[Soot-list] Generating Android APK CallFlowGraph

Steven Arzt Steven.Arzt at cased.de
Wed Jul 9 09:25:52 EDT 2014 

Hi Jin,

 

Just place the AndroidCallbacks.txt file into the root of your project directory. It is read as “./AndroidCallbacks.txt”. Call graph construction for Android is not really contained in a tutorial (though some of it is explained in the FlowDroid paper), but I have posted sample code on this mailing list quite a few times. The basic idea is to first generate a dummy main method – you can write your own code for this or you can use the one contained in FlowDroid which is pretty sophisticated as it correctly emulates the Android lifecycle and conservatively overapproximates callbacks. Once you have the dummy main method, you define it as Soot’s entry point and use Soot’s normal callgraph construction methods for which there is plenty of documentation (the command-line reference, the SPARK paper, etc.).

 

Best regards,

  Steven

 

Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Jin Li
Gesendet: Mittwoch, 9. Juli 2014 15:22
An: Modhi Alsobiehy
Cc: soot-list at CS.McGill.CA; Steven Arzt; soot-list at sable.mcgill.ca
Betreff: Re: [Soot-list] Generating Android APK CallFlowGraph

 

Hi Steven,

I also have this problem.  

How to correctly add the callbacks.txt into infoflow? 

Are there any tutorials and examples about the call graph construction of android ?  They are in dire need.

 

2014-07-09 20:17 GMT+08:00 Modhi Alsobiehy <m99m20 at hotmail.com>:

Hi Steven, thanks for responding!

I have been trying to add it but could not figure it out!

would you please clarify what method is associated with it?

 

Thanx again!

 

Sent from Windows Mail

 

From: Steven Arzt <mailto:Steven.Arzt at cased.de> 
Sent: ‎Tuesday‎, ‎July‎ ‎8‎, ‎2014 ‎2‎:‎25‎ ‎AM
To: Modhi Alsobeihy <mailto:m99m20 at hotmail.com> , soot-list at CS.McGill.CA, soot-list at sable.mcgill.ca

 

Hi Modhi,

 

You are missing the AndroidCallbacks.txt file which defines the callback interfaces there are in Android. You can obtain it from:

 

https://raw.githubusercontent.com/secure-software-engineering/soot-infoflow-android/develop/AndroidCallbacks.txt

 

Best regards,

  Steven

 

Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Modhi Alsobiehy
Gesendet: Dienstag, 8. Juli 2014 03:51
An: soot-list at CS.McGill.CA; soot-list at sable.mcgill.ca
Betreff: Re: [Soot-list] Generating Android APK CallFlowGraph

 

Problem resolved! some jars were added twice with different paths!

however now another error appeared!

 

Exception in thread "main" java.lang.RuntimeException: Callback definition file not found

at soot.jimple.infoflow.android.AnalyzeJimpleClass.loadAndroidCallbacks(Unknown Source)

at soot.jimple.infoflow.android.AnalyzeJimpleClass.<init>(Unknown Source)

at soot.jimple.infoflow.android.SetupApplication.calculateCallbackMethods(Unknown Source)

at soot.jimple.infoflow.android.SetupApplication.calculateSourcesSinksEntrypoints(Unknown Source)

at soot.jimple.infoflow.android.SetupApplication.calculateSourcesSinksEntrypoints(Unknown Source)

at apkCFG.CFG.main(CFG.java:25)

I checked the classes and these methods don’t appear in the browser tab, I tried another nightly build jars and still having the same error!

any idea how to resolve this issue??

Thank you!

 

 

Sent from Windows Mail

 

From: Modhi Alsobeihy <mailto:m99m20 at hotmail.com> 
Sent: ‎Saturday‎, ‎July‎ ‎5‎, ‎2014 ‎12‎:‎34‎ ‎PM
To: soot-list at CS.McGill.CA, soot-list at sable.mcgill.ca

 

Hi all,

I need to traverse the call flow graph of android apps( apk files).

I understand that I must set an entry point so to start, I tried the following code :

 

----------------------------------------------------------------------------------------------------

mport java.io.IOException;

import java.util.Collections;

import org.xmlpull.v1.XmlPullParserException;

import soot.PackManager;

import soot.Scene;

import soot.SootMethod;

import soot.jimple.infoflow.android.SetupApplication;

import soot.options.Options;

public class CFG {

public CFG() {

// TODO Auto-generated constructor stub

}

public static void main(String[] args) {

// TODO Auto-generated method stub

SetupApplication app = new SetupApplication("D:/AndroidADT/adt-bundle-windows-x86_64-20131030/sdk/platforms","D:/APKs/location.apk");

try {

app.calculateSourcesSinksEntrypoints("D:/FlowDroid/SourcesAndSinks.txt");

} catch (IOException e) {

// TODO Auto-generated catch block

e.printStackTrace();

} catch (XmlPullParserException e) {

// TODO Auto-generated catch block

e.printStackTrace();

}

soot.G.reset();

Options.v().set_src_prec(Options.src_prec_apk);

Options.v().set_process_dir(Collections.singletonList("D:/APKs/location.apk"));

Options.v().set_android_jars("D:/AndroidADT/adt-bundle-windows-x86_64-20131030/sdk/platforms");

Options.v().set_whole_program(true);

Options.v().set_allow_phantom_refs(true);

Options.v().set_output_format(Options.output_format_none);

Options.v().setPhaseOption("cg.spark", "on");

Scene.v().loadNecessaryClasses(); 

SootMethod entryPoint = app.getEntryPointCreator().createDummyMain();

Options.v().set_main_class(entryPoint.getSignature());

Scene.v().setEntryPoints(Collections.singletonList(entryPoint));

System.out.println(entryPoint.getActiveBody());

PackManager.v().runPacks();

System.out.println(Scene.v().getCallGraph().size());

}

}

---------------------------------------------------------------------------------------------------------------------

Unfortunately, I am getting the following error:

Exception in thread "main" java.lang.NoClassDefFoundError: pxb/android/axml/NodeVisitor

at soot.jimple.infoflow.android.manifest.ProcessManifest.handle(Unknown Source)

at soot.jimple.infoflow.android.manifest.ProcessManifest.<init>(Unknown Source)

at soot.jimple.infoflow.android.manifest.ProcessManifest.<init>(Unknown Source)

at soot.jimple.infoflow.android.SetupApplication.calculateSourcesSinksEntrypoints(Unknown Source)

at soot.jimple.infoflow.android.SetupApplication.calculateSourcesSinksEntrypoints(Unknown Source)

at apkCFG.CFG.main(CFG.java:25)

Caused by: java.lang.ClassNotFoundException: pxb.android.axml.NodeVisitor

at java.net.URLClassLoader$1.run(Unknown Source)

at java.net.URLClassLoader$1.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at java.net.URLClassLoader.findClass(Unknown Source)

at java.lang.ClassLoader.loadClass(Unknown Source)

at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)

at java.lang.ClassLoader.loadClass(Unknown Source)

... 6 more

 

Any help or advise on how to do that would be deeply appreciated!

Thanx!!

 

 

Sent from Windows Mail

 


_______________________________________________
Soot-list mailing list
Soot-list at CS.McGill.CA
https://mailman.CS.McGill.CA/mailman/listinfo/soot-list

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20140709/6fa7ab13/attachment-0003.html

More information about the Soot-list mailing list