【Recap】AnDarwin Workflow

Tools

dex2jar
https://github.com/pxb1988/dex2jar

enjarify
https://github.com/Storyyeller/enjarify

soot nightly build
https://soot-build.cs.upb.de/public/origin/develop/soot/soot-develop/build/

keen team 科恩实验室使用 soot 的项目 (flanker)
https://github.com/flankerhqd/JAADAS

soot 3.0.1 release
https://soot-build.cs.upb.de/public/origin/master/soot/soot-master/3.0.1/build/

soot github
https://github.com/Sable/soot.git

soot-infoflow-android
https://github.com/secure-software-engineering/soot-infoflow-android

FlowDroid
https://github.com/secure-software-engineering/FlowDroid

wiki
https://github.com/Sable/soot/wiki/Running-Soot

Java Control Flow Graphs Library
https://stackoverflow.com/questions/8124838/java-control-flow-graphs-library

Tool for generating control flow in Java
https://stackoverflow.com/questions/4773858/tool-for-generating-control-flow-in-java

AnDarwin Workflow

unzip com.wise.zhubaoscb -d ./com_wise_zhubao
cd ./com_wise_zhubao
tree -P "*.dex|*.arsc|Android*"  `pwd`

cd ..
./dex-tools-2.1-SNAPSHOT/d2j-dex2jar.sh com_wise_zhubaoscb/classes.dex
unzip classes-dex2jar.jar -d ./dex_com_wise_zhubao

核心流程

数据量级说明， 10W 量级的 apk 大约能产生 500W 量级的 method_feature (不精确估计)

• #Android
• #Java