Giter VIP home page Giter VIP logo

flankerhqd / jaadas Goto Github PK

View Code? Open in Web Editor NEW
342.0 31.0 107.0 51.41 MB

Joint Advanced Defect assEsment for android applications

Home Page: https://speakerdeck.com/flankerhqd/jade-joint-advanced-defect-assesment

License: Other

Java 94.37% Groovy 0.01% Scala 0.42% Jasmin 0.09% HTML 1.44% XSLT 1.01% Julia 0.01% Shell 0.09% CSS 0.01% Limbo 0.06% TeX 2.44% Makefile 0.01% Perl 0.04%
soot static-analysis vulnerability inter-procedure-analysis android-applications

jaadas's People

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

b0b0505 bigfool dptechma dstmath simith003 iamspid3r tamerplatform futurelighthouse terry2012 tangsilian h3arts bgki11er xbalien telnetgmike haidao-git19 npc7 m00zh33 guoyu07 replive majinxin2003 sucof android-leak breagitt coffeevapple heezhoupeng xtxwy security-geeks nagyistge seakinghuster yihong1991 p33kin9 blkstone sigma-random qwe00921 g252691665 gezijun moonight10 blackjacktoken verfly rongqinglee galycannon qiji2015 darktemple9 jyxu2015 wangjl1991 josh200501 liberatorqjw iamlile banana42 syhxsqqzm qqgirllianxin snowdomain expertasif vidocapt yadox sherwel gcxtx webvul shuixi2013 pentagramz zhanglang001 davidliu88 hxlszxy seabreg subrota-mondal doryxin secoba mrmugiwara sjukperro mmg1 aeguy wkmc superf0sh tiandiyixian thor509 qiqi1 chromevsie wj358271938 whulls saislanti misscoconut ylcangel kaithyrookie returnhere pokerfacett wyu0hop 5l1v3r1 dongshen limkokholefork po1lux gitwk86 extrend-xuxw hartl3y94 xuejuns fpxtest e10514001 cronos996 fishso flower-gjh kalikex1

jaadas's Issues

您在wiki中介绍说Reachability Analysis还没有实现,不太懂是哪个部分还没有实现。

您好,我刚刚接触静态分析不久,我看了您的分析看了很多遍,优化flowdroid这部分从修改污染传播规则到自定义添加漏洞插件,在Reachability Analysis时最后说,还没有实现,不太清楚您是具体哪部分没有实现,是您在前面介绍的从读取文件到扫描是否有权限泄露的函数,这部分没有实现吗?我没有理解清楚,期待您的回复。
另外,从优化JAADAS的角度看,您能提供一些思路吗?我想尝试着去分析理解然后优化它。

Looking for config files in current / working directory.

The application on execution looks for config files in current / working directory. also zip provides them in folder called config but it appears they are searched for in working directory only.

Is it possible to fix the location of config files.

P.S. not an expert on scala and hence need a helping hand.
This seems to be the only blocker in getting it Integrated in AndroidTamer

Exception in thread "main" org.jf.dexlib2.dexbacked.DexBackedDexFile$NotADexFile: Invalid magic value: 64 65 78 0a 30 33 37 00

Hi, Flanker
I encountered an issue like this:
`$ java -jar D:\barca\JAADAS\jaadas-0.1\jade-0.1.jar vulnanalysis -f D:\barca\app\system_app_DownloadProviderUi_DownloadProviderUi.apk -p F:\tools\adtnew\sdk\platforms -c D:\barca\JAADAS\jaadas-0.1\config\ --fastanalysis

enabled plugins: implements custom verifier that always return true
Webview js file access misconfigurations
Webview ssl handler impl onReceivedSslError, lead to SSL vulnerability
X509TrustManager empty impl, lead to SSL vulnerability
FAKEID reloaded vulnerability
Check webview save password disabled or not
Scan for ZipEntry vulnerable to unzip directory traversal vulnerability

enabled modules: constapicheck, crash analysis

Using 'F:\tools\adtnew\sdk\platforms\android-23\android.jar' as android.jar
Warning: exception while processing dex file 'D:\barca\app\system_app_DownloadProviderUi_DownloadProviderUi.apk'
Exception: org.jf.dexlib2.dexbacked.DexBackedDexFile$NotADexFile: Invalid magic value: 64 65 78 0a 30 33 37 00
Warning: java.lang.invoke.LambdaMetafactory is a phantom class!
Warning: java.lang.ref.Finalizer is a phantom class!
Exception in thread "main" org.jf.dexlib2.dexbacked.DexBackedDexFile$NotADexFile: Invalid magic value: 64 65 78 0a 30 33 37 00
at org.jf.dexlib2.dexbacked.DexBackedDexFile.verifyMagicAndByteOrder(DexBackedDexFile.java:151)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:70)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:96)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:88)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:56)
at soot.DexClassProvider.classesOfDex(DexClassProvider.java:121)
at soot.SourceLocator.getClassesUnder(SourceLocator.java:206)
at soot.Scene.loadNecessaryClasses(Scene.java:1361)
at org.k33nteam.jade.drivers.CheckDriver.prepareMethodTraversal(CheckDriver.scala:77)
at org.k33nteam.jade.drivers.CheckDriver.fastentry(CheckDriver.scala:98)
at main$.main(main.scala:75)
at main.main(main.scala)`

why it shows that no dex file, but it has a classes.dex file in it

name change: jaadas

the binary jar is still named as jade as well as the folder where binary is created is still named as jade. Is this what's expected or are we changing these to jaadas in near future.

Null Pointer Help!

I build the latest version jar from source code. I try to run this awesome project. However, I failed.
I try to fix this null pointer bug but I failed. Anyone idea to solve this problem?

Transforming android.support.v4.view.accessibility.AccessibilityEventCompatIcs...
java.io.FileNotFoundException: /Users/test/android_tool/JAADAS/config/ConstantRules.groovy (/Users/test/android_tool/JAADAS/config/ConstantRules.groovy)
at groovy.lang.GroovyCodeSource.(GroovyCodeSource.java:106)
at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:186)
at org.k33nteam.jade.propagation.track.APIVulnManager.initFromGroovy(APIVulnManager.java:40)
at org.k33nteam.jade.propagation.track.APIVulnManager.(APIVulnManager.java:31)
at org.k33nteam.jade.propagation.base.NaiveAPIChecker.(NaiveAPIChecker.scala:19)
at org.k33nteam.jade.drivers.CheckDriver.doNaiveAPIScan(CheckDriver.scala:132)
at org.k33nteam.jade.drivers.CheckDriver.fastentry(CheckDriver.scala:99)
at main$.main(main.scala:75)
at main.main(main.scala)
Exception in thread "main" java.lang.NullPointerException
at org.k33nteam.jade.propagation.track.APIVulnManager.initFromGroovy(APIVulnManager.java:49)
at org.k33nteam.jade.propagation.track.APIVulnManager.(APIVulnManager.java:31)
at org.k33nteam.jade.propagation.base.NaiveAPIChecker.(NaiveAPIChecker.scala:19)
at org.k33nteam.jade.drivers.CheckDriver.doNaiveAPIScan(CheckDriver.scala:132)
at org.k33nteam.jade.drivers.CheckDriver.fastentry(CheckDriver.scala:99)
at main$.main(main.scala:75)
at main.main(main.scala)

Hard limitation of JAVA 8

Application doesn't compiles nor compiled binary runs on java <8 hence might make sense to make a note of this somewhere in readme.

请问在output结果中输出的score是什么含义呢?给出的分数是如何判定的呢?

{
"score": 133.39999389648438,
"md5hash": "1980980716b38a8ea7c28e652b82aedc",
"results": [{
"desc": "webview addjsinterface code exec",
"sourceStmt": "virtualinvoke $r22.<com.energysource.szj.embeded.AdvWebView: void addJavascriptInterface(java.lang.Object,java.lang.String)>($r26, "es")",
"custom": "naive check, may false positive",
"vulnKind": 0,
"destMethod": "",
"paths": [],
"destStmt": "",
"sourceMethod": "<com.energysource.szj.embeded.AdManager: void requestAdvById(int)>"
},

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.