flankerhqd / jaadas Goto Github PK
View Code? Open in Web Editor NEWJoint Advanced Defect assEsment for android applications
Home Page: https://speakerdeck.com/flankerhqd/jade-joint-advanced-defect-assesment
License: Other
Joint Advanced Defect assEsment for android applications
Home Page: https://speakerdeck.com/flankerhqd/jade-joint-advanced-defect-assesment
License: Other
reference: https://docs.gradle.org/current/userguide/gradle_wrapper.html
this should easy out pain for others who may not have gradle installed.
您好,我刚刚接触静态分析不久,我看了您的分析看了很多遍,优化flowdroid这部分从修改污染传播规则到自定义添加漏洞插件,在Reachability Analysis时最后说,还没有实现,不太清楚您是具体哪部分没有实现,是您在前面介绍的从读取文件到扫描是否有权限泄露的函数,这部分没有实现吗?我没有理解清楚,期待您的回复。
另外,从优化JAADAS的角度看,您能提供一些思路吗?我想尝试着去分析理解然后优化它。
The application on execution looks for config files in current / working directory. also zip provides them in folder called config but it appears they are searched for in working directory only.
Is it possible to fix the location of config files.
P.S. not an expert on scala and hence need a helping hand.
This seems to be the only blocker in getting it Integrated in AndroidTamer
Hi, Flanker
I encountered an issue like this:
`$ java -jar D:\barca\JAADAS\jaadas-0.1\jade-0.1.jar vulnanalysis -f D:\barca\app\system_app_DownloadProviderUi_DownloadProviderUi.apk -p F:\tools\adtnew\sdk\platforms -c D:\barca\JAADAS\jaadas-0.1\config\ --fastanalysis
enabled plugins: implements custom verifier that always return true
Webview js file access misconfigurations
Webview ssl handler impl onReceivedSslError, lead to SSL vulnerability
X509TrustManager empty impl, lead to SSL vulnerability
FAKEID reloaded vulnerability
Check webview save password disabled or not
Scan for ZipEntry vulnerable to unzip directory traversal vulnerability
enabled modules: constapicheck, crash analysis
Using 'F:\tools\adtnew\sdk\platforms\android-23\android.jar' as android.jar
Warning: exception while processing dex file 'D:\barca\app\system_app_DownloadProviderUi_DownloadProviderUi.apk'
Exception: org.jf.dexlib2.dexbacked.DexBackedDexFile$NotADexFile: Invalid magic value: 64 65 78 0a 30 33 37 00
Warning: java.lang.invoke.LambdaMetafactory is a phantom class!
Warning: java.lang.ref.Finalizer is a phantom class!
Exception in thread "main" org.jf.dexlib2.dexbacked.DexBackedDexFile$NotADexFile: Invalid magic value: 64 65 78 0a 30 33 37 00
at org.jf.dexlib2.dexbacked.DexBackedDexFile.verifyMagicAndByteOrder(DexBackedDexFile.java:151)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:70)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:96)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:88)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:56)
at soot.DexClassProvider.classesOfDex(DexClassProvider.java:121)
at soot.SourceLocator.getClassesUnder(SourceLocator.java:206)
at soot.Scene.loadNecessaryClasses(Scene.java:1361)
at org.k33nteam.jade.drivers.CheckDriver.prepareMethodTraversal(CheckDriver.scala:77)
at org.k33nteam.jade.drivers.CheckDriver.fastentry(CheckDriver.scala:98)
at main$.main(main.scala:75)
at main.main(main.scala)`
why it shows that no dex file, but it has a classes.dex file in it
Where i can find all possibles descriptions of vuln by JAADAS on source code program.
Could you pls help
the binary jar is still named as jade as well as the folder where binary is created is still named as jade. Is this what's expected or are we changing these to jaadas in near future.
I build the latest version jar from source code. I try to run this awesome project. However, I failed.
I try to fix this null pointer bug but I failed. Anyone idea to solve this problem?
Transforming android.support.v4.view.accessibility.AccessibilityEventCompatIcs...
java.io.FileNotFoundException: /Users/test/android_tool/JAADAS/config/ConstantRules.groovy (/Users/test/android_tool/JAADAS/config/ConstantRules.groovy)
at groovy.lang.GroovyCodeSource.(GroovyCodeSource.java:106)
at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:186)
at org.k33nteam.jade.propagation.track.APIVulnManager.initFromGroovy(APIVulnManager.java:40)
at org.k33nteam.jade.propagation.track.APIVulnManager.(APIVulnManager.java:31)
at org.k33nteam.jade.propagation.base.NaiveAPIChecker.(NaiveAPIChecker.scala:19)
at org.k33nteam.jade.drivers.CheckDriver.doNaiveAPIScan(CheckDriver.scala:132)
at org.k33nteam.jade.drivers.CheckDriver.fastentry(CheckDriver.scala:99)
at main$.main(main.scala:75)
at main.main(main.scala)
Exception in thread "main" java.lang.NullPointerException
at org.k33nteam.jade.propagation.track.APIVulnManager.initFromGroovy(APIVulnManager.java:49)
at org.k33nteam.jade.propagation.track.APIVulnManager.(APIVulnManager.java:31)
at org.k33nteam.jade.propagation.base.NaiveAPIChecker.(NaiveAPIChecker.scala:19)
at org.k33nteam.jade.drivers.CheckDriver.doNaiveAPIScan(CheckDriver.scala:132)
at org.k33nteam.jade.drivers.CheckDriver.fastentry(CheckDriver.scala:99)
at main$.main(main.scala:75)
at main.main(main.scala)
Application doesn't compiles nor compiled binary runs on java <8 hence might make sense to make a note of this somewhere in readme.
{
"score": 133.39999389648438,
"md5hash": "1980980716b38a8ea7c28e652b82aedc",
"results": [{
"desc": "webview addjsinterface code exec",
"sourceStmt": "virtualinvoke $r22.<com.energysource.szj.embeded.AdvWebView: void addJavascriptInterface(java.lang.Object,java.lang.String)>($r26, "es")",
"custom": "naive check, may false positive",
"vulnKind": 0,
"destMethod": "",
"paths": [],
"destStmt": "",
"sourceMethod": "<com.energysource.szj.embeded.AdManager: void requestAdvById(int)>"
},
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.