import struct
import os
#這裏定義一個讀取字符串長度的函數
def DecUnsignedLEB128(file):
result = struct.unpack("i", file.read(4))[0]#讀取4字節中的第一個字節
result = result&0x000000ff
file.seek(-3, 1) #倒退回前面的第三個字節 # 不能直接從1字節強轉爲4字節,所以先取4字節,再清空3字節
if (result > 0x7f):
next = struct.unpack("i", file.read(4))[0]
next = next&0x000000ff #第一位是個位
file.seek(-3, 1)
result = (result&0x7f) | (next&0x7f)<<7
if(next > 0x7f):
next = struct.unpack("i", file.read(4))[0]
next = next&0x000000ff #加入十位
file.seek(-3, 1)
result = result | (next&0x7f)<<14
if(next > 0x7f):
next = struct.unpack("i", file.read(4))[0]
next = next&0x000000ff
file.seek(-3, 1)
result = result | (next&0x7f)<<21
if(next > 0x7f):
next = struct.unpack("i", file.read(4))[0]
next = next&0x000000ff
file.seek(-3, 1)
result = result | next<<28
#print "result:", result
return result
dex = open("imissTest.dex", 'rb') #rb的意思是 read and write in binary file
dex.seek(0x38, 0)#string table的偏移
tmp = dex.read(8)
string_count, string_table_off = struct.unpack("II", tmp) #"II"是分別讀取的意思
print ("size:", string_count, " off:", string_table_off)
dex.seek(string_table_off, 0)
DexStrOffList = []
count = 0
while(count<string_count):
DexStrOffList.append(struct.unpack("i", dex.read(4))[0])#unpack返回一個tuple 取第0個元素
count+=1
DexStrList = []
nonullcount = 0
for stroff in DexStrOffList:
dex.seek(stroff, 0)
strlen = DecUnsignedLEB128(dex)
if(strlen == 0):
continue
input = dex.read(strlen)
DexStrList.append(struct.unpack(str(strlen)+"s", input)) #解析不定長的字符串
nonullcount+=1
outputfile = open("string.txt", "w")
count = 0
print ("string:",string_count)
for i in DexStrList:
outputfile.write('%s\n'%i) #將元組中的元素寫入文件
outputfile.close()
dex.close()讀取.dex文件中的所有字符串
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章