CN112953721A - IPA file analysis method, device, equipment and storage medium - Google Patents
IPA file analysis method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN112953721A CN112953721A CN202110120487.7A CN202110120487A CN112953721A CN 112953721 A CN112953721 A CN 112953721A CN 202110120487 A CN202110120487 A CN 202110120487A CN 112953721 A CN112953721 A CN 112953721A
- Authority
- CN
- China
- Prior art keywords
- file
- ipa
- information
- files
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 41
- 238000004088 simulation Methods 0.000 claims abstract description 42
- 238000000034 method Methods 0.000 claims abstract description 36
- 230000003068 static effect Effects 0.000 claims description 17
- 238000004806 packaging method and process Methods 0.000 claims description 10
- 239000000463 material Substances 0.000 claims description 7
- 238000001914 filtration Methods 0.000 claims description 5
- 239000000126 substance Substances 0.000 claims description 2
- 230000006835 compression Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000007613 environmental effect Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000007781 pre-processing Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000004883 computer application Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Debugging And Monitoring (AREA)
Abstract
The embodiment of the application discloses an analysis method, an analysis device, analysis equipment and a storage medium for an IPA file, which are used for solving the technical problem that the analysis of the IPA file under different operating systems is difficult to realize in the prior art. Acquiring an operation record of an application program corresponding to an IPA file to be analyzed, and establishing a simulation environment in a current operating system through the operation record; analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information; analyzing other files in the IPA file to acquire file information corresponding to the other files respectively; and obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis. Through the method, the IPA file can be analyzed under different operating systems.
Description
Technical Field
The present application relates to the field of computer applications, and in particular, to a method, an apparatus, a device, and a storage medium for parsing an IPA file.
Background
The iOS app is an IPA compressed software package generated based on compilation of an iOS or MacOS operating system, and the file of the IPA suffix is the software package of the iOS system. Generally, IPA files are encrypted and protected using the FairPlayDRM technology of apple inc. Each IPA file is an executable file of an ARM framework and a package file of a resource file of the application, and can only be installed on an iPhone, an iPod Touch or an iPad.
In the cloud computing context, the IPA file needs to be parsed in other operating system environments, but the parsing of existing IPA files is limited to the MacOS or iOS operating systems.
Based on this, there is a need for an IPA file parsing scheme that is not limited to a MacOS or iOS operating system in a cloud computing context and completes parsing of an IPA file.
Disclosure of Invention
The embodiment of the application provides an analysis method, device, equipment and storage medium of an IPA file, which are used for solving the following technical problems: in the background of cloud computing, the prior art is difficult to analyze the IPA file under different operating systems.
The embodiment of the application adopts the following technical scheme:
the embodiment of the application provides an analysis method of an IPA file. Acquiring an operation record of an application program corresponding to an IPA file to be analyzed, and establishing a simulation environment in a current operating system through the operation record; analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information; analyzing other files in the IPA file to acquire file information corresponding to the other files respectively; and obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis.
According to the embodiment of the application, the signature file in the IPA file is analyzed by establishing the simulation environment, so that the acquired signature information is more accurate. In addition, the embodiment of the application analyzes other files in the IPA file, so that file information is generated in different operating systems, and the integrity of the analyzed information is ensured. And the embodiment of the application ensures the safety of the IPA file by respectively analyzing the signature file and other files, completely gets rid of the environmental constraints such as MacOS and the like, and fully meets the requirements of the existing SaaS cloud service cloud computing.
In an implementation manner of the present application, an operation record of an application program corresponding to an IPA file to be parsed is obtained, and a simulation environment is established in a current operating system through the operation record, which specifically includes: acquiring the running record of the application program corresponding to the IPA file in the MacOS system or the iOS system through the system authority; and operating the acquired operation record in the current system by using a simulator, and establishing a simulated operation environment of the application program in the current operating system.
According to the method and the device, the operating record of the application program is obtained, the simulated environment is established to analyze the signature file, and the safety and the stability of file analysis are guaranteed. And through establishing the simulation environment, the purpose of analyzing the IPA file in a cross-platform mode is achieved, complete file information can be obtained, and high analysis efficiency can be guaranteed.
In one implementation of the present application, the method further comprises: analyzing the signature file in the IPA file by using a method of only reading useful information to obtain analyzed signature file information; and comparing the signature file information obtained in the simulation environment with the signature file information obtained by reading only useful information to determine correct signature file information.
According to the method and the device, the information of the signature file can be acquired in a short time by only reading the useful information. And relatively complete file information can be obtained through the simulation environment. According to the embodiment of the application, the file information obtained by the two kinds of analysis is compared, and the accuracy of the file information can be ensured.
In an implementation manner of the present application, the method for reading only useful information specifically includes: filtering the signature file in the IPA file to obtain filtered file information; using the filtered file information as signature file information of the IPA file; the signature file at least comprises one or more items of filtered file information, encrypted information, incomplete information and error information.
In an implementation manner of the present application, parsing other files in the IPA file specifically includes: and respectively analyzing one or more of executable files, resource packaging files, signature files, Plist files, Nib files, dynamic libraries, static libraries, extension files, material files and data files in the IPA files.
In an implementation manner of the present application, obtaining file information corresponding to other files respectively specifically includes: analyzing a file with the same type as the executable file in the IPA file, and acquiring storage information in the file and the size of the storage information; decompressing the resource packaging file in the IPA file to obtain media information; the media information at least comprises one or more items of icons and loading graphs; and analyzing the files with the same type as the xml files in the IPA files to acquire the configuration information of the application program.
In an implementation manner of the present application, parsing a file in an IPA file that is the same as an executable file in type, and acquiring storage information in the file and a size of the storage information specifically includes: analyzing one or more items of executable files, dynamic libraries, static libraries, extension files, material files and data files in the IPA file; acquiring the data and the size of a header file and the data and the size of a plurality of target files in the file, counting the sizes of the files belonging to the same static library, and determining the data size of the static library.
The embodiment of the application provides an analytical equipment of IPA file, includes: the simulation environment establishing unit is used for acquiring the operation record of the application program corresponding to the IPA file to be analyzed and establishing a simulation environment in the current operating system through the operation record; the signature file analysis unit is used for analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information; the other file analyzing unit is used for analyzing other files in the IPA file to acquire file information corresponding to the other files respectively; and the file analysis unit is used for obtaining the IPA file information through the signature file information and the file information corresponding to other files respectively, and completing IPA file analysis.
The embodiment of the application provides an analysis equipment of IPA file, include: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to: acquiring an operation record of an application program corresponding to an IPA file to be analyzed, and establishing a simulation environment in a current operating system through the operation record; analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information; analyzing other files in the IPA file to acquire file information corresponding to the other files respectively; and obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis.
A non-volatile computer storage medium provided in an embodiment of the present application stores computer-executable instructions configured to: acquiring an operation record of an application program corresponding to an IPA file to be analyzed, and establishing a simulation environment in a current operating system through the operation record; analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information; analyzing other files in the IPA file to acquire file information corresponding to the other files respectively; and obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis.
The embodiment of the application adopts at least one technical scheme which can achieve the following beneficial effects: according to the embodiment of the application, the signature file in the IPA file is analyzed by establishing the simulation environment, so that the acquired signature information is more accurate. In addition, the embodiment of the application analyzes other files in the IPA file, so that file information is generated in different operating systems, and the integrity of the analyzed information is ensured. And the embodiment of the application ensures the safety of the IPA file by respectively analyzing the signature file and other files, completely gets rid of the environmental constraints such as macOS and the like, and fully meets the requirements of the existing SaaS cloud service cloud computing.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative effort. In the drawings:
FIG. 1 is a flowchart of an IPA file parsing method provided by an embodiment of the application;
fig. 2 is a schematic structural diagram of an IPA file parsing apparatus according to an embodiment of the present disclosure;
fig. 3 is a schematic diagram of an internal structure of an IPA file parsing apparatus according to an embodiment of the present application.
Detailed Description
The embodiment of the application provides an analysis method and device of an IPA file and a storage medium.
In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Existing iOS apps are IPA-compressed software packages that are compiled based on the MacOS operating system. Typically, IPA files are cryptographically protected using the FairPlayDRM technology of apple inc. Each IPA file is an executable file of an ARM framework and a package file of a resource file of the application, and can only be installed on an iPhone, an iPod Touch or an iPad. Therefore, the parsing of IPA compression packages is limited to either the MacOS or iOS operating systems.
Particularly, in the development process, the deployment analysis process tends to be directly performed at a server and a cloud terminal in the cloud computing background. However, since the server currently has few MacOS systems, it is extremely inconvenient to parse an IPA file in the MacOS system. The linux operating system is open-source and wide in application, and meets the requirement of direct deployment at a server and a cloud under the current cloud computing-based background.
In order to solve the above problem, embodiments of the present application provide a method, an apparatus, a device, and a storage medium for parsing an IPA file. And analyzing the executable file in the IPA compression software package to acquire the target file data and the size of the occupied space. And secondly, analyzing the resource packaging file and the configuration file to acquire the media information and the program configuration information in the IPA compression software package. And finally, analyzing the signature file in a mode of simulating the iOS environment and a mode of directly acquiring useful information. Thereby acquiring the file information in the IPA compression software package. The embodiment of the application can be deployed in the existing linux environment, does not need to depend on the limitation of a Mac OS or iOS operating system, can be used in a plug-and-play mode, and meets the requirements of the existing SaaS cloud service cloud computing.
The technical solutions proposed in the embodiments of the present application are described in detail below with reference to the accompanying drawings.
Fig. 1 is a flowchart of a signature parsing method according to an embodiment of the present application. As shown in fig. 1, the signature parsing method includes the following steps:
s101, the processor obtains the operation record of the application program corresponding to the IPA file to be analyzed, and establishes a simulation environment in the current operating system through the operation record.
In an embodiment of the application, the operating record of the application program corresponding to the IPA file is acquired in the MacOS system or the iOS system through the system authority.
Specifically, the permissions of a macOS system, an iOS system and a linux operating system are obtained through sudo, and the obtained permissions are root permissions mainly. And acquiring the running record of the application program corresponding to the IPA file in the memory of the MacOS system or the iOS system by using the acquired authority.
It should be noted that sudo is a linux system management instruction, which is a tool allowing a system administrator to let a common user execute some or all root commands, such as hash, rebot, su, and so on. In addition, the method for acquiring the root authority is not limited to sudo, and the user can acquire the authority in different modes according to actual operation requirements.
In an embodiment of the application, the obtained running record is run in the current system by using a simulator, and a simulated running environment of the application program is established in the current operating system.
Specifically, under the condition that the current system is the linux operating system, the simulator is used for recording the operation of the acquired program in the operation of the current linux operating system. Therefore, a simulation environment of a MacOS system or an iOS system is established on the linux operating system.
And S102, analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information.
In one embodiment of the present application, the environment is simulated by a MacOS system or an iOS system built on the linux operating system. And analyzing the signature file in the IPA file to obtain corresponding signature information.
In one embodiment of the present application, the signature files include mobileprovision and codesigture files. Therefore, the parsing of the signature file is the parsing of the mobileprovision file and the codesirture file.
It should be noted that the mobile provisioning is a device description file in the iOS development, and the file is in a binary format and contains certificate information, UUID information of the debugging device, bundle identifier, and the like. The codesication file stores a list of file hashes and the hash value of each file.
In another embodiment of the present application, the mobileprovision file and codesigture file are xml files encrypted by iOS. Therefore, the signature file in the IPA file can be analyzed by a method of reading only useful information, and the analyzed signature file information can be obtained.
Specifically, the file is opened through the vim command, the signature file in the IPA file is filtered by using the regular expression, and the encrypted information, the messy code information and the incomplete information are filtered to obtain the filtered file information. And using the filtered file information as signature file information of the IPA file. The signature file at least comprises one or more items of filtered file information, encrypted information, incomplete information and error information.
According to the embodiment of the application, the signature file is analyzed by a method of only reading useful information, so that the signature file information can be obtained in a short time, and the file analysis time is saved for a user.
In one embodiment of the present application, signature file information obtained in a simulation environment is compared with signature file information obtained by reading only useful information. To determine the correct signature file information.
Specifically, in order to ensure the correctness of the signature information obtained by analyzing the signature file, the signature file information obtained in the simulation environment may be compared with the signature file information obtained by reading only the useful information. And the acquired signature information can be viewed through a quick preview plug-in, such as provisionQL. When the two signature information are the same, it is determined that the currently obtained signature information is correct.
The signature information acquired by reading only useful information is information obtained by filtering information such as encryption and scrambling codes, and the necessary analysis time is short, but the amount of information is incomplete. And the signature file information obtained in the simulation environment is complete information, but the analysis time is longer.
It should be noted that the embodiments of the present application are not limited to the case where the signature file must be parsed by using the two parsing methods at the same time. In practical application, a user can independently select any one of the modes to analyze the signature file according to requirements.
For example, the user can select the signature information acquired by a method of reading only the useful information in a short time. Under the conditions of sufficient time and high requirement on the integrity of the analysis information, signature file information is obtained in a simulation environment.
S103, analyzing other files in the IPA file to acquire file information corresponding to the other files respectively.
In one embodiment of the present application, the IPA file is composed of a signature file and other files. Other files in the IPA file may include at least one or more of executable files, resource packaging files, Plist files, Nib files, dynamic libraries, static libraries, extension files, and material and data files within the IPA file. Therefore, parsing the other files in the IPA file means parsing at least one or more of the files separately.
In one embodiment of the application, a file in the IPA file, which is of the same type as the executable file, is parsed, and the storage information in the file and the size of the storage information are obtained.
It should be noted that the executable file is usually renamed with the IPA file, and belongs to the Mach-O file type. The Mach-O file is an executable file type under an iOS or macOS operating system, and mainly comprises two architectures: armv7 and arm 64. Basic composition of Mach-O document: header structure, load command, segment, and link information. Header information and load commands are used to describe the application type, and link information is like a symbol table, so the most important part in Mach-O is segment.
In one embodiment of the present application, the files in the IPA file that are of the same type as the executable file may include at least one or more of a dynamic library, a static library, an extension file, and a material file and a data file.
It should be noted that the executable file is obtained through four processes of preprocessing, compiling, assembling and linking. Preprocessing is to replace macros, delete annotations, expand header files, and generate the. i file. And in the compiling step, a lexical tree is constructed by using the preprocessed words, a syntax tree output AST is generated, and the AST is converted into a lower-level intermediate code. Optimizing the intermediate code to generate output assembly code, converting the previous i file into assembly language, and generating an s file. Assembly is the conversion of assembly language files into machine code files, resulting in o files. The link is a reference to where in the o file the reference to the other libraries, resulting in the final executable file.
In one embodiment of the application, the compiled binary files include a LinkMap file and a Mach-O file. The LinkMap is a file generated in the middle, such as a symbolic table class, the LinkMap shows the whole executable file, and lists the information of each compiled object file, including the information in the static link library, and the storage details of code segments and data segments of each object file.
In one embodiment of the present application, an executable file and a file of the same type as the executable file are parsed. The method specifically comprises the steps of obtaining header file data and size in a file and data and size of a plurality of target files, counting the sizes of the files belonging to the same static library, and determining the data size of the static library. Wherein, the header file data can be obtained by a decompilation method.
In one embodiment of the present application, the LinkMap has occupied size data for each object file, each method, and each data. Therefore, through the script, the final size of each o file can be counted, and the sum of the o files of one a static link library is the size of the space occupied by the library in the APP.
It should be noted that, since the Mach-O file is composed of Segment, the executable program is linked by the O file. The size of these o files, therefore, may reflect the size of the executable file.
The embodiment of the application can be used for parameter expansion according to practical application and directly quoted to the binary executable file. And according to the current operating system, generating an executable file suitable for the current operating environment by using xmake compiling.
In one embodiment of the present application, the resource packaging file in the IPA file is decompressed to obtain the media information. The media information at least comprises one or more items of icons and loading graphs.
In particular, resource packaging files, namely, assets. Media information such as IPA icons, load maps, etc. may be obtained.
In one embodiment of the application, files in the IPA file with the same type as the xml file are analyzed, and configuration information of the application program is obtained. Plist files can be parsed, for example.
Specifically, xml is irrelevant to development platforms of an operating system and a programming language, and data interaction between different systems can be realized. For example: configuring an application program and a website, data interaction, Ajax cornerstone and the like. The xml file is parsed by reading and writing a Mac OS X Plist (attribute list) file. For example, a DOM parser is used to parse the xml file.
In one embodiment of the present application, the application icon of IPA/. xcachive, or the expiration status and device count of mobile provisioning, may be determined by the corresponding thumbnail of the application in the IPA file. Information such as the UUID, the certificate and the right of the equipment can be acquired through quick-look preview.
And S104, obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis.
In one embodiment of the present application, the IPA file includes a signature file and other files. The IPA file information can be obtained by parsing the signature file and other files, respectively.
According to the embodiment of the application, different files in the IPA file are analyzed respectively under the linux operating system, the macos or iOS environment can be separated, and cross-platform analysis of the iOS APP is achieved. In addition, the speed of the embodiment of the application is not greatly different from that of a native platform in the environment such as CentOS, RedHat and the like. Has better stability and expansibility.
Fig. 2 is a schematic structural diagram of a signature analysis device according to an embodiment of the present application, where the device includes: a simulation environment establishing unit 201, a signature file parsing unit 202, another file parsing unit 203, and a file parsing unit 204.
The simulation environment establishing unit 201 is configured to acquire an operation record of an application program corresponding to an IPA file to be analyzed, and establish a simulation environment in a current operating system through the operation record;
a signature file analyzing unit 202, configured to analyze the signature file in the IPA file in the simulation environment to obtain analyzed signature file information;
the other file analyzing unit 203 analyzes other files in the IPA file to acquire file information corresponding to the other files respectively;
the file analysis unit 204 obtains the IPA file information through the signature file information and the file information corresponding to the other files, and completes IPA file analysis.
Further, the apparatus further comprises:
an obtaining operation recording unit 205, which obtains the operation record of the application program corresponding to the IPA file in the MacOS system or the iOS system through the system authority;
further, the apparatus further comprises:
a signature file analyzing unit 206 for analyzing the signature file in the IPA file by using a method of reading only useful information to obtain analyzed signature file information;
and a correct signature file information determining unit 207 configured to compare the signature file information obtained in the simulated environment with the signature file information obtained by reading only the useful information to determine correct signature file information.
Further, the apparatus further comprises:
a signature file filtering unit 208 for filtering the signature files in the IPA file to obtain filtered file information; and using the filtered file information as signature file information of the IPA file.
Further, the apparatus further comprises:
a file analysis unit 209 having the same type as the executable file analyzes a file having the same type as the executable file in the IPA file, and acquires storage information in the file and the size of the storage information;
a resource packaging file decompressing unit 210, which decompresses the resource packaging file in the IPA file to obtain the media information;
the file analysis unit 211 having the same file type as the xml file analyzes a file having the same file type as the xml file in the IPA file, and acquires configuration information of the application program.
Further, the file parsing unit 209 having the same type as the executable file specifically includes:
an analysis unit 212, which analyzes one or more items of executable files, dynamic libraries, static libraries, extension files, material files and data files in the IPA file;
the statistical unit 213 obtains the header file data and size and the target file data and size in the file, and performs statistics on the file sizes belonging to the same static library to determine the data size of the static library.
Fig. 3 is a schematic diagram of an internal structure of a signature parsing device according to an embodiment of the present application, where the device includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
acquiring an operation record of an application program corresponding to an IPA file to be analyzed, and establishing a simulation environment in a current operating system through the operation record;
analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information;
analyzing other files in the IPA file to acquire file information corresponding to the other files respectively;
and obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis.
A non-volatile computer storage medium provided in an embodiment of the present application stores computer-executable instructions configured to:
acquiring an operation record of an application program corresponding to an IPA file to be analyzed, and establishing a simulation environment in a current operating system through the operation record;
analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information;
analyzing other files in the IPA file to acquire file information corresponding to the other files respectively;
and obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis.
The embodiments in the present application are described in a progressive manner, and the same and similar parts among the embodiments can be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the embodiments of the apparatus, the device, and the nonvolatile computer storage medium, since they are substantially similar to the embodiments of the method, the description is simple, and for the relevant points, reference may be made to the partial description of the embodiments of the method.
The foregoing description of specific embodiments of the present application has been presented. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art to which the embodiments of the present application pertain. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the embodiments of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A method for parsing an IPA file, the method comprising:
acquiring an operation record of an application program corresponding to an IPA file to be analyzed, and establishing a simulation environment in a current operating system through the operation record;
analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information;
analyzing other files in the IPA file to acquire file information corresponding to the other files respectively;
and obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis.
2. The method according to claim 1, wherein the acquiring an operation record of an application program corresponding to the IPA file to be parsed, and establishing a simulation environment in a current operating system through the operation record specifically comprises:
acquiring the running record of the application program corresponding to the IPA file in a MacOS system or an iOS system through system authority;
and operating the acquired operation record in the current system by using a simulator, and establishing a simulated operation environment of the application program in the current operating system.
3. The method for parsing an IPA file according to claim 1, further comprising:
analyzing the signature file in the IPA file by using a method of only reading useful information to obtain analyzed signature file information;
and comparing the signature file information obtained in the simulated environment with the signature file information obtained by only reading the useful information to determine correct signature file information.
4. The method for parsing an IPA file according to claim 3, wherein the method for reading only useful information specifically comprises:
filtering the signature file in the IPA file to obtain filtered file information; taking the filtered file information as signature file information of the IPA file;
wherein the signature file at least comprises one or more items of filtered file information, encrypted information, incomplete information and information with errors.
5. The method according to claim 1, wherein the parsing other files in the IPA file comprises:
and respectively analyzing one or more of executable files, resource packaging files, Plist files, Nib files, dynamic libraries, static libraries, extension files, material files and data files in the IPA files.
6. The method according to claim 5, wherein the acquiring file information corresponding to the other files comprises:
analyzing a file with the same type as an executable file in the IPA file, and acquiring storage information in the file and the size of the storage information;
decompressing the resource packaging file in the IPA file to acquire media information; wherein the media information at least comprises one or more items of icons and loading graphs;
and analyzing the files with the same type as the xml files in the IPA files to acquire the configuration information of the application program.
7. The method according to claim 6, wherein the parsing a file of the same type as an executable file in the IPA file to obtain the storage information in the file and the size of the storage information comprises:
analyzing one or more items of executable files, dynamic libraries, static libraries, extension files, material files and data files in the IPA file;
acquiring the data and the size of a header file and the data and the size of a plurality of target files in the file, counting the sizes of the files belonging to the same static library, and determining the data size of the static library.
8. An apparatus for parsing an IPA file, comprising:
the simulation environment establishing unit is used for acquiring the operation record of the application program corresponding to the IPA file to be analyzed and establishing a simulation environment in the current operating system through the operation record;
the signature file analysis unit is used for analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information;
the other file analyzing unit is used for analyzing other files in the IPA file to acquire file information corresponding to the other files respectively;
and the file analysis unit is used for obtaining the IPA file information through the signature file information and the file information corresponding to other files respectively, and completing IPA file analysis.
9. An apparatus for parsing an IPA file, comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
acquiring an operation record of an application program corresponding to an IPA file to be analyzed, and establishing a simulation environment in a current operating system through the operation record;
analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information;
analyzing other files in the IPA file to acquire file information corresponding to the other files respectively;
and obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis.
10. A non-transitory computer storage medium storing computer-executable instructions configured to:
acquiring an operation record of an application program corresponding to an IPA file to be analyzed, and establishing a simulation environment in a current operating system through the operation record;
analyzing the signature file in the IPA file in the simulation environment to obtain analyzed signature file information;
analyzing other files in the IPA file to acquire file information corresponding to the other files respectively;
and obtaining the IPA file information through the signature file information and the file information corresponding to the other files respectively, and completing IPA file analysis.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110120487.7A CN112953721B (en) | 2021-01-28 | 2021-01-28 | IPA file analysis method, IPA file analysis device, IPA file analysis equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110120487.7A CN112953721B (en) | 2021-01-28 | 2021-01-28 | IPA file analysis method, IPA file analysis device, IPA file analysis equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112953721A true CN112953721A (en) | 2021-06-11 |
| CN112953721B CN112953721B (en) | 2023-04-14 |
Family
ID=76238887
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110120487.7A Active CN112953721B (en) | 2021-01-28 | 2021-01-28 | IPA file analysis method, IPA file analysis device, IPA file analysis equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112953721B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116594803A (en) * | 2023-07-17 | 2023-08-15 | 深圳软牛科技有限公司 | MacOS repairing method and device based on processing chip and related medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130047150A1 (en) * | 2006-08-29 | 2013-02-21 | Adobe Systems Incorporated | Software installation and process management support |
| CN103488466A (en) * | 2012-06-11 | 2014-01-01 | 联想(北京)有限公司 | Method and device for executing application program |
| CN107450937A (en) * | 2016-05-31 | 2017-12-08 | 中兴通讯股份有限公司 | The operation method and running gear of a kind of application program |
| CN108399331A (en) * | 2017-02-06 | 2018-08-14 | 腾讯科技(深圳)有限公司 | Application process trial method and system |
| CN109144575A (en) * | 2017-06-16 | 2019-01-04 | 北京海誉动想科技股份有限公司 | Device, method, electronic equipment and the memory of cross operating system operation application |
| CN110955452A (en) * | 2019-09-05 | 2020-04-03 | 华为技术有限公司 | Non-invasive interaction method and electronic equipment |
| CN112099802A (en) * | 2020-09-18 | 2020-12-18 | 腾讯科技(深圳)有限公司 | Component identification method and device of application program |
-
2021
- 2021-01-28 CN CN202110120487.7A patent/CN112953721B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130047150A1 (en) * | 2006-08-29 | 2013-02-21 | Adobe Systems Incorporated | Software installation and process management support |
| CN103488466A (en) * | 2012-06-11 | 2014-01-01 | 联想(北京)有限公司 | Method and device for executing application program |
| CN107450937A (en) * | 2016-05-31 | 2017-12-08 | 中兴通讯股份有限公司 | The operation method and running gear of a kind of application program |
| CN108399331A (en) * | 2017-02-06 | 2018-08-14 | 腾讯科技(深圳)有限公司 | Application process trial method and system |
| CN109144575A (en) * | 2017-06-16 | 2019-01-04 | 北京海誉动想科技股份有限公司 | Device, method, electronic equipment and the memory of cross operating system operation application |
| CN110955452A (en) * | 2019-09-05 | 2020-04-03 | 华为技术有限公司 | Non-invasive interaction method and electronic equipment |
| CN112099802A (en) * | 2020-09-18 | 2020-12-18 | 腾讯科技(深圳)有限公司 | Component identification method and device of application program |
Non-Patent Citations (1)
| Title |
|---|
| ICHENFY: "《iOS ipa包解析》", 《CSDN》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116594803A (en) * | 2023-07-17 | 2023-08-15 | 深圳软牛科技有限公司 | MacOS repairing method and device based on processing chip and related medium |
| CN116594803B (en) * | 2023-07-17 | 2023-11-07 | 深圳软牛科技有限公司 | MacOS repairing method and device based on processing chip and related medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112953721B (en) | 2023-04-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112394942B (en) | Distributed software development compiling method and software development platform based on cloud computing | |
| CN108536451B (en) | Method and device for embedding embedded point of application program | |
| CN110188135B (en) | File generation method and equipment | |
| CN111176717B (en) | Method and device for generating installation package and electronic equipment | |
| CN111382070A (en) | Compatibility testing method and device, storage medium and computer equipment | |
| CN111198863A (en) | Rule engine and implementation method thereof | |
| CN106933642B (en) | Application program processing method and processing device | |
| CN113568839A (en) | Method, device, equipment and medium for software testing and statistical test coverage rate | |
| CN108052327A (en) | A kind of kernel module compiling, loading method and device | |
| CN112905447B (en) | Test method and system for block chain virtual machine | |
| CN112241360A (en) | Test case generation method, device, equipment and storage medium | |
| CN112328259A (en) | Compiling time length processing method and device | |
| CN112965720A (en) | Component compiling method, device, equipment and computer readable storage medium | |
| CN112953721B (en) | IPA file analysis method, IPA file analysis device, IPA file analysis equipment and storage medium | |
| CN111966760A (en) | Hive data warehouse-based test data generation method and device | |
| CN113094252A (en) | Test case generation method and device, computer equipment and storage medium | |
| US11755458B2 (en) | Automatic software behavior identification using execution record | |
| CN109284222B (en) | Software unit, project testing method, device and equipment in data processing system | |
| CN111240987B (en) | Method and device for detecting migration program, electronic equipment and computer readable storage medium | |
| CN117370203A (en) | Automatic test method, system, electronic equipment and storage medium | |
| CN110826074A (en) | Application vulnerability detection method and device and computer readable storage medium | |
| CN115952089A (en) | Software automation unit testing method and device, server and storage medium | |
| CN115098158A (en) | SDK packaging method and device, computer equipment and storage medium | |
| CN114816816A (en) | Collapse stack information processing method, device, equipment and storage medium | |
| CN114356783A (en) | Method and device for automatically generating unit test code, storage medium and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20230215 Address after: 250101 Inspur science and Technology Park, 1036 Inspur Road, hi tech Zone, Jinan City, Shandong Province Applicant after: Inspur Genersoft Co.,Ltd. Address before: 250101 Inspur science and Technology Park, 1036 Inspur Road, hi tech Zone, Jinan City, Shandong Province Applicant before: SHANDONG INSPUR GENESOFT INFORMATION TECHNOLOGY Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |