Saturday, November 5, 2022
HomeHackerStatic Taint Evaluation Platform To Scan Vulnerabilities In An Android App
Hacker

Static Taint Evaluation Platform To Scan Vulnerabilities In An Android App

Admin
By Admin
0
2




Appshark is a static taint evaluation platform to scan vulnerabilities in an Android app.

Conditions

Appshark requires a particular model of JDK — JDK 11. After testing, it doesn’t work on different LTS variations, JDK 8 and JDK 16, because of the dependency compatibility difficulty.

Constructing/Compiling AppShark

We assume that you’re working within the root listing of the undertaking repo. You may construct the entire undertaking with the gradle instrument.

$ ./gradlew construct  -x check

After executing the above command, you will notice an artifact file AppShark-0.1.1-all.jar within the listing construct/libs.

Working AppShark

Just like the earlier step, we assume that you’re nonetheless within the root folder of the undertaking. You may run the instrument with

$ java -jar construct/libs/AppShark-0.1.1-all.jar  config/config.json5

The config.json5 has the next configuration contents.

{
"apkPath": "/Customers/apks/app1.apk",
"out": "out",
"guidelines": "unZipSlip.json",
"maxPointerAnalyzeTime": 600
}

Every JSON discipline is defined beneath.

  • apkPath: the trail of the apk file to research
  • out: the trail of the output listing
  • guidelines: the trail(s) of the rule file(s), might be greater than 1 guidelines
  • maxPointerAnalyzeTime: the timeout length in seconds set for the evaluation began from an entry level
  • debugRule: specify the rule title that permits logging for debugging

For those who present a configuration JSON file which units the output path as out within the undertaking root listing, you’ll discover the end result file out/outcomes.json after working the evaluation.

Deciphering the Outcomes

Beneath is an instance of the outcomes.json.

{
"AppInfo": {
"AppName": "check",
"PackageName": "web.bytedance.safety.app",
"min_sdk": 17,
"target_sdk": 28,
"versionCode": 1000,
"versionName": "1.0.0"
},
"SecurityInfo": {
"FileRisk": {
"unZipSlip": {
"class": "FileRisk",
"element": "",
"mannequin": "2",
"title": "unZipSlip",
"chance": "4",
"vulners": [
{
"details": {
"position": "<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolderFix1(java.lang.String,java.lang.String)>",
"Sink": "<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolderFix1(java.lang.String,java.lang.String)>->$r31",
"entryMethod": "<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void f()>",
"Source": "<net.byte   dance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolderFix1(java.lang.String,java.lang.String)>->$r3",
"url": "/Volumes/dev/zijie/appshark-opensource/out/vuln/1-unZipSlip.html",
"target": [
"<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolderFix1(java.lang.String,java.lang.String)>->$r3",
"pf{obj{<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolderFix1(java.lang.String,java.lang.String)>:35=>java.lang.StringBuilder}(unknown)->@data}",
"<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolderFix1(java.lang.String,java.lang.String)>->$r11",
"<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolderFix1(java.lang.String,java.lang.String)>->$r31"
]
},
"hash": "ec57a2a3190677ffe78a0c8aaf58ba5aee4d   2247",
"chance": "4"
},
{
"particulars": {
"place": "<web.bytedance.safety.app.pathfinder.testdata.ZipSlip: void UnZipFolder(java.lang.String,java.lang.String)>",
"Sink": "<web.bytedance.safety.app.pathfinder.testdata.ZipSlip: void UnZipFolder(java.lang.String,java.lang.String)>->$r34",
"entryMethod": "<web.bytedance.safety.app.pathfinder.testdata.ZipSlip: void f()>",
"Supply": "<web.bytedance.safety.app.pathfinder.testdata.ZipSlip: void UnZipFolder(java.lang.String,java.lang.String)>->$r3",
"url": "/Volumes/dev/zijie/appshark-opensource/out/vuln/2-unZipSlip.html",
"goal": [
"<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolder(java.lang.String,java.lang.String)>->$r3",
"pf{obj{<net.bytedance.security.a   pp.pathfinder.testdata.ZipSlip: void UnZipFolder(java.lang.String,java.lang.String)>:33=>java.lang.StringBuilder}(unknown)->@data}",
"<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolder(java.lang.String,java.lang.String)>->$r14",
"<net.bytedance.security.app.pathfinder.testdata.ZipSlip: void UnZipFolder(java.lang.String,java.lang.String)>->$r34"
]
},
"hash": "26c6d6ee704c59949cfef78350a1d9aef04c29ad",
"chance": "4"
}
],
"wiki": "",
"deobfApk": "/Volumes/dev/zijie/appshark-opensource/app.apk"
}
}
},
"DeepLinkInfo": {
},
"HTTP_API": [
],
"JsBridgeInfo": [
],
"BasicInfo": {
"ComponentsInfo": {
},
"JSNativeInterface": [
]
},
"UsePermissions": [
],
"DefinePermis   sions": {
},
"Profile": "/Volumes/dev/zijie/appshark-opensource/out/vuln/3-profiler.json"
}



Previous articleThe cloud is downturn-proof—possibly | InfoWorld
Next articlePlayable advertisements cocos creator optimizes information when exporting to networks (minter, iron , applovin) – Cocos Creator
Admin
Adminhttps://www.handla.it
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Load more

Recent Comments

ABOUT US

handla.it is your computer, laptop, software and cyber security website. We provide you with the latest breaking news and videos straight from the computer industry.

POPULAR POSTS

POPULAR CATEGORY

copyright 2022 © handla.it. All rights reserved.