APK Parser: Your Crowbar for Android Archives
Project description
APK-PARSER
APK Parser: Your Crowbar for Android Archive
Description
At its core, every APK is a fortress built on a simple foundation: the ZIP archive. apk-parser is the key to that fortress.
This is a standalone, dependency-free, native Python library designed to do one thing and do it exceptionally well: deconstruct the fundamental structure of an Android Application Package (APK). It is a foundational pillar of the new Androguard Ecosystem, providing robust, reliable, and performant access to the raw contents of any APK file.
Philosophy
Following the "Deconstruct to Reconstruct" philosophy of the new Androguard, apk-parser has been uncoupled from the main analysis engine. It exists as an independent, lightweight, and highly portable tool. By focusing solely on the archive layer, it provides a stable and predictable interface for any tool that needs to peer inside an APK.
Key Features
-
Archive Integrity & Parsing: Reads the full structure of the APK's ZIP archive, including the central directory, without relying on external unzip commands.
-
File Extraction: Pull any file from the archive by its path, from classes.dex to raw resources in the res/ directory.
-
Manifest Access: Seamlessly locate and extract the binary AndroidManifest.xml file, ready to be passed to the axml library for decoding.
-
Signature & Metadata: Parses the META-INF directory to extract signature block files and certificate information, allowing for basic signature verification.
-
Pure & Pythonic: Written in native Python with zero external dependencies for maximum portability and a minimal footprint.
Installation
If you would like to install it locally, please create a new venv to use it directly, and then:
$ git clone https://github.com/androguard/apk-parser.git
$ pip install -e .
or directly via pypi:
$ pip install apkparser-ag
Usage
apkparser-ag is also a quick command line to extract information about an APK:
(.venv) ➜ apk-parser git:(main) ✗ apkparser -i Android.apk
API
Let's say you have access to a python shell and import apkparser, you can load it with full analysis like:
import apkparser
w = apkparser.APK(io.BytesIO(open("Android.apk", "rb").read()), {apkparser.OPTION_AXML: True, apkparser.OPTION_SIGNATURE: True, apkparser.OPTION_PERMISSION: True})
For each class you can get documentation via:
help(w)
Basic information
>>> w.get_main_activity()
'me.proton.android.calendar.presentation.main.MainActivity'
>>> [i for i in w.get_dex_names()]
['classes.dex', 'classes10.dex', 'classes11.dex', 'classes12.dex', 'classes13.dex', 'classes14.dex', 'classes15.dex', 'classes2.dex', 'classes3.dex', 'classes4.dex', 'classes5.dex', 'classes6.dex', 'classes7.dex', 'classes8.dex', 'classes9.dex']
>>> w.get_services()
['androidx.room.MultiInstanceInvalidationService', 'com.google.android.datatransport.runtime.scheduling.jobscheduling.JobInfoSchedulerService', 'androidx.work.impl.background.systemjob.SystemJobService', 'com.google.android.datatransport.runtime.backends.TransportBackendDiscovery', 'com.google.android.gms.auth.api.signin.RevocationBoundService', 'androidx.work.impl.background.systemalarm.SystemAlarmService', 'androidx.work.impl.foreground.SystemForegroundService', 'me.proton.android.calendar.CalendarWidgetRemoteViewsService']
>>> w.get_android_manifest()
<axml.axml.printer.AXMLPrinter object at 0x79cffeb44ad0>
>>> w.get_app_name()
'Proton Calendar'
File Extraction
>>> w.get_files()
['META-INF/com/android/build/gradle/app-metadata.properties', 'META-INF/version-control-info.textproto', 'assets/dexopt/baseline.prof', 'assets/dexopt/baseline.profm', 'classes.dex', 'classes10.dex', 'classes11.dex', 'classes12.dex', 'classes13.dex', 'classes14.dex', 'classes15.dex', 'classes2.dex', 'classes3.dex', 'classes4.dex', 'classes5.dex', 'classes6.dex', 'classes7.dex', 'classes8.dex', 'classes9.dex', 'lib/arm64-v8a/libandroidx.graphics.path.so', 'lib/arm64-v8a/libgojni.so', 'lib/arm64-v8a/libsentry-android.so', 'lib/arm64-v8a/libsentry.so', ....]
Signature
The signature object in the APK class can handle all things related to signatures, certificates related to the APK, like:
>>> w.signature.get_certificates()
[<asn1crypto.x509.Certificate 133934071544272 b'0\x82\x03\xc50\x82\x02\xad\xa0\x03\x02\x01\x02\x02\x04\x07\xf5\x0280\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x000\x81\x921\x0b0\t\x06\x03U\x04\x06\x13\x02CH1\x0f0\r\x06\x03U\x04\x08\x13\x06Geneva1\x0f0\r\x06\x03U\x04\x07\x13\x06Geneva1\x1f0\x1d\x06\x03U\x04\n\x13\x16Proton Technologies AG1\x1f0\x1d\x06\x03U\x04\x0b\x13\x16Proton Technologies...]
signature.find_certificate(
signature.get_certificates_v1()
signature.get_public_keys_v2()
signature.is_signed()
signature.parse_v3_signing_block()
signature.get_certificate(
signature.get_certificates_v2()
signature.get_public_keys_v3()
signature.is_signed_v1()
signature.verify_signature(
signature.get_certificate_der(
signature.get_certificates_v3()
signature.get_signature()
signature.is_signed_v2()
signature.verify_signer_info_against_sig_file(
signature.get_certificates()
signature.get_hash_algorithm(
signature.get_signature_name()
signature.is_signed_v3()
signature.get_certificates_der_v2()
signature.get_public_keys_der_v2()
signature.get_signature_names()
signature.parse_v2_signing_block()
signature.get_certificates_der_v3()
signature.get_public_keys_der_v3()
signature.get_signatures()
signature.parse_v2_v3_signature()
Permissions
The permissions object in the APK can handle all things related to permissions usage, detailed permissions, aosp permissions etc, like:
>>> w.permissions.get_details_permissions()
{'android.permission.USE_EXACT_ALARM': ['normal', 'Schedule alarms or event reminders', 'This app can schedule actions like alarms and reminders to notify you at a desired time in the future.'], 'android.permission.FOREGROUND_SERVICE': ['normal|instant', 'run foreground service', 'Allows the app to make use of foreground services.'], ...}
DEX objects
It is possible also to get all DEX (DEXHelper) objects from the APK for easy usage like:
for dex_file in w.get_all_dex():
print(dex_file)
License
Distributed under the Apache License, Version 2.0.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file apkparser_ag-0.0.2.tar.gz.
File metadata
- Download URL: apkparser_ag-0.0.2.tar.gz
- Upload date:
- Size: 43.1 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bbcc3b72daf682f4019884196c6df77d514ef42cd736cbcaed25c84ff13b9ce5
|
|
| MD5 |
d49a964851beee12532d3d08f3141b7a
|
|
| BLAKE2b-256 |
99b41d9640a739c5b9d66e760cefc0f7664485337bbaf13e50fbeabfdfd41996
|
File details
Details for the file apkparser_ag-0.0.2-py3-none-any.whl.
File metadata
- Download URL: apkparser_ag-0.0.2-py3-none-any.whl
- Upload date:
- Size: 740.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
83f2c71173b974f258cebea132b2ed4addd65c99e1a9958ceda348a7a6ee2b62
|
|
| MD5 |
55cc7282e37b99c6c84bf174486b33f0
|
|
| BLAKE2b-256 |
12e79305b54d0bd344ab673672f41720483460eb32fa4117a88a8c17b88f96e0
|
