Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home News

Static Taint Analysis Platform To Scan Vulnerabilities In An Android App

admin by admin
November 4, 2022
in News




Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.

Prerequisites

Appshark requires a specific version of JDK — JDK 11. After testing, it does not work on other LTS versions, JDK 8 and JDK 16, due to the dependency compatibility issue.

Building/Compiling AppShark

We assume that you are working in the root directory of the project repo. You can build the whole project with the gradle tool.

$ ./gradlew build  -x test 

After executing the above command, you will see an artifact file AppShark-0.1.1-all.jar in the directory build/libs.

Running AppShark

Like the previous step, we assume that you are still in the root folder of the project. You can run the tool with

$ java -jar build/libs/AppShark-0.1.1-all.jar  config/config.json5

The config.json5 has the following configuration contents.

{
"apkPath": "/Users/apks/app1.apk",
"out": "out",
"rules": "unZipSlip.json",
"maxPointerAnalyzeTime": 600
}

Each JSON field is explained below.

  • apkPath: the path of the apk file to analyze
  • out: the path of the output directory
  • rules: the path(s) of the rule file(s), can be more than 1 rules
  • maxPointerAnalyzeTime: the timeout duration in seconds set for the analysis started from an entry point
  • debugRule: specify the rule name that enables logging for debugging

If you provide a configuration JSON file which sets the output path as out in the project root directory, you will find the result file out/results.json after running the analysis.

Interpreting the Results

Below is an example of the results.json.

“, “Sink”: “->$r31″, “entryMethod”: ““, “Source”: “->$r3″, “url”: “/Volumes/dev/zijie/appshark-opensource/out/vuln/1-unZipSlip.html”, “target”: [ “->$r3″, “pf{obj{:35=>java.lang.StringBuilder}(unknown)->@data}”, “->$r11″, “->$r31″ ] }, “hash”: “ec57a2a3190677ffe78a0c8aaf58ba5aee4d2247”, “possibility”: “4” }, { “details”: { “position”: ““, “Sink”: “->$r34″, “entryMethod”: ““, “Source”: “->$r3″, “url”: “/Volumes/dev/zijie/appshark-opensource/out/vuln/2-unZipSlip.html”, “target”: [ “->$r3″, “pf{obj{:33=>java.lang.StringBuilder}(unknown)->@data}”, “->$r14″, “->$r34″ ] }, “hash”: “26c6d6ee704c59949cfef78350a1d9aef04c29ad”, “possibility”: “4” } ], “wiki”: “”, “deobfApk”: “/Volumes/dev/zijie/appshark-opensource/app.apk” } } }, “DeepLinkInfo”: { }, “HTTP_API”: [ ], “JsBridgeInfo”: [ ], “BasicInfo”: { “ComponentsInfo”: { }, “JSNativeInterface”: [ ] }, “UsePermissions”: [ ], “DefinePermissions”: { }, “Profile”: “/Volumes/dev/zijie/appshark-opensource/out/vuln/3-profiler.json” } ” dir=”auto”>

{
"AppInfo": {
"AppName": "test",
"PackageName": "net.bytedance.security.app",
"min_sdk": 17,
"target_sdk": 28,
"versionCode": 1000,
"versionName": "1.0.0"
},
"SecurityInfo": {
"FileRisk": {
"unZipSlip": {
"category": "FileRisk",
"detail": "",
"model": "2",
"name": "unZipSlip",
"possibility": "4",
"vulners": [
{
"details": {
"position": "",
"Sink": "->$r31",
"entryMethod": "",
"Source": "->$r3",
"url": "/Volumes/dev/zijie/appshark-opensource/out/vuln/1-unZipSlip.html",
"target": [
"->$r3",
"pf{obj{:35=>java.lang.StringBuilder}(unknown)->@data}",
"->$r11",
"->$r31"
]
},
"hash": "ec57a2a3190677ffe78a0c8aaf58ba5aee4d 2247",
"possibility": "4"
},
{
"details": {
"position": "",
"Sink": "->$r34",
"entryMethod": "",
"Source": "->$r3",
"url": "/Volumes/dev/zijie/appshark-opensource/out/vuln/2-unZipSlip.html",
"target": [
"->$r3",
"pf{obj{:33=>java.lang.StringBuilder}(unknown)->@data}",
"->$r14",
"->$r34"
]
},
"hash": "26c6d6ee704c59949cfef78350a1d9aef04c29ad",
"possibility": "4"
}
],
"wiki": "",
"deobfApk": "/Volumes/dev/zijie/appshark-opensource/app.apk"
}
}
},
"DeepLinkInfo": {
},
"HTTP_API": [
],
"JsBridgeInfo": [
],
"BasicInfo": {
"ComponentsInfo": {
},
"JSNativeInterface": [
]
},
"UsePermissions": [
],
"DefinePermis sions": {
},
"Profile": "/Volumes/dev/zijie/appshark-opensource/out/vuln/3-profiler.json"
}





Source link

Tags: cybersecurityethical hackinghack androidhack apphack wordpresshacker newshackinghacking tools for windowskeyloggerkitkitploitpassword brute forcepenetration testingpentestpentest androidpentest linuxpentest toolkitpentest toolsspy tool kitspywaretools
Previous Post

How to watch Young Royals season 2 online

Next Post

Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer

Next Post

Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer

Recommended

Kscan – Simple Asset Mapping Tool

2 months ago

19-Year-Old Teen Arrested for Using Leaked Optus Breach Data in SMS Scam

6 months ago

© Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.