string methodName = method.methodName; 55 | JObject stacks = new JObject(); 56 | foreach (string px in method.flow.Keys) 57 | { 58 | stacks.Add(px, new JArray(method.flow[px])); 59 | } 60 | ms.Add(methodName, stacks); 61 | } 62 | Json.Add(klazz, ms); 63 | } 64 | return Json.ToString(); 65 | } 66 | 67 | public static void Clear() 68 | { 69 | relations.Clear(); 70 | methodCallStack.Clear(); 71 | } 72 | 73 | [MethodImpl(MethodImplOptions.Synchronized)] 74 | public static void saveCallStack(Var var, Method method) 75 | { 76 | if (!SaverConfig.saveDataFlow) return; 77 | string klazz = method.klazz; 78 | List temp_ms = methodCallStack.GetValueOrDefault(klazz, null); 79 | if (temp_ms == null) 80 | { 81 | methodCallStack[klazz] = new List { (Method)method.Clone() }; 82 | method.Clear(); 83 | return; 84 | } 85 | 86 | foreach (Method m in temp_ms) 87 | { 88 | if (m.methodName.Equals(method.methodName)) 89 | { 90 | m.addCallStacks(var, method); 91 | method.Clear(); 92 | return; 93 | } 94 | } 95 | 96 | temp_ms.Add((Method)method.Clone()); 97 | method.Clear(); 98 | } 99 | 100 | /// 101 | /// 为指定类保存其成员 102 | /// 103 | /// 欲添加的成员对象 104 | [MethodImpl(MethodImplOptions.Synchronized)] 105 | public static void saveVar(Var var) 106 | { 107 | if (!SaverConfig.saveMembership) return; 108 | if (var.isFuncArg) return; 109 | string klazz_name = var.klazz; 110 | List temp_vars = relations.GetValueOrDefault(klazz_name, null); 111 | 112 | if (temp_vars == null) 113 | { //若指定类无成员,直接添加成员对象 114 | relations[klazz_name] = new List { (Var)var.Clone() }; 115 | //清理原成员对象的comments列表 116 | var.clearComments(); 117 | return; 118 | } 119 | 120 | //欲添加的成员名 121 | string var_name = var.var_name; 122 | 123 | foreach (Var v in temp_vars) 124 | { 125 | if (v.var_name.Equals(var_name)) 126 | { 127 | //Console.WriteLine(var_name); 128 | //若目标成员集中已有欲添加的成员 129 | //则直接向目标成员集中追加欲添加成员的数据 130 | v.addComments(var.comments); 131 | //清理成员对象的comments列表 132 | var.clearComments(); 133 | return; 134 | } 135 | } 136 | 137 | //若在目标成员集中没有找到与欲添加成员相同的成员名 138 | temp_vars.Add((Var)var.Clone()); 139 | //清理成员对象的comments列表 140 | var.clearComments(); 141 | } 142 | } 143 | } 144 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Handler/InvokeOpCodeHandler.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.MessageSaver; 3 | using KlazzRelationShipFinder.KRSFinder.Module; 4 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 5 | using System; 6 | 7 | namespace KlazzRelationShipFinder.KRSFinder.Handler 8 | { 9 | class InvokeOpCodeHandler : IBaseHandler 10 | { 11 | /// 12 | /// 处理invoke操作码 13 | /// 14 | /// NEED 15 | /// NONEED 16 | /// NEED 17 | /// null 18 | public object lineHandler(string lineCode, SmaliFileAnalyseModule smaliFileAnalyseModule = null, TempRegisterMap tempRegister = null) 19 | { 20 | string head = lineCode.Split(" ")[0].Trim(); 21 | string data = lineCode.Replace(head, "").Trim(); 22 | 23 | string method_name = Utils.getMethodName(data); 24 | string method_klazz = Utils.getKlazz(data); 25 | 26 | Method method = new Method(); 27 | method.klazz = method_klazz; 28 | method.methodName = method_name; 29 | tempRegister.putRegister("result", new TempRegister(method)); 30 | 31 | Method thiz = new Method(); 32 | thiz.klazz = smaliFileAnalyseModule.klazz_name; 33 | thiz.methodName = smaliFileAnalyseModule.method; 34 | 35 | //if (method.klazz.IndexOf("java/lang/StringBuilder") != -1) return null; 36 | 37 | //20220517 增加对传入方法内参数的检查 38 | //invoke-virtual { v4, v0, v1, v2, v3}, Test2.method5:(IIII)V 39 | data = data.Substring(data.IndexOf("{") + 1); 40 | data = data.Substring(0, data.IndexOf("}")); 41 | if (data.IndexOf("..") != -1) 42 | { 43 | string data_temp = ""; 44 | string[] tmp = data.Split(".."); 45 | string pre = tmp[0].Substring(0, 1); 46 | int tmp_b = Convert.ToInt32(tmp[0].Trim().Substring(1)); 47 | int tmp_e = Convert.ToInt32(tmp[1].Trim().Substring(1)); 48 | for (; tmp_b < tmp_e; tmp_b++) 49 | { 50 | data_temp += pre + tmp_b + ","; 51 | } 52 | data_temp += pre + tmp_e; 53 | data = data_temp; 54 | } 55 | if (data.Trim().Equals("")) 56 | { 57 | //invoke-static {} xxx 58 | thiz.addNullArgCallStack(method); 59 | Var noarg_var = new Var(); 60 | noarg_var.isFuncArg = true; 61 | noarg_var.var_name = "-1"; 62 | RelationSaver.saveCallStack(noarg_var, thiz); 63 | return null; 64 | } 65 | string[] regs = data.Split(","); 66 | int index = (head.Contains("static")) ? 0 : 1; 67 | 68 | if (index == regs.Length) 69 | { 70 | //invoke-virtual { p0 } xxx 71 | //即无参函数情况下,也应收集其为调用栈 72 | thiz.addNullArgCallStack(method); 73 | Var noarg_var = new Var(); 74 | noarg_var.isFuncArg = true; 75 | noarg_var.var_name = "-1"; 76 | RelationSaver.saveCallStack(noarg_var, thiz); 77 | } 78 | 79 | for (; index < regs.Length; index++) 80 | { 81 | //污点产生处 82 | object temp_value = tempRegister.getRegister(regs[index].Trim()); 83 | if (temp_value is Var) 84 | { 85 | if (((Var)temp_value).isFuncArg) 86 | { 87 | thiz.addCallStack((Var)temp_value, method, index - (head.Contains("static") ? 0 : 1)); 88 | RelationSaver.saveCallStack((Var)temp_value, thiz); 89 | 90 | object pollute = tempRegister.getRegister("result"); 91 | if (pollute is Method) 92 | { 93 | //产生污点 94 | ((Method)pollute).addPollute((Var)temp_value); 95 | tempRegister.putRegister("result", new TempRegister(pollute)); 96 | } 97 | continue; 98 | } 99 | 100 | ((Var)temp_value).addComment_dataFlowIn(method, smaliFileAnalyseModule.klazz_name, smaliFileAnalyseModule.method); 101 | RelationSaver.saveVar((Var)temp_value); 102 | } 103 | else if (temp_value is Method) 104 | { 105 | //检查是否携带污点 106 | foreach (Var p in ((Method)temp_value).carryPollute) 107 | { 108 | thiz.addCallStack(p, method, index - (head.Contains("static") ? 0 : 1)); 109 | RelationSaver.saveCallStack(p, thiz); 110 | } 111 | } 112 | else 113 | { 114 | //寄存器不可识别时仍储存调用栈 115 | thiz.addNullArgCallStack(method); 116 | Var noarg_var = new Var(); 117 | noarg_var.isFuncArg = true; 118 | noarg_var.var_name = "-1"; 119 | RelationSaver.saveCallStack(noarg_var, thiz); 120 | } 121 | } 122 | 123 | return null; 124 | } 125 | } 126 | } 127 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Module/Smali/OpCode.cs: -------------------------------------------------------------------------------- 1 | using System.Text.RegularExpressions; 2 | 3 | namespace KlazzRelationShipFinder.KRSFinder.Module.Smali 4 | { 5 | class OpCode 6 | { 7 | /** 8 | * 注释CHECK的操作码说明该操作码 9 | * 与已经存在于临时寄存器集中的寄存器有关 10 | * 并接下来可能影响这些寄存器分配 11 | * E.g: 12 | * 假设临时寄存器集中仅仅存在v1 13 | * 那么假设分析到此句 move v1,v0 14 | * 那么该句可能会影响寄存器集中v1寄存器的分配 15 | * 但如果是以下语句 16 | * move v2,v0 17 | * 该句无论如何都不会影响临时寄存器集中的任何值 18 | * 19 | * 注释MUST的操作码说明该操作码 20 | * 无论如何都可能会影响临时寄存器集中的寄存器分配或整个分析路线 21 | * 22 | * 注释PASS的操作码表明该操作码 23 | * 无论如何都不会影响临时寄存器集中的寄存器分配 24 | * 25 | * Binary: 26 | * 0000 0000 0xyz 27 | * x:CHECK 28 | * y:MUST 29 | * z:PASS 30 | */ 31 | public const int TYPE_CHECK = 0x4; 32 | 33 | public const int TYPE_MUST = 0x2; 34 | 35 | public const int TYPE_PASS = 0x1; 36 | 37 | public const int GET_OPC_MUST = 0x00 | TYPE_MUST;//MUST 38 | 39 | public const int PUT_OPC_CHECK = 0x10 | TYPE_CHECK;//CHECK 40 | 41 | public const int INVOKE_OPC_MUST = 0x20 | TYPE_MUST;//MUST 42 | 43 | public const int CONST_OPC_MUST = 0x30 | TYPE_MUST; 44 | 45 | public const int LOCAL_OPC_CHECK = 0x40 | TYPE_CHECK; 46 | 47 | public const int SOURCE_OPC = 0x50 | TYPE_PASS;//PASS 48 | 49 | public const int KLAZZ_OPC = 0x60 | TYPE_PASS;//PASS 50 | 51 | public const int MOVE_OPC_CHECK = 0x70 | TYPE_CHECK;//CHECK 52 | 53 | public const int METHOD_START = 0x80 | TYPE_PASS;//PASS 54 | 55 | public const int METHOD_END = 0x90 | TYPE_PASS;//PASS 56 | 57 | public const int IF_OPC_MUST = 0xa0 | TYPE_MUST; 58 | 59 | public const int SWITCH_OPC_MUST = 0xb0 | TYPE_MUST; 60 | 61 | public const int GOTO_OPC_MUST = 0xc0 | TYPE_MUST; 62 | 63 | public const int NEW_INSTANCE_OPC_CHECK = 0xd0 | TYPE_CHECK; 64 | 65 | public const int RETURN_OPC_MUST = 0xe0 | TYPE_MUST; 66 | 67 | public const int INSTANCE_OF_OPC_CHECK = 0xf0 | TYPE_CHECK; 68 | 69 | public const int ARRAY_OPC_CHECK = 0x100 | TYPE_CHECK; 70 | 71 | public const int CMP_OPC_CHECK = 0x200 | TYPE_CHECK; 72 | 73 | public const int CALC_OPC_CHECK = 0x300 | TYPE_CHECK; 74 | 75 | public const int FIELD_OPC_MUST = 0x400 | TYPE_MUST; 76 | 77 | public const int NOP = TYPE_PASS;//PASS 78 | 79 | /// 80 | /// 获取操作码类型 81 | /// 82 | /// 83 | /// 84 | public static int getType(int opCode) 85 | { 86 | int type = opCode & 0xf; 87 | return type; 88 | } 89 | 90 | /// 91 | /// 通过smali的opCode返回有必要进行操作的OpCode编号 92 | /// 93 | /// 94 | /// 95 | public static int getOpCode(string lineCode) 96 | { 97 | string opCode = lineCode.Trim().Split(" ")[0].Trim(); 98 | Regex regex = new Regex("^[a-z\\-\\./]+$", RegexOptions.Multiline); 99 | if (!regex.Match(opCode).Success) return NOP; 100 | 101 | if (opCode.Contains("get")) 102 | { 103 | return GET_OPC_MUST; 104 | } 105 | else if (opCode.Equals(".field")) 106 | { 107 | return FIELD_OPC_MUST; 108 | } 109 | else if (opCode.Contains("put")) 110 | { 111 | return PUT_OPC_CHECK; 112 | } 113 | else if (opCode.Contains("invoke")) 114 | { 115 | return INVOKE_OPC_MUST; 116 | } 117 | else if (opCode.Contains("const")) 118 | { 119 | return CONST_OPC_MUST; 120 | } 121 | else if (opCode.Contains("local")) 122 | { 123 | return LOCAL_OPC_CHECK; 124 | } 125 | else if (opCode.Contains(".source")) 126 | { 127 | return SOURCE_OPC; 128 | } 129 | else if (opCode.Contains(".class")) 130 | { 131 | return KLAZZ_OPC; 132 | } 133 | else if (opCode.Contains("move")) 134 | { 135 | return MOVE_OPC_CHECK; 136 | } 137 | else if (lineCode.Trim().StartsWith(".method")) 138 | { 139 | return METHOD_START; 140 | } 141 | else if (opCode.Contains(".end")) 142 | { 143 | if (lineCode.Contains(".end method")) 144 | { 145 | return METHOD_END; 146 | } 147 | } 148 | else if (opCode.Contains("if-")) 149 | { 150 | return IF_OPC_MUST; 151 | } 152 | else if (opCode.Contains("-switch") && !opCode.Contains(".")) 153 | { 154 | return SWITCH_OPC_MUST; 155 | } 156 | else if (opCode.Contains("goto")) 157 | { 158 | return GOTO_OPC_MUST; 159 | } 160 | else if (opCode.Contains("new-instance")) 161 | { 162 | return NEW_INSTANCE_OPC_CHECK; 163 | } 164 | else if (opCode.Contains("array")) 165 | { 166 | return ARRAY_OPC_CHECK; 167 | } 168 | else if (opCode.Contains("return")) 169 | { 170 | return RETURN_OPC_MUST; 171 | } 172 | else if (opCode.Contains("instance-of")) 173 | { 174 | return INSTANCE_OF_OPC_CHECK; 175 | } 176 | else if (opCode.Contains("cmp")) 177 | { 178 | return CMP_OPC_CHECK; 179 | } 180 | else if (opCode.Contains("-")) 181 | { 182 | return CALC_OPC_CHECK; 183 | } 184 | return NOP; 185 | } 186 | } 187 | } 188 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Module/SmaliFileAnalyseModule.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.Handler; 3 | using KlazzRelationShipFinder.KRSFinder.LogPrinter; 4 | using KlazzRelationShipFinder.KRSFinder.MessageSaver; 5 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 6 | using KRS_Gui.KRSFinder.Handler; 7 | using System; 8 | using System.Collections.Generic; 9 | 10 | namespace KlazzRelationShipFinder.KRSFinder.Module 11 | { 12 | /// 13 | /// 所有smali文件中读取的每一行,都应该由此Module具体处理 14 | /// 15 | class SmaliFileAnalyseModule 16 | { 17 | private string TAG = "LineAnalyseModule"; 18 | 19 | //判断当前文件由什么工具反编译 20 | private bool toolJudge = false; 21 | 22 | //决定是否录入方法体 23 | private bool recodeMethodCode = false; 24 | 25 | //方法体代码 26 | private string methodCode = ""; 27 | 28 | //代表当前的klazz名 29 | public string klazz_name { set; get; } 30 | 31 | //记录当前方法体中的方法名 32 | public string method { set; get; } 33 | 34 | //记录当前方法是否为静态方法 35 | public bool isStatic { set; get; } 36 | 37 | public List polluteFuncArgReg = new List(); 38 | 39 | //记录当前方法总数 40 | public int funcArgs { set; get; } 41 | 42 | /// 43 | /// 根据method开头获取参数总数 44 | /// 45 | /// 46 | /// 47 | public int getFuncArgNum(string lineCode) 48 | { 49 | int num = 0; 50 | bool klazz = false; 51 | string dataType = "ZBSCIJFD"; 52 | lineCode = lineCode.Substring(lineCode.IndexOf("(") + 1); 53 | lineCode = lineCode.Substring(0, lineCode.IndexOf(")")); 54 | foreach (char c in lineCode) 55 | { 56 | string b = c.ToString(); 57 | if (!klazz && dataType.Contains(b)) 58 | { 59 | num += 1; 60 | continue; 61 | } 62 | else if (!klazz && b.Equals("L")) 63 | { 64 | klazz = true; 65 | continue; 66 | } 67 | else if (klazz && b.Equals(";")) 68 | { 69 | num += 1; 70 | klazz = false; 71 | continue; 72 | } 73 | } 74 | 75 | return num; 76 | } 77 | 78 | public void lineAnalyse(string lineCode) 79 | { 80 | //opcode vx,some-dalvik-code 81 | int OPC = OpCode.getOpCode(lineCode); 82 | 83 | IBaseHandler handler = null; 84 | //.class public LA/B/C; 85 | /** 86 | * 处理smali文件开头部分 87 | */ 88 | if (OPC == OpCode.KLAZZ_OPC && string.IsNullOrEmpty(method)) 89 | { 90 | /** 91 | * 在处理.class操作码时意味着一个新的smali文件开始读取 92 | * 故要对之前储存smali数据的成员进行完全清理 93 | */ 94 | handler = new KlazzNameHandler(); 95 | //更换当前klazz值 96 | klazz_name = (string)handler.lineHandler(lineCode); 97 | 98 | if (klazz_name == null || string.IsNullOrEmpty(klazz_name)) 99 | { 100 | Log.log(TAG, "klazz is null!!!"); 101 | throw new Exception("Klazz is null!!!\nLineCode:" + lineCode); 102 | } 103 | Log.log(TAG, "Analyse Smali:" + klazz_name); 104 | return; 105 | } 106 | else if (OPC == OpCode.FIELD_OPC_MUST && string.IsNullOrEmpty(method)) 107 | { 108 | handler = new FieldOpCodeHandler(); 109 | handler.lineHandler(lineCode, this, null); 110 | return; 111 | } 112 | else if (OPC == OpCode.SOURCE_OPC && string.IsNullOrEmpty(method)) 113 | { 114 | /** 115 | * 处理到.source操作码时代表当前的原klazz名有可能恢复 116 | * 若可恢复,应存储sourceName至MessageSaver模块 117 | */ 118 | handler = new SourceNameHandler(); 119 | 120 | string source_name = (string)handler.lineHandler(lineCode); 121 | 122 | if (source_name != null) 123 | { 124 | //if (!source_name.Equals(klazz_name)) { 125 | SourceNameSaver.saveSourceName(klazz_name, source_name); 126 | //} 127 | } 128 | 129 | return; 130 | } 131 | 132 | /** 133 | * 对方法体进行判断 134 | */ 135 | if (OPC == OpCode.METHOD_START && !recodeMethodCode) 136 | { 137 | handler = new MethodNameHandler(); 138 | //方法开始时更新当前方法名成员 139 | method = (string)handler.lineHandler(lineCode); 140 | //开始录入方法体代码 141 | recodeMethodCode = true; 142 | funcArgs = getFuncArgNum(lineCode); 143 | //判断静态方法 144 | if (lineCode.IndexOf("static") != -1) isStatic = true; 145 | return; 146 | } 147 | else if (OPC == OpCode.METHOD_END && recodeMethodCode) 148 | { 149 | Log.log(TAG, method); 150 | //将方法体传入分析模块 151 | new MethodCodeAnalyseModule(this, methodCode).execute(); 152 | //方法结束时置空当前方法名成员 153 | method = null; 154 | //结束录入方法体代码 155 | recodeMethodCode = false; 156 | //方法体置空 157 | methodCode = ""; 158 | toolJudge = false; 159 | isStatic = false; 160 | polluteFuncArgReg.Clear(); 161 | return; 162 | } 163 | 164 | //若录入标记为true,则开始录入方法体 165 | if (recodeMethodCode) 166 | { 167 | methodCode += lineCode + "\n"; 168 | if (!toolJudge && lineCode.Trim().StartsWith(":")) 169 | { 170 | toolJudge = true; 171 | if (lineCode.Trim().Replace(":", "").StartsWith("L")) 172 | { 173 | Config.isBakSmali = true; 174 | } 175 | else 176 | { 177 | Config.isBakSmali = false; 178 | } 179 | } 180 | //录入当前行后立刻结束此次函数执行,等待下一行读入 181 | return; 182 | } 183 | } 184 | } 185 | } 186 | -------------------------------------------------------------------------------- /KRS-Gui/JadxConfig.Designer.cs: -------------------------------------------------------------------------------- 1 | 2 | using System.IO; 3 | 4 | namespace KRS_Gui 5 | { 6 | partial class JadxConfig 7 | { 8 | /// 9 | /// Required designer variable. 10 | /// 11 | private System.ComponentModel.IContainer components = null; 12 | 13 | /// 14 | /// Clean up any resources being used. 15 | /// 16 | /// true if managed resources should be disposed; otherwise, false. 17 | protected override void Dispose(bool disposing) 18 | { 19 | if (disposing && (components != null)) 20 | { 21 | components.Dispose(); 22 | } 23 | base.Dispose(disposing); 24 | } 25 | 26 | #region Windows Form Designer generated code 27 | 28 | /// 29 | /// Required method for Designer support - do not modify 30 | /// the contents of this method with the code editor. 31 | /// 32 | private void InitializeComponent() 33 | { 34 | this.jadxPath = new System.Windows.Forms.TextBox(); 35 | this.label1 = new System.Windows.Forms.Label(); 36 | this.callstackPath = new System.Windows.Forms.TextBox(); 37 | this.resultPath = new System.Windows.Forms.TextBox(); 38 | this.label2 = new System.Windows.Forms.Label(); 39 | this.label3 = new System.Windows.Forms.Label(); 40 | this.button1 = new System.Windows.Forms.Button(); 41 | this.warning = new System.Windows.Forms.Label(); 42 | 43 | this.SuspendLayout(); 44 | // 45 | // jadxPath 46 | // 47 | this.jadxPath.Location = new System.Drawing.Point(130, 12); 48 | this.jadxPath.Name = "jadxPath"; 49 | this.jadxPath.Size = new System.Drawing.Size(327, 27); 50 | this.jadxPath.TabIndex = 0; 51 | string path = ""; 52 | if (File.Exists("./jadxPath.txt")) 53 | { 54 | StreamReader reader = new StreamReader(new FileStream("./jadxPath.txt", FileMode.Open)); 55 | path = reader.ReadLine().Replace("\n", ""); 56 | reader.Close(); 57 | } 58 | jadxPath.Text = path; 59 | // 60 | // label1 61 | // 62 | this.label1.AutoSize = true; 63 | this.label1.Location = new System.Drawing.Point(12, 15); 64 | this.label1.Name = "label1"; 65 | this.label1.Size = new System.Drawing.Size(118, 20); 66 | this.label1.TabIndex = 1; 67 | this.label1.Text = "Jadx root path:"; 68 | // 69 | // callstackPath 70 | // 71 | this.callstackPath.Location = new System.Drawing.Point(130, 59); 72 | this.callstackPath.Name = "callstackPath"; 73 | this.callstackPath.Size = new System.Drawing.Size(327, 27); 74 | this.callstackPath.TabIndex = 2; 75 | this.callstackPath.Text = "./callstack.json"; 76 | // 77 | // resultPath 78 | // 79 | this.resultPath.Location = new System.Drawing.Point(130, 108); 80 | this.resultPath.Name = "resultPath"; 81 | this.resultPath.Size = new System.Drawing.Size(327, 27); 82 | this.resultPath.TabIndex = 3; 83 | this.resultPath.Text = "./result.json"; 84 | // 85 | // label2 86 | // 87 | this.label2.AutoSize = true; 88 | this.label2.Location = new System.Drawing.Point(17, 62); 89 | this.label2.Name = "label2"; 90 | this.label2.Size = new System.Drawing.Size(113, 20); 91 | this.label2.TabIndex = 4; 92 | this.label2.Text = "Callstack path:"; 93 | // 94 | // label3 95 | // 96 | this.label3.AutoSize = true; 97 | this.label3.Location = new System.Drawing.Point(35, 111); 98 | this.label3.Name = "label3"; 99 | this.label3.Size = new System.Drawing.Size(95, 20); 100 | this.label3.TabIndex = 5; 101 | this.label3.Text = "Result path:"; 102 | // 103 | // button1 104 | // 105 | this.button1.Location = new System.Drawing.Point(12, 141); 106 | this.button1.Name = "button1"; 107 | this.button1.Size = new System.Drawing.Size(445, 29); 108 | this.button1.TabIndex = 6; 109 | this.button1.Text = "JADX Start"; 110 | this.button1.UseVisualStyleBackColor = true; 111 | this.button1.Click += new System.EventHandler(this.button1_Click); 112 | // 113 | // warning 114 | // 115 | this.warning.AutoSize = true; 116 | this.warning.ForeColor = System.Drawing.Color.Red; 117 | this.warning.Location = new System.Drawing.Point(12, 177); 118 | this.warning.Name = "warning"; 119 | this.warning.Size = new System.Drawing.Size(101, 20); 120 | this.warning.TabIndex = 7; 121 | this.warning.Text = "Inject JADX!!"; 122 | // 123 | // JadxConfig 124 | // 125 | this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F); 126 | this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font; 127 | this.ClientSize = new System.Drawing.Size(469, 206); 128 | this.Controls.Add(this.warning); 129 | this.Controls.Add(this.button1); 130 | this.Controls.Add(this.label3); 131 | this.Controls.Add(this.label2); 132 | this.Controls.Add(this.resultPath); 133 | this.Controls.Add(this.callstackPath); 134 | this.Controls.Add(this.label1); 135 | this.Controls.Add(this.jadxPath); 136 | this.MaximumSize = new System.Drawing.Size(487, 353); 137 | this.Name = "JadxConfig"; 138 | this.Text = "JadxConfig"; 139 | this.ResumeLayout(false); 140 | this.PerformLayout(); 141 | 142 | } 143 | 144 | #endregion 145 | 146 | private System.Windows.Forms.TextBox jadxPath; 147 | private System.Windows.Forms.Label label1; 148 | private System.Windows.Forms.TextBox callstackPath; 149 | private System.Windows.Forms.TextBox resultPath; 150 | private System.Windows.Forms.Label label2; 151 | private System.Windows.Forms.Label label3; 152 | private System.Windows.Forms.Button button1; 153 | private System.Windows.Forms.Label warning; 154 | } 155 | 156 | } -------------------------------------------------------------------------------- /KRS-Gui/Properties/Resources.resx: -------------------------------------------------------------------------------- 1 | 2 | 3 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | text/microsoft-resx 110 | 111 | 112 | 2.0 113 | 114 | 115 | System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 116 | 117 | 118 | System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 119 | 120 | 121 | 122 | ..\Resources\class_obj.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a 123 | 124 | 125 | ..\Resources\field_public_obj.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a 126 | 127 | 128 | ..\Resources\package_obj.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a 129 | 130 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Base/Var.cs: -------------------------------------------------------------------------------- 1 | using KRS_Gui.KRSFinder.MessageSaver; 2 | using System; 3 | using System.Collections.Generic; 4 | 5 | namespace KlazzRelationShipFinder.KRSFinder.Base 6 | { 7 | /// 8 | /// 模拟成员对象,储存数据 9 | /// 10 | public class Var : ICloneable 11 | { 12 | /// 13 | /// 是否为方法参数 14 | /// 15 | public bool isFuncArg { set; get; } 16 | 17 | /// 18 | /// 成员名 19 | /// 20 | public string var_name { set; get; } 21 | 22 | /// 23 | /// 成员的数据类型:TODO 24 | /// 25 | //public string var_type { set; get; } 26 | 27 | /// 28 | /// 当前成员隶属类 29 | /// 30 | public string klazz { set; get; } 31 | 32 | /// 33 | /// 关于成员的其他注释 34 | /// 35 | public List comments = new List(); 36 | 37 | public void clearComments() 38 | { 39 | comments.Clear(); 40 | } 41 | 42 | public void addComment(string comment) 43 | { 44 | if (!SaverConfig.saveMembership) return; 45 | if (!this.comments.Contains(comment)) 46 | { 47 | this.comments.Add(comment); 48 | } 49 | } 50 | 51 | public void addComment_setStaticField(string value) 52 | { 53 | addComment(this.var_name + " = " + value); 54 | } 55 | 56 | /// 57 | /// 目标变量在某方法中被传入某方法 58 | /// 59 | /// 被传入方法 60 | /// 行为所在类 61 | /// 行为所在方法 62 | public void addComment_dataFlowIn(Method method, string klazz, string methodName) 63 | { 64 | string comment = null; 65 | if (klazz.Equals(this.klazz)) 66 | { 67 | comment = "曾在自身类的" + methodName + "方法中被传入"; 68 | } 69 | else 70 | { 71 | comment = "曾在" + klazz + "#" + methodName + "方法中被传入"; 72 | } 73 | if(method.klazz.Equals(this.klazz)) 74 | { 75 | comment += "自身类的" + method.methodName + "方法中"; 76 | } 77 | else 78 | { 79 | comment += method.klazz + "#" + method.methodName + "方法中"; 80 | } 81 | addComment(comment); 82 | } 83 | 84 | /// 85 | /// 在某方法中被赋予某值 86 | /// 87 | /// 当前成员赋值对象 88 | /// 赋值方法隶属类 89 | /// 赋值操作隶属方法 90 | public void addComment_setValueByVar(Var var, string klazz, string methodName) 91 | { 92 | string comment = null; 93 | if (klazz.Equals(this.klazz)) 94 | { 95 | comment = "曾在自身类的" + methodName + "方法中被赋予"; 96 | } 97 | else 98 | { 99 | comment = "曾在" + klazz + "#" + methodName + "方法中被赋予"; 100 | } 101 | 102 | if (var.klazz.Equals(this.klazz)) 103 | { 104 | comment += "自身类的" + var.var_name + "成员"; 105 | } 106 | else 107 | { 108 | comment += var.klazz + "的" + var.var_name + "成员"; 109 | } 110 | addComment(comment); 111 | } 112 | 113 | /// 114 | /// 在某方法中被赋予某方法的返回数据 115 | /// 116 | /// 117 | /// 赋值方法隶属类 118 | /// 赋值方法 119 | public void addComment_setValueByMethod(Method method, string klazz, string methodName) 120 | { 121 | string comment = null; 122 | if (klazz.Equals(this.klazz)) 123 | { 124 | comment = "曾在自身类的" + methodName + "方法中"; 125 | } 126 | else 127 | { 128 | comment = "曾在" + klazz + "#" + methodName + "方法中"; 129 | } 130 | 131 | if (method.klazz.Equals(this.klazz)) 132 | { 133 | comment += "被赋予自身类的" + method.methodName + "方法的返回数据"; 134 | } 135 | else 136 | { 137 | comment += "被赋予" + method.klazz + "#" + method.methodName + "方法的返回数据"; 138 | } 139 | addComment(comment); 140 | } 141 | 142 | /// 143 | /// 在某方法中被赋予某常量 144 | /// 145 | /// 146 | /// 进行赋值操作时的所在类 147 | /// 所在类的具体方法 148 | public void addComment_setValueByConstStr(string conststr, string klazz, string methodName) 149 | { 150 | string comment = null; 151 | if (klazz.Equals(this.klazz)) 152 | { 153 | comment = "曾在自身类的" + methodName + "方法中被赋予常量" + conststr; 154 | } 155 | else 156 | { 157 | comment = "曾在" + klazz + "#" + methodName + "方法中被赋予常量" + conststr; 158 | } 159 | addComment(comment); 160 | } 161 | 162 | /// 163 | /// 成员对象在某个方法中被设置为局部变量 164 | /// 165 | /// 被设置的变量名 166 | /// 方法隶属类 167 | /// 方法名 168 | public void addComment_beSetLocalName(string local_var_name, string klazz, string methodName) 169 | { 170 | string comment = null; 171 | if (klazz == this.klazz) 172 | { 173 | comment = "曾在自身类的" + methodName + "方法中被名为'" + local_var_name + "'的局部变量所引用"; 174 | } 175 | else 176 | { 177 | comment = "曾在" + klazz + "#" + methodName + "方法中被名为'" + local_var_name + "'的局部变量所引用"; 178 | } 179 | addComment(comment); 180 | } 181 | 182 | public void addComment_setValue(object data, string klazz, string methodName) 183 | { 184 | if (data is Var) 185 | { 186 | if (((Var)data).isFuncArg) return; 187 | addComment_setValueByVar((Var)data, klazz, methodName); 188 | } 189 | else if (data is string) 190 | { 191 | addComment_setValueByConstStr((string)data, klazz, methodName); 192 | } 193 | else if (data is Method) 194 | { 195 | addComment_setValueByMethod((Method)data, klazz, methodName); 196 | } 197 | } 198 | 199 | public void addComments(List comments) 200 | { 201 | foreach (string c in comments) 202 | { 203 | if (!this.comments.Contains(c)) 204 | { 205 | this.comments.Add(c); 206 | } 207 | } 208 | } 209 | 210 | public override bool Equals(object t) 211 | { 212 | try 213 | { 214 | Var temp = (Var)t; 215 | if (klazz == temp.klazz && temp.var_name == var_name && temp.comments.Count == comments.Count) 216 | { 217 | for (int i = 0; i < temp.comments.Count; i++) 218 | { 219 | if (!temp.comments[i].Equals(comments[i])) 220 | { 221 | return false; 222 | } 223 | } 224 | return true; 225 | } 226 | } 227 | catch (Exception) 228 | { 229 | return false; 230 | } 231 | 232 | return false; 233 | } 234 | 235 | public override int GetHashCode() 236 | { 237 | return base.GetHashCode(); 238 | } 239 | 240 | public object Clone() 241 | { 242 | Var v = (Var)MemberwiseClone(); 243 | v.comments = new List(this.comments); 244 | return v; 245 | } 246 | } 247 | } 248 | -------------------------------------------------------------------------------- /KRS-Gui/GuiForm.Designer.cs: -------------------------------------------------------------------------------- 1 | 2 | using System.Windows.Forms; 3 | 4 | namespace KRS_Gui 5 | { 6 | partial class GuiForm 7 | { 8 | public const int LISTIMAGE_PACKAGE = 0; 9 | 10 | public const int LISTIMAGE_KLAZZ = 1; 11 | 12 | public const int LISTIMAGE_OBJ = 2; 13 | 14 | /// 15 | /// Required designer variable. 16 | /// 17 | private System.ComponentModel.IContainer components = null; 18 | 19 | /// 20 | /// Clean up any resources being used. 21 | /// 22 | /// true if managed resources should be disposed; otherwise, false. 23 | protected override void Dispose(bool disposing) 24 | { 25 | if (disposing && (components != null)) 26 | { 27 | components.Dispose(); 28 | } 29 | base.Dispose(disposing); 30 | } 31 | 32 | #region Windows Form Designer generated code 33 | 34 | /// 35 | /// Required method for Designer support - do not modify 36 | /// the contents of this method with the code editor. 37 | /// 38 | private void InitializeComponent() 39 | { 40 | this.button1 = new System.Windows.Forms.Button(); 41 | this.button2 = new System.Windows.Forms.Button(); 42 | this.textBox1 = new System.Windows.Forms.TextBox(); 43 | this.treeView1 = new System.Windows.Forms.TreeView(); 44 | this.richTextBox1 = new System.Windows.Forms.RichTextBox(); 45 | this.listView1 = new System.Windows.Forms.ListView(); 46 | this.richTextBox2 = new System.Windows.Forms.RichTextBox(); 47 | this.gainMemRelationShip = new System.Windows.Forms.CheckBox(); 48 | this.SuspendLayout(); 49 | // 50 | // button1 51 | // 52 | this.button1.Location = new System.Drawing.Point(15, 14); 53 | this.button1.Margin = new System.Windows.Forms.Padding(4); 54 | this.button1.Name = "button1"; 55 | this.button1.Size = new System.Drawing.Size(96, 27); 56 | this.button1.TabIndex = 0; 57 | this.button1.Text = "KRS Start"; 58 | this.button1.UseVisualStyleBackColor = true; 59 | this.button1.Click += new System.EventHandler(this.button1_Click); 60 | // 61 | // button2 62 | // 63 | this.button2.Location = new System.Drawing.Point(115, 14); 64 | this.button2.Margin = new System.Windows.Forms.Padding(4); 65 | this.button2.Name = "button2"; 66 | this.button2.Size = new System.Drawing.Size(96, 27); 67 | this.button2.TabIndex = 0; 68 | this.button2.Text = "JADX Start"; 69 | this.button2.UseVisualStyleBackColor = true; 70 | this.button2.Click += new System.EventHandler(this.button2_Click); 71 | // 72 | // textBox1 73 | // 74 | this.textBox1.Location = new System.Drawing.Point(220, 14); 75 | this.textBox1.Margin = new System.Windows.Forms.Padding(4); 76 | this.textBox1.Name = "textBox1"; 77 | this.textBox1.Size = new System.Drawing.Size(800, 27); 78 | this.textBox1.TabIndex = 1; 79 | this.textBox1.Text = "Path"; 80 | // 81 | // treeView1 82 | // 83 | this.treeView1.Location = new System.Drawing.Point(3, 78); 84 | this.treeView1.Margin = new System.Windows.Forms.Padding(4); 85 | this.treeView1.Name = "treeView1"; 86 | this.treeView1.Size = new System.Drawing.Size(295, 494); 87 | this.treeView1.TabIndex = 2; 88 | this.treeView1.ImageList = new System.Windows.Forms.ImageList(); 89 | this.treeView1.ImageList.Images.Add(Properties.Resources.package_obj); 90 | this.treeView1.ImageList.Images.Add(Properties.Resources.class_obj); 91 | this.treeView1.ImageList.Images.Add(Properties.Resources.field_public_obj); 92 | this.treeView1.NodeMouseClick += new System.Windows.Forms.TreeNodeMouseClickEventHandler(this.node_Click); 93 | // 94 | // richTextBox1 95 | // 96 | this.richTextBox1.BackColor = System.Drawing.SystemColors.WindowText; 97 | this.richTextBox1.ForeColor = System.Drawing.SystemColors.Window; 98 | this.richTextBox1.Location = new System.Drawing.Point(306, 361); 99 | this.richTextBox1.Margin = new System.Windows.Forms.Padding(4); 100 | this.richTextBox1.Name = "richTextBox1"; 101 | this.richTextBox1.ReadOnly = true; 102 | this.richTextBox1.Size = new System.Drawing.Size(720, 143); 103 | this.richTextBox1.TabIndex = 3; 104 | this.richTextBox1.Text = ""; 105 | // 106 | // listView1 107 | // 108 | this.listView1.FullRowSelect = true; 109 | this.listView1.GridLines = true; 110 | this.listView1.HideSelection = false; 111 | this.listView1.Location = new System.Drawing.Point(306, 78); 112 | this.listView1.Margin = new System.Windows.Forms.Padding(4); 113 | this.listView1.Name = "listView1"; 114 | this.listView1.Size = new System.Drawing.Size(730, 275); 115 | this.listView1.TabIndex = 4; 116 | this.listView1.UseCompatibleStateImageBehavior = false; 117 | this.listView1.View = System.Windows.Forms.View.Details; 118 | // 119 | // richTextBox2 120 | // 121 | this.richTextBox2.BackColor = System.Drawing.SystemColors.WindowText; 122 | this.richTextBox2.ForeColor = System.Drawing.SystemColors.Window; 123 | this.richTextBox2.Location = new System.Drawing.Point(306, 500); 124 | this.richTextBox2.Name = "richTextBox2"; 125 | this.richTextBox2.ReadOnly = true; 126 | this.richTextBox2.ScrollBars = System.Windows.Forms.RichTextBoxScrollBars.None; 127 | this.richTextBox2.Size = new System.Drawing.Size(720, 32); 128 | this.richTextBox2.TabIndex = 5; 129 | this.richTextBox2.Text = ""; 130 | // 131 | // gainMemRelationShip 132 | // 133 | this.gainMemRelationShip.AutoSize = true; 134 | this.gainMemRelationShip.Location = new System.Drawing.Point(15, 48); 135 | this.gainMemRelationShip.Name = "gainMemRelationShip"; 136 | this.gainMemRelationShip.Size = new System.Drawing.Size(191, 24); 137 | this.gainMemRelationShip.TabIndex = 6; 138 | this.gainMemRelationShip.Text = "获取成员间关系(不推荐)"; 139 | this.gainMemRelationShip.UseVisualStyleBackColor = true; 140 | // 141 | // GuiForm 142 | // 143 | this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F); 144 | this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font; 145 | this.ClientSize = new System.Drawing.Size(1033, 538); 146 | this.Controls.Add(this.richTextBox2); 147 | this.Controls.Add(this.listView1); 148 | this.Controls.Add(this.richTextBox1); 149 | this.Controls.Add(this.treeView1); 150 | this.Controls.Add(this.textBox1); 151 | this.Controls.Add(this.button1); 152 | this.Controls.Add(this.button2); 153 | this.Controls.Add(this.gainMemRelationShip); 154 | this.Margin = new System.Windows.Forms.Padding(4); 155 | this.MaximizeBox = false; 156 | this.MaximumSize = new System.Drawing.Size(1051, 585); 157 | this.MinimizeBox = false; 158 | this.MinimumSize = new System.Drawing.Size(1051, 585); 159 | this.Name = "GuiForm"; 160 | this.RightToLeft = System.Windows.Forms.RightToLeft.No; 161 | this.Text = "KRS Auth:MG193.7"; 162 | this.ResumeLayout(false); 163 | this.PerformLayout(); 164 | 165 | } 166 | 167 | #endregion 168 | 169 | private System.Windows.Forms.Button button1;//KRS-START 170 | private System.Windows.Forms.Button button2;//JADX-START 171 | private System.Windows.Forms.TextBox textBox1; 172 | private System.Windows.Forms.TreeView treeView1; 173 | private System.Windows.Forms.RichTextBox richTextBox1; 174 | private System.Windows.Forms.ListView listView1; 175 | private System.Windows.Forms.CheckBox gainMemRelationShip; 176 | private RichTextBox richTextBox2; 177 | } 178 | } 179 | 180 | -------------------------------------------------------------------------------- /KRS-Gui/GuiForm.Method.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder; 2 | using KlazzRelationShipFinder.KRSFinder.Base; 3 | using KlazzRelationShipFinder.KRSFinder.LogPrinter; 4 | using KlazzRelationShipFinder.KRSFinder.MessageSaver; 5 | using KRS_Gui.KRSFinder.MessageSaver; 6 | using System; 7 | using System.Collections.Generic; 8 | using System.IO; 9 | using System.Text; 10 | using System.Threading; 11 | using System.Windows.Forms; 12 | 13 | namespace KRS_Gui 14 | { 15 | 16 | public partial class GuiForm 17 | { 18 | //Key:Package 19 | private Dictionary nodeSaver = new Dictionary(); 20 | 21 | void node_Click(object sender, TreeNodeMouseClickEventArgs e) 22 | { 23 | treeView1.BeginUpdate(); 24 | if (e.Node.Nodes.Count == 0 && e.Node.ImageIndex == LISTIMAGE_KLAZZ) 25 | { 26 | List vars = RelationSaver.relations[e.Node.Name]; 27 | //若节点为Klazz节点 28 | for (int i = 0; i < vars.Count; i++) 29 | { 30 | TreeNode node = new TreeNode(); 31 | node.Text = vars[i].var_name; 32 | node.Tag = i; 33 | node.ImageIndex = LISTIMAGE_OBJ; 34 | node.SelectedImageIndex = LISTIMAGE_OBJ; 35 | e.Node.Nodes.Add(node); 36 | } 37 | } 38 | else if (e.Node.ImageIndex == LISTIMAGE_OBJ) 39 | { 40 | listView1.Items.Clear(); 41 | List vars = RelationSaver.relations[e.Node.Parent.Name]; 42 | string sourceName = SourceNameSaver.getSourceName(e.Node.Parent.Name); 43 | if (sourceName != null) 44 | { 45 | ListViewItem item = new ListViewItem("本成员的隶属类的原类名为" + sourceName); 46 | listView1.Items.Add(item); 47 | } 48 | Var v = vars[(int)e.Node.Tag]; 49 | foreach (string comment in v.comments) 50 | { 51 | ListViewItem item = new ListViewItem(comment); 52 | listView1.Items.Add(item); 53 | } 54 | } 55 | treeView1.EndUpdate(); 56 | } 57 | 58 | void button2_Click(object sender, EventArgs e) 59 | { 60 | JadxConfig config = new JadxConfig(); 61 | config.Show(); 62 | } 63 | 64 | void button1_Click(object sender, EventArgs e) 65 | { 66 | SaverConfig.saveMembership = gainMemRelationShip.Checked; 67 | button1.Enabled = false; 68 | new Thread(() => 69 | { 70 | RelationSaver.Clear(); 71 | string path = textBox1.Text; 72 | new SmaliHandler(path).analyseSmaliFiles(); 73 | Invoke(new Action(() => listKlazzesInTreeView())); 74 | }).Start(); 75 | } 76 | 77 | public void AppendText(string text) 78 | { 79 | Invoke(new Action(() => 80 | { 81 | richTextBox1.Text = (text); 82 | richTextBox1.ScrollToCaret(); 83 | })); 84 | } 85 | 86 | public void ShowText(string text) 87 | { 88 | Invoke(new Action(() => 89 | { 90 | richTextBox2.Text = (text); 91 | //richTextBox1.ScrollToCaret(); 92 | })); 93 | } 94 | 95 | private void listKlazzesInTreeView() 96 | { 97 | //开始更新treeView 98 | treeView1.BeginUpdate(); 99 | nodeSaver.Clear(); 100 | treeView1.Nodes.Clear(); 101 | 102 | Dictionary> relations = RelationSaver.relations; 103 | string Json = RelationSaver.convertRelationToJson(); 104 | Log.log(Json); 105 | StreamWriter writer = new StreamWriter("./result.json", false, Encoding.UTF8); 106 | writer.AutoFlush = true; 107 | writer.Write(Json); 108 | writer.Close(); 109 | writer = null; 110 | 111 | Json = RelationSaver.convertCallStackToJson(); 112 | //Log.log(Json); 113 | writer = new StreamWriter("./callstack.json", false, Encoding.UTF8); 114 | writer.AutoFlush = true; 115 | writer.Write(Json); 116 | writer.Close(); 117 | 118 | //取出klazz列表 119 | foreach (string klazz in relations.Keys) 120 | { 121 | string package = getParentPackage(klazz); 122 | string klazz_name = getKlazz(klazz); 123 | handleNodes(package, klazz_name); 124 | } 125 | treeView1.EndUpdate(); 126 | 127 | button1.Enabled = true; 128 | } 129 | 130 | /// 131 | /// 根据提供的package与class_name保存treeView的子节点 132 | /// 133 | /// 134 | /// 135 | private void handleNodes(string package, string klazz_name) 136 | { 137 | TreeNode package_node = nodeSaver.GetValueOrDefault(package, null); 138 | //若nodeSaver成员中未保存当前package的node 139 | if (package_node == null && !package.Equals("")) 140 | { 141 | string key = ""; 142 | foreach (string s in package.Split("/")) 143 | { 144 | 145 | TreeNode sub_node = nodeSaver.GetValueOrDefault(key + s, null); 146 | if (sub_node == null) 147 | { 148 | //package的根目录未创建node的情况下 149 | if (key.Equals("")) 150 | { 151 | sub_node = new TreeNode(); 152 | sub_node.Text = s; 153 | sub_node.ImageIndex = LISTIMAGE_PACKAGE; 154 | treeView1.Nodes.Add(sub_node); 155 | nodeSaver[s] = sub_node; 156 | key = s + "/"; 157 | package_node = sub_node; 158 | continue; 159 | } 160 | 161 | //若未创建node非根节点,则为此节点添加子节点 162 | string p_package = getParentPackage(key); 163 | sub_node = nodeSaver[p_package]; 164 | TreeNode s_node = new TreeNode(); 165 | s_node.Text = s; 166 | s_node.ImageIndex = LISTIMAGE_PACKAGE; 167 | sub_node.Nodes.Add(s_node); 168 | nodeSaver[key + s] = s_node; 169 | key = key + s + "/"; 170 | package_node = s_node; 171 | continue; 172 | } 173 | 174 | key = key + s + "/"; 175 | package_node = sub_node; 176 | } 177 | } 178 | 179 | if (package.Equals("")) 180 | { 181 | TreeNode klazz = new TreeNode(); 182 | klazz.Text = klazz_name; 183 | klazz.Name = klazz_name; 184 | klazz.ImageIndex = LISTIMAGE_KLAZZ; 185 | klazz.SelectedImageIndex = LISTIMAGE_KLAZZ; 186 | treeView1.Nodes.Add(klazz); 187 | } 188 | else 189 | { 190 | TreeNode klazz = new TreeNode(); 191 | klazz.Text = klazz_name; 192 | klazz.Name = package + "/" + klazz_name; 193 | klazz.ImageIndex = LISTIMAGE_KLAZZ; 194 | klazz.SelectedImageIndex = LISTIMAGE_KLAZZ; 195 | package_node.Nodes.Add(klazz); 196 | } 197 | } 198 | 199 | /// 200 | /// 获取class的所在package 201 | /// 202 | /// A/B/C 203 | /// A/B 204 | private string getParentPackage(string klazz) 205 | { 206 | int length = klazz.Contains("/") ? klazz.LastIndexOf("/") : 0; 207 | return klazz.Substring(0, length); 208 | } 209 | 210 | /// 211 | /// 获取class名 212 | /// 213 | /// A/B/C 214 | /// C 215 | private string getKlazz(string klazz) 216 | { 217 | if (klazz.Contains("/")) 218 | { 219 | string[] ks = klazz.Split("/"); 220 | return ks[ks.Length - 1]; 221 | } 222 | return klazz; 223 | } 224 | 225 | } 226 | } 227 | -------------------------------------------------------------------------------- /KRS-Gui/KRSFinder/Module/MethodCodeAnalyseModule.cs: -------------------------------------------------------------------------------- 1 | using KlazzRelationShipFinder.KRSFinder.Base; 2 | using KlazzRelationShipFinder.KRSFinder.Handler; 3 | using KlazzRelationShipFinder.KRSFinder.Module.Smali; 4 | using System.Collections.Generic; 5 | using System.IO; 6 | using System.Text.RegularExpressions; 7 | 8 | namespace KlazzRelationShipFinder.KRSFinder.Module 9 | { 10 | class MethodCodeAnalyseModule 11 | { 12 | public const string TAG = "MethodCodeAnalyseModule"; 13 | 14 | //当forceBreak到达阀值时直接跳出死循环 15 | int forceBreak = 0; 16 | 17 | private SmaliFileAnalyseModule smaliFileAnalyseModule { set; get; } 18 | 19 | //主寄存器集 20 | //private TempRegisterMap mainRegisterMap = new TempRegisterMap(); 21 | 22 | //分析地图(代码流地图),每个单次分析开始时需要将已分析路线录入此对象!! 23 | private List analysedMap = new List(); 24 | 25 | //记录goto操作码循环状态的目标区块 26 | //private List loopGoto = new List(); 27 | 28 | //储存方法区块代码 29 | private Dictionary methodBlocks = new Dictionary(); 30 | 31 | //储存其他区块需要使用的临时寄存器集 32 | //Key:L0 方法区块名 33 | //Value Dictionary<区块对应的临时寄存器集,寄存器集对应的分析地图> 34 | //Dictionary> 35 | //private Dictionary tempRegisterMap = new Dictionary(); 36 | Dictionary>> tempRegisterMap = new Dictionary>>(); 37 | private Dictionary> registerAnalysedMap = new Dictionary>(); 38 | 39 | //为每个寄存器储存相应的分析地图 40 | //private Dictionary> registerAnalysedMap = new Dictionary>(); 41 | 42 | //储存switch的转跳内容 43 | //Key:L0 44 | private Dictionary> switchs = new Dictionary>(); 45 | 46 | //goto操作码的目标区块 47 | private string gotoTarget = null; 48 | 49 | public MethodCodeAnalyseModule(SmaliFileAnalyseModule smaliFileAnalyseModule, string methodCode) 50 | { 51 | this.smaliFileAnalyseModule = smaliFileAnalyseModule; 52 | if (Config.isBakSmali) 53 | { 54 | methodCode = " :TOP\n" + methodCode + "\n :"; 55 | } 56 | else 57 | { 58 | methodCode = " :TOP\n" + methodCode + "\n :"; 59 | } 60 | 61 | TempRegisterMap init = new TempRegisterMap(); 62 | int index = 1; 63 | for (int i = (smaliFileAnalyseModule.isStatic ? 0 : 1); 64 | i < smaliFileAnalyseModule.funcArgs + (smaliFileAnalyseModule.isStatic ? 0 : 1); i++) 65 | { 66 | Var arg = new Var(); 67 | arg.isFuncArg = true; 68 | arg.var_name = index + ""; 69 | index += 1; 70 | init.putRegister("p" + i, new TempRegister(arg)); 71 | } 72 | 73 | Dictionary> top = new Dictionary>(); 74 | top[init] = analysedMap; 75 | tempRegisterMap["TOP"] = top; 76 | 77 | /** 78 | * :L6 79 | * .sparse-switch 80 | * 0 -> :L4 81 | * 200 -> :L5 82 | * .end sparse-switch 83 | * 84 | * Key:L6 85 | * List{L4,L5} 86 | */ 87 | //在正式分析方法体前捕获switch相关内容 88 | //baksmali:^\\s{2}:(\\w{2,})\\n^\\s+\\.\\w+?-switch.*?\\n(.+?)\\n\\s{2}\\. 89 | string reg_str = "^\\s{2}:(\\w{2,})\\n^\\s+\\.\\w+?-switch.*?\\n(.+?)\\n\\s{2}\\."; 90 | if (!Config.isBakSmali) reg_str = "^\\s{4}:(\\w{2,})\n^\\s+\\.\\w+?-switch.*?\n(.+?)\\n\\s{4}\\."; 91 | Regex regex = new Regex(reg_str, RegexOptions.Multiline | RegexOptions.Singleline); 92 | Dictionary temp_switchs = new Dictionary(); 93 | foreach (Match m in regex.Matches(methodCode)) 94 | { 95 | temp_switchs[m.Groups[1].Value] = m.Groups[2].Value; 96 | } 97 | 98 | if (temp_switchs.Count != 0) 99 | { 100 | //提取switch内容的转跳方法区块 101 | Regex block = new Regex(":(\\w+)"); 102 | foreach (string k in temp_switchs.Keys) 103 | { 104 | List switch_block = new List(); 105 | foreach (Match m in block.Matches(temp_switchs[k])) 106 | { 107 | //获取每个switch内容的转跳区块 108 | switch_block.Add(m.Groups[1].Value); 109 | } 110 | switchs[k] = switch_block; 111 | } 112 | 113 | //替换所有switch分支为if分支,方便分析 114 | foreach (string b in switchs.Keys) 115 | { 116 | string if_switch = ""; 117 | foreach (string goto_ in switchs[b]) 118 | { 119 | if_switch += " if-switch ,:" + goto_ + "\n"; 120 | } 121 | Regex reg = new Regex("^\\s+.+switch.+:" + b, RegexOptions.Multiline); 122 | methodCode = reg.Replace(methodCode, if_switch); 123 | } 124 | } 125 | 126 | //开始分割方法区块 127 | StringReader reader = new StringReader(methodCode); 128 | string line = null; 129 | string block_name = ""; 130 | string block_m = ""; 131 | while ((line = reader.ReadLine()) != null) 132 | { 133 | if (line.Trim().StartsWith(":")) 134 | { 135 | methodBlocks[block_name] = block_m; 136 | block_m = ""; 137 | block_name = line.Trim().Replace(":", ""); 138 | continue; 139 | } 140 | else 141 | { 142 | block_m += line + "\n"; 143 | continue; 144 | } 145 | } 146 | 147 | //string reg_str1 = "^\\s{2}:(\\w+)"; 148 | //if (!Config.isBakSmali) reg_str1 = "^\\s{4}:(\\w+)"; 149 | //Regex blockName = new Regex(reg_str1, RegexOptions.Multiline); 150 | //foreach (Match m in blockName.Matches(methodCode)) 151 | //{ 152 | // string key = m.Groups[1].Value; 153 | // //根据方法区块名match对应的方法区块 154 | // string reg_str2 = "(?:^\\s{2}:" + key + ")\\n(.+?)(?:^\\s{2}:)"; 155 | // if (!Config.isBakSmali) reg_str2 = "(?:^\\s{4}:" + key + ")\\n(.+?)(?:^\\s{4}:)"; 156 | // Regex methodCode_ = new Regex(reg_str2, RegexOptions.Multiline | RegexOptions.Singleline); 157 | // Match match = methodCode_.Match(methodCode); 158 | // methodBlocks[key] = match.Groups[1].Value; 159 | //} 160 | 161 | //Log.log(TAG, "Construct Over"); 162 | } 163 | 164 | /// 165 | /// 执行器 166 | /// 167 | public void execute() 168 | { 169 | while (tempRegisterMap.Count != 0) 170 | { 171 | if (forceQuit()) break; 172 | 173 | Dictionary>> temp = new Dictionary>>(tempRegisterMap); 174 | //Dictionary temp = new Dictionary(tempRegisterMap); 175 | //取出临时寄存器集中保存的方法区块名 176 | foreach (string k in temp.Keys) 177 | { 178 | if (forceQuit()) break; 179 | 180 | //取出此区块名下所有保存的临时寄存器 181 | Dictionary> tempList = new Dictionary>(temp[k]); 182 | foreach (TempRegisterMap registerMap in tempList.Keys) 183 | { 184 | if (forceQuit()) break; 185 | 186 | //在每个单次分析开始前清理一次路线对象 187 | analysedMap.Clear(); 188 | //if (tempRegisterMap[k].ContainsKey(registerMap)) { 189 | analysedMap = tempRegisterMap[k].GetValueOrDefault(registerMap, new List()); 190 | //} 191 | bool gotoLoop = false;//标记由于goto操作码造成的源码层面上的循环 192 | bool begin = false; 193 | do 194 | { 195 | //遍历每个方法区块 196 | foreach (string blockName in methodBlocks.Keys) 197 | { 198 | if (forceQuit()) return; 199 | //若当前区块名与保持寄存器的区块名不一致 200 | //则认为当前区块不匹配当前取出的寄存器集,继续查找下一个区块 201 | if (!begin && blockName.Equals(k)) 202 | { 203 | begin = true; 204 | } 205 | else if (!begin && !blockName.Equals(k)) 206 | { 207 | continue; 208 | } 209 | 210 | if (gotoTarget != null) 211 | { 212 | //若当前已经被标记loop,且目标仍然在分析路线中 213 | //则认为单次分析已经没有必要,清理goto相关数据后直接跳出循环 214 | if (gotoLoop && analysedMap.Contains(gotoTarget)) 215 | { 216 | gotoLoop = false; 217 | //loopGoto.Add(gotoTarget); 218 | gotoTarget = null; 219 | break; 220 | } 221 | 222 | //若goto操作码标记的目标区块非当前区块,则直接跳过当前区块的分析 223 | if (!blockName.Equals(gotoTarget)) 224 | { 225 | continue; 226 | } 227 | else 228 | { 229 | //若在goto标记的目标区块符合当前遍历到的方法区块 230 | //并且在分析线路中已经包含该区块(该区块已经被分析过一遍) 231 | if (!gotoLoop && analysedMap.Contains(gotoTarget)) 232 | { 233 | gotoLoop = true;//启用loop标记 234 | } 235 | } 236 | } 237 | 238 | gotoTarget = null; 239 | 240 | if (tempRegisterMap.ContainsKey(k)) tempRegisterMap[k].Remove(registerMap); 241 | 242 | //为路线储存当前的区块名 243 | if (!analysedMap.Contains(blockName)) analysedMap.Add(blockName); 244 | 245 | //分析当前方法区块 246 | methodAnalyse(blockName, registerMap); 247 | } 248 | } while (gotoTarget != null && !forceQuit());//若gotoTarget不为空则表示仍然需要循环一次来寻找目标区块 249 | 250 | //registerAnalysedMap.Remove(registerMap); 251 | 252 | if (tempRegisterMap.ContainsKey(k) && tempRegisterMap[k].Count == 0) 253 | { 254 | tempRegisterMap.Remove(k); 255 | } 256 | } 257 | 258 | if (tempRegisterMap.ContainsKey(k) && tempRegisterMap[k].Count == 0) 259 | { 260 | tempRegisterMap.Remove(k); 261 | } 262 | 263 | } 264 | } 265 | tempRegisterMap.Clear(); 266 | } 267 | 268 | /// 269 | /// 判断死循环阀值 270 | /// 271 | /// 272 | private bool forceQuit() 273 | { 274 | return forceBreak >= 30; 275 | } 276 | 277 | /// 278 | /// 分析指定方法区块 279 | /// 280 | /// 281 | private void methodAnalyse(string methodBlockName, TempRegisterMap register) 282 | { 283 | forceBreak += 1; 284 | /** 285 | * 分析期间可以直接对临时寄存器集进行操作 286 | */ 287 | string methodCode = methodBlocks[methodBlockName]; 288 | 289 | IBaseHandler handler; 290 | using (StringReader codeReader = new StringReader(methodCode)) 291 | { 292 | string line = null; 293 | while ((line = codeReader.ReadLine()) != null) 294 | { 295 | 296 | //在正式进入分析阶段前需将当前行前后空格剔除,防止在handler模块中出现错误 297 | line = line.Trim(); 298 | 299 | //获取当前行的操作码 300 | int opCode = OpCode.getOpCode(line); 301 | if (opCode == OpCode.NOP) continue; 302 | int opCode_Type = OpCode.getType(opCode); 303 | 304 | switch (opCode_Type) 305 | { 306 | case OpCode.TYPE_MUST: 307 | { 308 | if (opCode == OpCode.GET_OPC_MUST) 309 | { 310 | handler = new GetOpCodeHandler(); 311 | handler.lineHandler(line, null, register); 312 | } 313 | else if (opCode == OpCode.INVOKE_OPC_MUST) 314 | { 315 | handler = new InvokeOpCodeHandler(); 316 | handler.lineHandler(line, smaliFileAnalyseModule, register); 317 | } 318 | else if (opCode == OpCode.IF_OPC_MUST) 319 | { 320 | IfOpCodeHandler ifhandler = new IfOpCodeHandler(); 321 | string if_target = (string)ifhandler.lineHandler(line, null, null); 322 | 323 | //若寄存器已被标记在源码层上的循环,并且目标区块已经出现在分析地图中 324 | //则不需要对该if操作码进行任何操作,直接读取下一行代码 325 | bool rewalk = analysedMap.Contains(if_target); 326 | if (register.isLoop && rewalk) 327 | { 328 | return; 329 | } 330 | 331 | //若if操作码的目标区块已经在分析地图中 332 | if (rewalk) 333 | { 334 | register.isLoop = true; 335 | } 336 | ifhandler.setTargetBlockTempRegister(tempRegisterMap, register, analysedMap); 337 | //registerAnalysedMap[temp] = new List(analysedMap); 338 | } 339 | else if (opCode == OpCode.GOTO_OPC_MUST) 340 | { 341 | /** 342 | * 默认情况下认为一个方法区块仅有一个goto指令 343 | * 因为在goto指令获得执行后,无论区块是否还有余下的操作码,都不会获得执行 344 | * 345 | * bytecode-xxx vx,vy 346 | * goto :LX 347 | * bytecode-xxx vx,vy <-- 该行将永远不可能执行 348 | */ 349 | handler = new GotoOpCodeHandler(); 350 | gotoTarget = (string)handler.lineHandler(line, null, null); 351 | //防止goto操作码导致的死循环 352 | //if (loopGoto.Contains(gotoTarget)) gotoTarget = null; 353 | return; 354 | } 355 | else if (opCode == OpCode.RETURN_OPC_MUST) 356 | { 357 | return; 358 | } 359 | else if (opCode == OpCode.CONST_OPC_MUST) 360 | { 361 | handler = new ConstOpCodeHandler(); 362 | handler.lineHandler(line, smaliFileAnalyseModule, register); 363 | } 364 | break; 365 | } 366 | case OpCode.TYPE_CHECK: 367 | { 368 | foreach (string reg in register.Clone().Keys) 369 | { 370 | if (line.Contains(reg)) 371 | { 372 | if (opCode == OpCode.ARRAY_OPC_CHECK) 373 | { 374 | handler = new ArrayOpCodeHandler(); 375 | handler.lineHandler(line, null, register); 376 | } 377 | else if (opCode == OpCode.CALC_OPC_CHECK) 378 | { 379 | handler = new CalcOpCodeHandler(); 380 | handler.lineHandler(line, null, register); 381 | } 382 | else if (opCode == OpCode.CMP_OPC_CHECK) 383 | { 384 | handler = new CmpOpCodeHandler(); 385 | handler.lineHandler(line, null, register); 386 | } 387 | else if (opCode == OpCode.LOCAL_OPC_CHECK) 388 | { 389 | handler = new LocalNameHandler(); 390 | handler.lineHandler(line, smaliFileAnalyseModule, register); 391 | } 392 | else if (opCode == OpCode.INSTANCE_OF_OPC_CHECK) 393 | { 394 | handler = new InstanceOfOpCodeHandler(); 395 | handler.lineHandler(line, null, register); 396 | } 397 | else if (opCode == OpCode.MOVE_OPC_CHECK) 398 | { 399 | handler = new MoveOpCodeHandler(); 400 | handler.lineHandler(line, smaliFileAnalyseModule, register); 401 | } 402 | else if (opCode == OpCode.NEW_INSTANCE_OPC_CHECK) 403 | { 404 | handler = new NewInstanceOpCodeHandler(); 405 | handler.lineHandler(line, null, register); 406 | } 407 | else if (opCode == OpCode.PUT_OPC_CHECK) 408 | { 409 | handler = new PutOpCodeHandler(); 410 | handler.lineHandler(line, smaliFileAnalyseModule, register); 411 | } 412 | } 413 | } 414 | break; 415 | } 416 | 417 | } 418 | } 419 | 420 | } 421 | } 422 | } 423 | } 424 | --------------------------------------------------------------------------------