Inter-component communication Taint Analysis for Android
Home Page: https://sites.google.com/site/icctawebpage/
License: GNU Lesser General Public License v2.1
IccTA is an Inter-Component Communication based Taint Analysis tool. It based on FlowDroid and Epicc to perform inter-component (and also inter-app, thanks to ApkCombiner) privacy leaks in Android apps.
A manual can be found here: https://github.com/lilicoding/soot-infoflow-android-iccta/wiki
Excuse me, could you tell me how do you solve the problem of dexlib2-2.1.1-dev.jar missing. Thank you very much!
I just follow the manual .While I have a problem which is "error 1071<42000> at line 194:Specified key was too long:max key length is 76 "in the second step( importing the schema to the database),is there anything wrong I made?
Hi,
I am trying to run IccTA but I'm getting errors.
From the wiki page I followed 'Usage of IccTA'. But its somewhat unclear. I probably did something wrong in installation. Can you please clarify followings
I also looked at another page of iccta 'https://sites.google.com/site/icctawebpage/usage-of-iccta', but could not successful run it.
And while running this tool I used the android jars from https://github.com/lilicoding/android-platforms.git.
The commands I ran and the errors I got are given below:
COMMAND: ./runEpicc.sh [PATH]/DroidBench/apk/InterAppCommunication_ActivityCommunication1.apk
ERROR:
..............
Soot has run for 0 min. 37 sec.
.....
java.io.FileNotFoundException: output_iccta/InterAppCommunication_ActivityCommunication1.csv (No such file or directory)
at java.io.FileOutputStream.open(Native Method)
......
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
[*] parsing manifest '[PATH]/DroidBench/apk/InterAppCommunication_ActivityCommunication1.apk'
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Table 'db_iccta.IFActions' doesn't exist
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
.....
at soot.jimple.interproc.cc.ConnectedComponents.computeConnectedComponents(ConnectedComponents.java:108)
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
java.lang.NullPointerException
at java.util.HashMap.putAll(HashMap.java:614)
....
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
Exception in thread "main" java.lang.NullPointerException
at soot.jimple.interproc.cc.ConnectedComponents.computeConnectedComponents(ConnectedComponents.java:318)
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
COMMAND:
[PATH]/soot-infoflow-android-iccta/release$ java -jar IccTA.jar -apkPath [PATH]/DroidBench/apk/InterAppCommunication_ActivityCommunication1.apk -androidJar [PATH]tool/android-platforms -iccProvider ../iccProvider/epicc -enableDB -intentMatchLevel 3
Here, android-platforms was downloaded from "https://github.com/lilicoding/android-platforms.git"
ERROR:
"Exception in thread "main" java.lang.RuntimeException: parameter error [args = [Ljava.lang.String;@16e588e]
at lu.uni.serval.iccta.TestApps.Main.main(Main.java:20)"
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax
Hi
Currently, I am exploring your ICCTA tool and try to build it in eclipse.
however, i go through your setup&usage page, i still cannot set it up correctly.
the problem seems that current version of soot-infoflow-android does not apply to ICCTA.
could you provide your soot related libraries?
i will be thankful if you have an idea how can i fix that?
thanks.
Excuse me, do you use it in Linux or Windows?I use it in Windows, but I find that the launch file of Epicc is .sh so I dontw know how launch it. If you use it in Windows, could you please tell me how to use it. Thank you!
I am also experimenting difficulties with the Soot-infoflow-android, when I try to use IccTA, specifically regarding dexlib2-2.1.1-dev.jar Any suggestion?
Originally posted by @juangabriel-umanaquiros in #12 (comment)
Hi,
On wiki page, procedure to get IAC leaks is not mentioned. Can you please update wiki with this procedure.
Thanks,
hi
I read this site https://github.com/lilicoding/soot-infoflow-android-iccta/wiki/Usage-of-IccTA.
But your packages have problem and dont run IccTA.
please check packages.
Hi,
I am not able to analyze apps. Commands to run Epicc and IccTA are resulting in errors. Can you please look into it. Details are given below
1) Error while running epicc
Command: "./runEpicc.sh [apkPath]"
Output:
"........
Soot has run for 0 min. 37 sec.
Directory: testspace/InterAppCommunication_IntentSink1.apk/retargeted/retargeted/InterAppCommunication_IntentSink1
[*] parsing manifest '../../apks/InterAppCommunication_IntentSink1.apk'
java.io.FileNotFoundException: output_iccta/InterAppCommunication_IntentSink1.csv (No such file or directory)
at java.io.FileOutputStream.open(Native Method)
....
at soot.jimple.interproc.cc.ConnectedComponents.computeConnectedComponents(ConnectedComponents.java:88)
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
Manifest components links:
Warning: android.content.pm.ResolveInfo is a phantom class!
......
Transforming android.support.v4.view.ViewGroupCompat$ViewGroupCompatImpl...
java.lang.NullPointerException
Transforming de.ecspride.BuildConfig...
at soot.jimple.interproc.cc.ConnectedComponents.computeConnectedComponents(ConnectedComponents.java:283)
Transforming android.support.v4.content.ContextCompatHoneycomb...
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
Transforming android.support.v4.util.TimeUtils...
Exception in thread "main" java.lang.NullPointerException
Transforming android.support.v4.widget.SearchViewCompat$SearchViewCompatImpl...
at soot.jimple.interproc.cc.ConnectedComponents.computeConnectedComponents(ConnectedComponents.java:318)
Transforming android.support.v4.widget.SearchViewCompat$OnQueryTextListenerCompat...
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
Transforming android.support.v4.widget.SearchViewCompat...
.......
The following ICC values were found:
Precision stats: null
"
2) Error while running IccTA
Command: "java -jar IccTA.jar -apkPath [apk path] -androidJars [path of jars] -iccProvider [path of epicc] -enableDB -intentMatchLevel 3"
Output:
"Exception in thread "main" java.lang.RuntimeException: parameter error [args = [Ljava.lang.String;@1235feb]
at lu.uni.serval.iccta.TestApps.Main.main(Main.java:20)"
when i run ./runEpicc.sh $path_of_apk to build ICC links for an Android application.
I encountered :
[Call Graph] For information on where the call graph may be incomplete, use the verbose option to the cg phase.
java.lang.ClassCastException: soot.coffi.CONSTANT_InterfaceMethodref_info cannot be cast to soot.coffi.CONSTANT_Methodref_info
Hi, i want to use ic3 to generate a ICC model by using the -protobuf option followed by the path to an output directory.
So i changed runIC3.sh:
just changed this line: java -Xmx8192m -jar ic3-0.1.0-full.jar -apkormanifest $appPath -input $retargetedPath -cp $forceAndroidJar -protobuf M:\bs\tools\retargeted
But it seems doesn't work. When I run RetargetedApp.jar , i got the following errors:
M:\bs\tools\soot-infoflow-android-iccta-master\soot-infoflow-android-iccta-master\iccProvider\ic3>java -Xmx8192m -jar RetargetedApp.jar M:\tools\platforms\android-21\android.jar M:\bs\tools\empty.apk M:\bs\tools\retargeted
Soot started on Mon Jan 07 17:22:38 GMT+08:00 2019
Using 'M:\tools\platforms\android-21\android.jar' as android.jar
Warning: exception while processing dex file 'M:\bs\tools\empty.apk'
Exception: org.jf.dexlib2.dexbacked.DexBackedDexFile$NotADexFile: Invalid magic value: 64 65 78 0a 30 33 37 00
org.jf.dexlib2.dexbacked.DexBackedDexFile$NotADexFile: Invalid magic value: 64 65 78 0a 30 33 37 00
at org.jf.dexlib2.dexbacked.DexBackedDexFile.verifyMagicAndByteOrder(DexBackedDexFile.java:151)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:70)
at org.jf.dexlib2.dexbacked.DexBackedDexFile.(DexBackedDexFile.java:96)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:84)
at org.jf.dexlib2.DexFileFactory.loadDexFile(DexFileFactory.java:54)
at soot.DexClassProvider.classesOfDex(DexClassProvider.java:121)
at soot.SourceLocator.getClassesUnder(SourceLocator.java:206)
at soot.Scene.loadNecessaryClasses(Scene.java:1351)
at soot.Main.run(Main.java:214)
at soot.Main.main(Main.java:152)
at RetargetedApp.main(RetargetedApp.java:24)
Any idea Thanks a lot!
@lilicoding
Hi all,
one more exception....
[IccTA] exception: java.lang.RuntimeException: Trying to create virtual invoke expression for interface type (android.content.ServiceConnection in file null). Use JInterfaceInvokeExpr instead! java.lang.RuntimeException: Trying to create virtual invoke expression for interface type (android.content.ServiceConnection in file null). Use JInterfaceInvokeExpr instead! at soot.jimple.internal.JVirtualInvokeExpr.<init>(JVirtualInvokeExpr.java:48) at soot.jimple.Jimple.newVirtualInvokeExpr(Jimple.java:406) at soot.jimple.infoflow.android.iccta.ICCRedirectionCreator.generateRedirectMethodForBindService(ICCRedirectionCreator.java:465) at soot.jimple.infoflow.android.iccta.ICCRedirectionCreator.getRedirectMethod(ICCRedirectionCreator.java:152) at soot.jimple.infoflow.android.iccta.ICCRedirectionCreator.redirectToDestination(ICCRedirectionCreator.java:67) at soot.jimple.infoflow.android.iccta.AndroidIPCManager.process(AndroidIPCManager.java:168) at soot.jimple.infoflow.android.iccta.AndroidIPCManager.updateJimpleForICC(AndroidIPCManager.java:144) at soot.jimple.infoflow.Infoflow.runAnalysis(Infoflow.java:444) at soot.jimple.infoflow.Infoflow.computeInfoflow(Infoflow.java:301) at soot.jimple.infoflow.android.SetupApplication.runInfoflow(SetupApplication.java:522) at soot.jimple.infoflow.android.iccta.TestApps.FDHelper.runAnalysis(FDHelper.java:125) at soot.jimple.infoflow.android.iccta.TestApps.Test.main(Test.java:124)
Thanks in advance.
Best Regards,
Vitalii
Hi, I am trying to configure ICCTA on my desktop with the following configuration -
OS: Ubuntu 18.08
Java: 11.0.6
I am following this wiki to configure ICCTA. However, when I am trying to retarget my APK using dare, I get the following error -
Unable to open 'ae.gov.dha.dha.dha-12.apk' as zip archive
Not Zip, retrying as DEX
ERROR: unable to open 'ae.gov.dha.dha.dha-12.apk': No such file or directoryI tried this with two different apk files that I am able to unzip using unzip.
Not entirely sure where the issue is. Can you suggest on a workaround?
Thanks.
Hi, when I execute the file runEpicc.sh under the iccProvider/epicc folder,I get the following error. Could you help me with it. Thank you.
Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 5
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:62)
how can I build a inter-component control flow graph? thanks
We have to waste a lot of time to download these repositories and compile them.
Jasmin: https://github.com/Sable/jasmin
Heros: https://github.com/Sable/heros
Soot: https://github.com/Sable/soot
soot-infoflow: https://github.com/secure-software-engineering/soot-infoflow.git
soot-infoflow-android: https://github.com/secure-software-engineering/soot-infoflow-android.git
soot-infoflow-android-iccta: https://github.com/lilicoding/soot-infoflow-android-iccta.git
I analysed some real-life applications. For 2 applications, Epicc reported errors. Details are given below
Warning: android.view.MenuItem$OnMenuItemClickListener is a phantom class!
java.lang.RuntimeException: IOException with com.j256.ormlite.field.DatabaseField: null
at soot.coffi.ClassFile.readClass(ClassFile.java:404)
at soot.coffi.ClassFile.loadClassFile(ClassFile.java:201)
at soot.coffi.Util.resolveFromClassFile(Util.java:85)
at soot.CoffiClassSource.resolve(CoffiClassSource.java:45)
at soot.SootResolver.bringToHierarchy(SootResolver.java:229)
at soot.SootResolver.bringToSignatures(SootResolver.java:252)
at soot.SootResolver.bringToBodies(SootResolver.java:288)
at soot.SootResolver.processResolveWorklist(SootResolver.java:164)
at soot.SootResolver.resolveClass(SootResolver.java:129)
at soot.Scene.forceResolve(Scene.java:1516)
at soot.jimple.interproc.cc.ConnectedComponents.computeConnectedComponents(ConnectedComponents.java:180)
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
Caused by: java.io.EOFException
at java.io.DataInputStream.readInt(DataInputStream.java:392)
at soot.coffi.ClassFile.readClass(ClassFile.java:352)
... 11 more
[Call Graph] For information on where the call graph may be incomplete, use the verbose option to the cg phase.
java.lang.RuntimeException: Trying to create interface invoke expression for non-interface type: com.actionbarsherlock.ActionBarSherlock$Implementation Use JVirtualInvokeExpr or JSpecialInvokeExpr instead!
at soot.jimple.internal.JInterfaceInvokeExpr.(JInterfaceInvokeExpr.java:46)
at soot.jimple.Jimple.newInterfaceInvokeExpr(Jimple.java:433)
at soot.coffi.CFG.generateJimple(CFG.java:4507)
at soot.coffi.CFG.jimplify(CFG.java:1237)
at soot.coffi.CFG.jimplify(CFG.java:925)
at soot.coffi.CoffiMethodSource.getBody(CoffiMethodSource.java:100)
at soot.SootMethod.getBodyFromMethodSource(SootMethod.java:91)
at soot.SootMethod.retrieveActiveBody(SootMethod.java:324)
at soot.jimple.toolkits.callgraph.OnFlyCallGraphBuilder.processNewMethod(OnFlyCallGraphBuilder.java:527)
at soot.jimple.toolkits.callgraph.OnFlyCallGraphBuilder.processReachables(OnFlyCallGraphBuilder.java:418)
at soot.jimple.toolkits.callgraph.CallGraphBuilder.build(CallGraphBuilder.java:84)
at soot.jimple.toolkits.callgraph.CHATransformer.internalTransform(CHATransformer.java:43)
at soot.SceneTransformer.transform(SceneTransformer.java:39)
at soot.SceneTransformer.transform(SceneTransformer.java:45)
at soot.SceneTransformer.transform(SceneTransformer.java:50)
at soot.jimple.interproc.cc.ConnectedComponents.detectEntryPoints(ConnectedComponents.java:416)
at soot.jimple.interproc.cc.ConnectedComponents.computeConnectedComponents(ConnectedComponents.java:225)
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
APK files could not be attached. These can be downloaded from virustotal.
Thanks,
Hi,
For a real-life application Epicc reported following error:
Spark] Pointer Graph simplified in 0.0 seconds.
java.lang.RuntimeException: Type mask not found for type com.sristc.etage.LoadActivity
at soot.jimple.spark.internal.TypeManager.get(TypeManager.java:103)
at soot.jimple.spark.sets.HybridPointsToSet.nativeAddAll(HybridPointsToSet.java:60)
at soot.jimple.spark.sets.HybridPointsToSet.addAll(HybridPointsToSet.java:145)
at soot.jimple.spark.sets.DoublePointsToSet.addAll(DoublePointsToSet.java:61)
at soot.jimple.spark.solver.PropWorklist.handleVarNode(PropWorklist.java:151)
at soot.jimple.spark.solver.PropWorklist.propagate(PropWorklist.java:52)
at soot.jimple.spark.SparkTransformer.internalTransform(SparkTransformer.java:152)
at soot.SceneTransformer.transform(SceneTransformer.java:39)
at soot.Transform.apply(Transform.java:90)
at soot.RadioScenePack.internalApply(RadioScenePack.java:57)
at soot.jimple.toolkits.callgraph.CallGraphPack.internalApply(CallGraphPack.java:49)
at soot.Pack.apply(Pack.java:116)
at soot.PackManager.runWholeProgramPacks(PackManager.java:539)
at soot.PackManager.runPacksNormally(PackManager.java:443)
at soot.PackManager.runPacks(PackManager.java:388)
at soot.jimple.interproc.cc.ConnectedComponents.computeConnectedComponents(ConnectedComponents.java:249)
at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83)
APK file could not be attached. Its MD5 is 16c84ac187f6f3d54ab44bf0eb0b4e12. It can be downloaded from virustotal.
Thanks,
Hi,
Currently, I am exploring your ICCTA tool and try to build it in Eclipse. However, I go through your setup&usage page, I still cannot set it up correctly. The problem seems that current version of Soot-infoflow-android does not apply to ICCTA. (Please check the pic below) Could you provide your Soot related libraries? Thanks.
I use schema to create a database, the result as follow:
1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'icc < E:\360downloads\soot-infoflow-android-iccta-master\res/schema' at line 1
Hi Developers,
i have created a very simple application with a couple of activities and I wanted to test it with your tool. Unfortunately, Epic throws the following exception:
Directory: testspace/com.interappsms.apk/retargeted/retargeted/com.interappsms [*] parsing manifest '/Users/avdiienko/Documents/workspace_android/com.interappsms/bin/com.interappsms.apk' Manifest components links: java.lang.RuntimeException: IOException with android.support.v4.app.FragmentTransaction: null at soot.coffi.ClassFile.readClass(ClassFile.java:404) at soot.coffi.ClassFile.loadClassFile(ClassFile.java:201) at soot.coffi.Util.resolveFromClassFile(Util.java:85) at soot.CoffiClassSource.resolve(CoffiClassSource.java:45) at soot.SootResolver.bringToHierarchy(SootResolver.java:229) at soot.SootResolver.bringToSignatures(SootResolver.java:252) at soot.SootResolver.bringToBodies(SootResolver.java:288) at soot.SootResolver.processResolveWorklist(SootResolver.java:164) at soot.SootResolver.resolveClass(SootResolver.java:129) at soot.Scene.forceResolve(Scene.java:1516) at soot.jimple.interproc.cc.ConnectedComponents.computeConnectedComponents(ConnectedComponents.java:180) at soot.jimple.interproc.cc.TestApps.Epicc.main(Epicc.java:83) Caused by: java.io.EOFException at java.io.DataInputStream.readInt(DataInputStream.java:392) at soot.coffi.ClassFile.readClass(ClassFile.java:352) ... 11 more
I will send you my APK by email if you need it in order to reproduce the issue.
Thank you in advance.
Best Regards,
Vitalii
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.