[Soot-list] Android APK Analysis
Steven Arzt
Steven.Arzt at cased.de
Mon Mar 31 03:30:31 EDT 2014
Hi Modhi,
Soot translates Android APK / dex files to Jimple just as it would do with
Java class or source files. When writing the output, the new APK / dex files
are generated from Jimple just as it would be with Java class files. So the
process of using the Jimple method bodies is no different to the Soot user.
Still, if you want to perform e.g. a static analysis, you have to keep the
Android semantics (i.e. the lifecycle) in mind, but this is a semantic
problem.
If you get empty bodies, something's obviously wrong. Could you provide the
source code you have used? There are quite some tutorials about using Soot
for Android out there... If you need a good one:
http://sseblog.ec-spride.de/tutorials/ Look for the RV2013 paper and the
CCS2013 slides.
Best regards,
Steven
-----Ursprüngliche Nachricht-----
Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA]
Im Auftrag von Modhi Alsobiehy
Gesendet: Sonntag, 30. März 2014 16:39
An: Soot list
Betreff: [Soot-list] Android APK Analysis
Hi all,
I have two questions:
1. Once I follow the android instrumentation tutorial, do I use soot
normally as in analyzing java?? i am not sure what i am missing, i literally
copied and pasted the the code provided in the tutorial - with some
adjustments of course- and i noticed that whatever apk file i analyze, the
produced jimple files are empty-body!!
2. i have been told about JVM TI to analyze dex files. For those who tried
it, in comparison with soot, which one is more powerful if we need insert
some code to monitor data transmission behavior of an app??
-Best,
Modhi
_______________________________________________
Soot-list mailing list
Soot-list at CS.McGill.CA
https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
More information about the Soot-list
mailing list