[Soot-list] Android App Manipulation with Soot
Marc Miltenberger
Marc at miltenberger.eu
Fri Jul 8 08:01:04 EDT 2016
Hi,
this looks like a soot bug.
05-29 15:12:51.962 4255 4255 W art : Failure to verify dex file
'/data/app/com.example.webb.test4-1/base.apk': Invalid type descriptor:
'Ljava/lang/'annotation'/Annotation;'
the "'" around annotation is because "annotation" is also a keyword, which
needs to be escaped in the Jimple files, but should not be escaped in the
dex file. Apparently soot does not unescape this.
Are you using the newest version of soot from the nightly build server?
https://ssebuild.cased.de/nightly/soot/lib/
If you do, consider posting a bug report with the APK file and the exact
steps (commands) you were using in order to be easier reproducable. I
assume the bug also occurs when you do not do any modify the Jimple code at
all?
Yes, what you want to do is totally achievable using soot.
Marc
2016-07-08 10:08 GMT+02:00 <xwlin.roy at gmail.com>:
> Hi Dave,
> Have you fixed this problem?I'm facing the same problem.
> If you have fixed this problem,hope you can share you solution.
>
> 在 2016年5月29日星期日 UTC+8下午9:39:45,Dave Webb写道:
>>
>> Hi,
>> I want to use Soot in order to modify Android Apps.
>> However, I do *not* want to use the Instrumentation API shown in [1], but
>> instead I want to transform an APK to Jimple, then manually manipulate the
>> Jimple code with my own tools and afterwards transform the modified Jimple
>> code back into an APK.
>>
>> In order to setup this toolchain, I'm currently doing the following:
>> 1. Use soot to transform an APK file into Jimple files
>> 2. Use soot to transform the Jimple files into a DEX file
>> 3. Repack the new DEX file with the original resources/assets/...
>> 4. Sign and zipalign the APK
>>
>> Although none of these steps produces an error, the final APK is not
>> executable and crashes instantly when launched (see [2]).
>>
>> My questions are:
>> 1. Is my goal as described above achievable with Soot at all?
>> 2. If so, which of the previously described steps is most likely the
>> culprit?
>>
>> Any help is highly appreciated!
>>
>> [1]
>> https://github.com/Sable/soot/wiki/Instrumenting-Android-Apps-with-Soot
>> [2] adb logcat output:
>>
>> 05-29 15:12:51.841 4274 4274 E dex2oat : Failed to create oat file:
>> /data/dalvik-cache/arm/data at app@com.example.webb.test4-1 at base.apk@classes.dex:
>> Permission denied
>> 05-29 15:12:51.841 4274 4274 I dex2oat : dex2oat took 854.492us
>> (threads: 4)
>> 05-29 15:12:51.844 4255 4255 W art : Failed
>> execv(/system/bin/dex2oat --runtime-arg -classpath --runtime-arg
>> --instruction-set=arm --instruction-set-features=smp,div,atomic_ldrd_strd
>> --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art
>> --runtime-arg -Xms64m --runtime-arg -Xmx512m --compiler-filter=speed
>> --instruction-set-variant=krait --instruction-set-features=default
>> --dex-file=/data/app/com.example.webb.test4-1/base.apk
>> --oat-file=/data/dalvik-cache/arm/data at app
>> @com.example.webb.test4-1 at base.apk@classes.dex) because non-0 exit status
>> 05-29 15:12:51.962 4255 4255 W art : Failure to verify dex file
>> '/data/app/com.example.webb.test4-1/base.apk': Invalid type descriptor:
>> 'Ljava/lang/'annotation'/Annotation;'
>> 05-29 15:12:51.963 4255 4255 W System : ClassLoader referenced unknown
>> path: /data/app/com.example.webb.test4-1/lib/arm
>> 05-29 15:12:51.966 4255 4255 D AndroidRuntime: Shutting down VM
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: FATAL EXCEPTION: main
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: Process:
>> com.example.webb.test4, PID: 4255
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime:
>> java.lang.RuntimeException: Unable to instantiate activity
>> ComponentInfo{com.example.webb.test4/com.example.webb.test4.MainActivity}:
>> java.lang.ClassNotFoundException: Didn't find class
>> "com.example.webb.test4.MainActivity" on path: DexPathList[[zip file
>> "/data/app/com.example.webb.test4-1/base.apk"],nativeLibraryDirectories=[/data/app/com.example.webb.test4-1/lib/arm,
>> /vendor/lib, /system/lib]]
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2361)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2520)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ActivityThread.-wrap11(ActivityThread.java)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ActivityThread$H.handleMessage(ActivityThread.java:1363)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.os.Handler.dispatchMessage(Handler.java:102)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.os.Looper.loop(Looper.java:148)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ActivityThread.main(ActivityThread.java:5466)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> java.lang.reflect.Method.invoke(Native Method)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: Caused by:
>> java.lang.ClassNotFoundException: Didn't find class
>> "com.example.webb.test4.MainActivity" on path: DexPathList[[zip file
>> "/data/app/com.example.webb.test4-1/base.apk"],nativeLibraryDirectories=[/data/app/com.example.webb.test4-1/lib/arm,
>> /vendor/lib, /system/lib]]
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:56)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> java.lang.ClassLoader.loadClass(ClassLoader.java:511)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> java.lang.ClassLoader.loadClass(ClassLoader.java:469)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.Instrumentation.newActivity(Instrumentation.java:1068)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2351)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: ... 9 more
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: Suppressed:
>> java.io.IOException: Failed to open dex files from
>> /data/app/com.example.webb.test4-1/base.apk
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.DexFile.openDexFileNative(Native Method)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.DexFile.openDexFile(DexFile.java:295)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.DexFile.<init>(DexFile.java:80)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.DexFile.<init>(DexFile.java:59)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.DexPathList.loadDexFile(DexPathList.java:279)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.DexPathList.makePathElements(DexPathList.java:248)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.DexPathList.<init>(DexPathList.java:120)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.BaseDexClassLoader.<init>(BaseDexClassLoader.java:48)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> dalvik.system.PathClassLoader.<init>(PathClassLoader.java:65)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ApplicationLoaders.getClassLoader(ApplicationLoaders.java:58)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.LoadedApk.getClassLoader(LoadedApk.java:376)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.LoadedApk.makeApplication(LoadedApk.java:569)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ActivityThread.handleBindApplication(ActivityThread.java:4729)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ActivityThread.-wrap1(ActivityThread.java)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> android.app.ActivityThread$H.handleMessage(ActivityThread.java:1424)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: ... 6
>> more
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: Suppressed:
>> java.lang.ClassNotFoundException: com.example.webb.test4.MainActivity
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> java.lang.Class.classForName(Native Method)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> java.lang.BootClassLoader.findClass(ClassLoader.java:781)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> java.lang.BootClassLoader.loadClass(ClassLoader.java:841)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: at
>> java.lang.ClassLoader.loadClass(ClassLoader.java:504)
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: ... 12
>> more
>> 05-29 15:12:51.968 4255 4255 E AndroidRuntime: Caused by:
>> java.lang.NoClassDefFoundError: Class not found using the boot class
>> loader; no stack trace available
>> 05-29 15:12:51.970 721 3302 W ActivityManager: Force finishing
>> activity com.example.webb.test4/.MainActivity
>> _______________________________________________
>> Soot-list mailing list
>> Soot... at CS.McGill.CA
>> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>>
>>
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20160708/2209e69a/attachment-0001.html
More information about the Soot-list
mailing list