[Soot-list] Using Soot to facilitate dynamic analysis of Android apps

Steven Arzt Steven.Arzt at cased.de
Mon Apr 14 03:36:38 EDT 2014 

Hi Modhi,

 

The easiest way to log the use of sensitive information ist o implement a BodyTransformer, iterate over all units in the respective body and if it’s a call to an Android OS method that reads out sensitive information (i.e., a source) or that sends out information to some external receiver (i.e., a sink), you insert a new statement that logs this action. You should find an example that detects, inserts, and removes statements from Jimple bodies in out tutorial.

 

Best regards,

  Steven

 

Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Modhi Alsobiehy
Gesendet: Freitag, 11. April 2014 18:23
Cc: soot-list at sable.mcgill.ca
Betreff: Re: [Soot-list] Using Soot to facilitate dynamic analysis of Android apps

 

Hi Steven,





Thanks for responding!

This is a very good point, and i am wondering how to cover it using soot?? 

 

-Best,

Modhi


On Apr 8, 2014, at 4:22 PM, "Steven Arzt" <Steven.Arzt at cased.de> wrote:

Hi Modhi,

 

This sounds fine – given that you are ok with missing sensitive behavior in obfuscated apps that use reflective method calls or native code. But otherwise, Soot can help you with instrumenting the logging code into the APK just as described in our tutorial.

 

Best regards,

  Steven

 

From: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] On Behalf Of Modhi Alsobiehy
Sent: Dienstag, 8. April 2014 22:21
To: soot-list at sable.mcgill.ca
Subject: [Soot-list] Using Soot to facilitate dynamic analysis of Android apps

 

Hi All,

 

I want to do a real time analysis of Android apps. to start, I need to observe the dynamic behavior of the application and log all the activities that involve requesting or sending certain information. to do that, I am thinking of following the same scheme in “Instrumenting Android” tutorial. Basically: use soot to jimplify the apk ; find the invoked expressions that involve these operations; insert some code to log them in a text file; dexify, sign and repackage.

 

Am I thinking it right? is using Soot will help accomplishing this task?

 

-Best,

modhi

_______________________________________________
Soot-list mailing list
Soot-list at CS.McGill.CA
https://mailman.CS.McGill.CA/mailman/listinfo/soot-list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20140414/7a9439cb/attachment.html

More information about the Soot-list mailing list