[Soot-list] Regenerating Androidmanifest.xml file after Instrumenting Android

Steven Arzt Steven.Arzt at cased.de
Mon Oct 20 09:27:26 EDT 2014 

Can you please send me a minimal working example (a full, but small test case that I can just run) and the APK on which you were trying it?

 

Von: Modhi Alsobiehy [mailto:m99m20 at hotmail.com] 
Gesendet: Sonntag, 19. Oktober 2014 10:48
An: Steven Arzt
Cc: soot-list at CS.McGill.CA; soot-list at sable.mcgill.ca
Betreff: Re: AW: AW: [Soot-list] Regenerating Androidmanifest.xml file after Instrumenting Android

 

Hi Steven,

 

-- Duplicate node issue resolved, thank you!

 

-- The renaming issue with the apkHandler still not resolved! I checked the properties of the apk file and “full access” is granted for everyone! I'm not sure what I'm missing!!

 

-- Another issue with the regenerated manifest, I tried to replace it manually; repackaged, signed and zipaligned the apk; yet when I retested the code on the new apk and I got the following exception from the line: ProcessManifest pm = new ProcessManifest(apkFile);

Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 763

at android.content.res.StringBlock.getShort(StringBlock.java:231)

at android.content.res.StringBlock.getString(StringBlock.java:91)

at android.content.res.AXmlResourceParser.getName(AXmlResourceParser.java:140)

at soot.jimple.infoflow.android.axml.parsers.AXMLPrinter2Parser.parseFile(Unknown Source)

at soot.jimple.infoflow.android.axml.AXmlHandler.<init>(Unknown Source)

at soot.jimple.infoflow.android.axml.AXmlHandler.<init>(Unknown Source)

at soot.jimple.infoflow.android.manifest.ProcessManifest.handle(Unknown Source)

at soot.jimple.infoflow.android.manifest.ProcessManifest.<init>(Unknown Source)

I used the apktool to decode the apk and retrieved the regenerated manifest , this is part of it(1) vs the same part of the original(2):

(1)

<?xml version="1.0" encoding="utf-8"?>
<manifest package="epic.mychart.android" android:minSdkVersion="7" android:versionCode="9" android:versionName="3.0.1"
  xmlns:android="http://schemas.android.com/apk/res/android">
    <uses-permission android:name="android.permission.READ_LOGS" />
    <permission android:name="epic.mychart.MyChart" android:protectionLevel="signature" />
    <uses-permission android:name="android.permission.INTERNET" />
    <uses-permission android:name="android.permission.CALL_PHONE" />
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
    <uses-permission android:name="android.permission.GET_TASKS" />
    <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
    <uses-permission android:name="epic.mychart.MyChart" />
    <uses-feature android:name="android.hardware.telephony" android:required="false" />
    <uses-feature android:name="android.hardware.touchscreen" android:required="true" />
    <uses-feature android:name="android.hardware.location" android:required="false" />
    <uses-feature android:name="android.hardware.location.network" android:required="false" />
    <application android:theme="@style/MyChartThemeNoTitle" android:label="MyChart" android:icon="@drawable/launchericon">

 

(2)

<?xml version="1.0" encoding="utf-8"?>
<manifest android:minSdkVersion="7" android:versionCode="9" android:versionName="3.0.1" package="epic.mychart.android"
  xmlns:android="http://schemas.android.com/apk/res/android">
    <permission android:name="epic.mychart.MyChart" android:protectionLevel="signature" />
    <uses-permission android:name="android.permission.INTERNET" />
    <uses-permission android:name="android.permission.CALL_PHONE" />
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
    <uses-permission android:name="android.permission.GET_TASKS" />
    <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
    <uses-permission android:name="epic.mychart.MyChart" />
    <uses-feature android:name="android.hardware.telephony" android:required="false" />
    <uses-feature android:name="android.hardware.touchscreen" android:required="true" />
    <uses-feature android:name="android.hardware.location" android:required="false" />
    <uses-feature android:name="android.hardware.location.network" android:required="false" />
    <application android:theme="@style/MyChartThemeNoTitle" android:label="MyChart" android:icon="@drawable/launchericon">

 

Could this be the cause of the exception?!

 

Thank you for your time and help!

-Modhi        

Sent from Windows Mail

 

From: Steven Arzt <mailto:Steven.Arzt at cased.de> 
Sent: ‎Thursday‎, ‎October‎ ‎16‎, ‎2014 ‎8‎:‎45‎ ‎AM
To: Modhi Alsobeihy <mailto:m99m20 at hotmail.com> 
Cc: soot-list at CS.McGill.CA, soot-list at sable.mcgill.ca

 

Hi Modhi,


The problem with the duplicate node should have been fixed in one of my last commits from a couple of days ago. Please make sure that you are really using the newest version of the soot-infoflow-android project.

 

Concerning the renaming problem: The ApkHandler class modifies the original APK, i.e., the one you have loaded, and replaces it with the new version with the modified manifest file. Make sure that the original APK file is not write-protected and that you have permission to move / replace the file.

 

Best regards,

  Steven

 

Von: Modhi Alsobiehy [mailto:m99m20 at hotmail.com] 
Gesendet: Donnerstag, 16. Oktober 2014 15:13
An: Steven Arzt
Cc: soot-list at CS.McGill.CA; soot-list at sable.mcgill.ca
Betreff: Re: AW: [Soot-list] Regenerating Androidmanifest.xml file after Instrumenting Android

 

Hi Steven,

 

-- Thank you for your fast reply!

-- Something I forgot to mention, is it necessary to call:

 axmlh.getRoot().addChild(newAXmlNode);

because when I checked the new manifest, I found that the permission was added twice- I believe the first addition because of referencing the parent node-!!

 

-- This is the code I used after doing the required changes in the axmlhandler,

byte[] axmlBA = axmlh.toByteArray();

FileOutputStream fileOuputStream = new FileOutputStream(".\\AndroidManifest.xml"); 

fileOuputStream.write(axmlBA);

fileOuputStream.close();

List<File> fileList = new ArrayList<File>();

File newManifest = new File(".\\AndroidManifest.xml");

fileList.add(newManifest);

ApkHandler apkH = new ApkHandler(apk);

apkH.addFilesToApk(fileList);

and it is generating the following exception:

Exception in thread "main" java.lang.RuntimeException: could not rename the file D:\apks\location.apk to C:\Users\owner\AppData\Local\Temp\location.apk8599660687333204456.tmp

at soot.jimple.infoflow.android.axml.ApkHandler.addFilesToApk(Unknown Source)

at soot.jimple.infoflow.android.axml.ApkHandler.addFilesToApk(Unknown Source)

Thank you!

 

Sent from Windows Mail

 

From: Steven Arzt <mailto:Steven.Arzt at cased.de> 
Sent: ‎Thursday‎, ‎October‎ ‎16‎, ‎2014 ‎4‎:‎51‎ ‎AM
To: Modhi Alsobeihy <mailto:m99m20 at hotmail.com> 
Cc: soot-list at CS.McGill.CA, soot-list at sable.mcgill.ca

 

Hi Modhi,

 

I am glad to hear that your original problem has been resolved.

 

What do you mean by “no luck”? What exactly happens? What exactly are you trying (i.e. give me the code)?`

 

Best regards,

  Steven

 

Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Modhi Alsobiehy
Gesendet: Donnerstag, 16. Oktober 2014 07:32
Cc: soot-list at CS.McGill.CA; soot-list at sable.mcgill.ca
Betreff: Re: [Soot-list] Regenerating Androidmanifest.xml file after Instrumenting Android

 

Hi Steven,

 

I updated the jars and the problem resolved! Thank you!

 

Another thing please!

I have been trying to add the new manifest into the apk using the apkhandler but no luck! 

I would really appreciate any help!! 

 

-Best,

Modhi


On Oct 13, 2014, at 7:38 AM, "Steven Arzt" <Steven.Arzt at cased.de> wrote:

Hi Modhi,

 

I cannot reproduce your problem with the newest version of FlowDroid. I have fixed some issues with the XML manipulation classes over the last week, so please try again. This is my code:

 

             AXmlNode newAXmlNode = new AXmlNode("uses-permission", null, axmlh.getRoot());

             newAXmlNode.addAttribute(new AXmlAttribute<String>("name", "android.permission.READ_LOGS",

                           "http://schemas.android.com/apk/res/android"));

             axmlh.getRoot().addChild(newAXmlNode);

 

Make sure to get the namespace right, that was wrong in your code.

 

Best regards,

  Steven

 

Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Modhi Alsobiehy
Gesendet: Montag, 13. Oktober 2014 00:42
An: Steven Arzt
Cc: soot-list at CS.McGill.CA; soot-list at sable.mcgill.ca
Betreff: Re: [Soot-list] Regenerating Androidmanifest.xml file after Instrumenting Android

 

Your quick response is highly appreciated!

 

-Thank you!

Modhi


On Oct 9, 2014, at 12:34 AM, "Modhi Alsobiehy" <m99m20 at hotmail.com> wrote:

Hi Steven,

I'm getting the following exception from the line calling toByteArray() and I couldn’t figure out how to fix it or what I have done wrong!!

Exception in thread "main" java.lang.ClassCastException: java.lang.String cannot be cast to java.lang.Integer

at pxb.android.axml.AxmlWriter$NodeImpl.write(AxmlWriter.java:238)

at pxb.android.axml.AxmlWriter$NodeImpl.write(AxmlWriter.java:254)

at pxb.android.axml.AxmlWriter.toByteArray(AxmlWriter.java:388)

at soot.jimple.infoflow.android.axml.AXmlHandler.toByteArray(Unknown Source)

this is the code responsible for a regenerating the manifest file, the axmlhandler instance is updated with the new axmlnode 

 

File apkFile = new File(apk);

ProcessManifest pm = new ProcessManifest(apkFile);

AXmlHandler axmlh = pm.getAXml(); 

AXmlNode newAXmlNode = new AXmlNode("uses-permission", null, axmlh.getRoot());

newAXmlNode.addAttribute(new AXmlAttribute("name", "android.permission.READ_LOGS", null));

AXmlNode temp = axmlh.getRoot().addChild(newAXmlNode);

byte[] axmlBA = axmlh.toByteArray();

FileOutputStream fileOuputStream = new FileOutputStream(".\\AndroidManifest.xml"); 

fileOuputStream.write(axmlBA);

fileOuputStream.close();

 Thank you,,

Modhi

 

 

 

From: Steven Arzt <mailto:Steven.Arzt at cased.de> 
Sent: ‎Monday‎, ‎September‎ ‎29‎, ‎2014 ‎7‎:‎20‎ ‎AM
To: Modhi Alsobeihy <mailto:m99m20 at hotmail.com> 
Cc: soot-list at sable.mcgill.ca, soot-list at CS.McGill.CA

 

_______________________________________________
Soot-list mailing list
Soot-list at CS.McGill.CA
https://mailman.CS.McGill.CA/mailman/listinfo/soot-list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20141020/205731ff/attachment-0003.html

More information about the Soot-list mailing list