[Soot-list] Query Regarding Soot
Alexandre Bartel
alexandre.bartel at cased.de
Mon Aug 25 04:35:53 EDT 2014
Hi Lokesh,
What you need is a mapping between API methods and permissions.
You can find such mappings here for instance:
http://pscout.csl.toronto.edu/
With Soot you can get the list of all methods that are called from an
Android application by going through "statements" of all methods of all
classes present in the Android apk. The code should look like this
(within a "Scene Transformer":
http://www.bodden.de/2008/11/26/soot-packs/ ):
for (SootClass sc: Scene.v().getApplicationClasses()) {
for (SootMethod sm: sc.getMethods()) {
if (!sm.isConcrete())
continue;
Body b = sm.getActiveBody();
if (b == null)
continue;
for (Unit u: b.getUnits()) {
Stmt s = (Stmt)u;
if (!s.containsInvokeExpr())
continue;
String methodSig = s.getInvokeExpr().getMethodRef().toString();
// you keep only methods that are in your mapping
}
}
}
Cheers,
Alexandre
On Sat, 2014-08-23 at 16:05 +0530, LOKESH JAIN wrote:
> Hi,
>
>
> Is there any utility in Soot, that would help me get all the API's
> used in an application.?
>
>
> I want the list of Sensitive API's that are used in .apk file i.e
> those API's for whom corresponding permissions are declared in
> manifest file. If i could get this then it would be awesome otherwise
> if i can get all API's used in an .apk file that would also work.
>
>
> Any help would be appreciated.
>
> Thanks & Regards
>
> Lokesh Jain
> MS in CSE
> IIIT Hyderabad
>
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
More information about the Soot-list
mailing list