android applications reverse engineering
DESCRIPTION
Amel LIMAM Wafa BEN ALI Olivier MARTY Sahar SOULAIH Benjamin BRUSA Imededdine HOSNI. Supervisors Jean-Rémy FALLERI Xavier BLANC. Android Applications Reverse Engineering. AndroCheck. Outline. Overview. 1. Specifications. 2. Tools. 3. Application’s architecture. 4. - PowerPoint PPT PresentationTRANSCRIPT
Android Applications Reverse Engineering
Amel LIMAMWafa BEN ALIOlivier MARTYSahar SOULAIHBenjamin BRUSAImededdine HOSNI
AndroCheck
SupervisorsJean-Rémy FALLERIXavier BLANC
Tools
Overview
Specifications
Application’s architecture
Implementation
Results
Project management
1
2
5
3
4
6
7
Outline
Overview►Increasing number of applications available in Android Markets
►There is no assumption about the developer’s programming skills
►Android applications contain more and more different artifacts and coherence is needed
? •What about application’s structure ? •Is it assured not to crash ?
Main objectives
Specifications
4
Static code analyzer to check requirements
Modular software to ease evolution and adding features
Software compatible with Eclipse environment and ADT
5
Android Platform
Generated at compilation
Android Platform
6
Need mechanisms to check syntax, type consistency, and data flow before compilation and execution
R.javaJava Resources XML descriptors
setContentView(R.layout.myLayout);ObjectType obj = (ObjectType)findViewById(R.id.ObjectId)
<ObjectType android:id="@+id/ObjectId"></ObjectType>
myLayout.xml
myActivity.java
Android Platform
7
Specifications
8
First requirement
Second requirement
Third requirement
A Java object instantiated in the main code must be declared in its corresponding XML layout.
The cast type of a Java object at its instantiation must be compatible with the type of the object declared in the XML layout.
Any useless XML layout must be reported to the developer
Modeling framework and code generation facility
►To develop and manage the whole application life cycle
►To focus on the model.►The model itself is described in a meta-model.
Eclipse Modeling Framework
9
Metamodeling ?► The construction of a collection of concepts within a certain domain
Meta-ModelAnother abstractionModel structure
ModelAn abstraction of phenomena in the real world
Application
Eclipse Modeling Framework
10
UML
XML Schema
…
Impo
rt Ecore Model(.ecore)
Gen Model(.genmodel)
Javacode
Typical EMF usage scenario
11
Application’s architecture
Parsers
► JDT (Java Development Tooling) parser provides APIs to manipulate Java source code
▲ Tree Structure based API : AST (Abstract Syntax Tree)
▲Use an AST parser▲Visit a specific element
Exemple : method invocation, Type, function, class …
The AST representation defines an API to modify, create, read and delete source code.
► Example
public boolean visit(MethodInvocation method){if(method.getName().getIdentifier().equals("findViewById")){
Processing1();}if(method.getName().getIdentifier().equals("setContentView")
){Processing2();
}return true;
}
Java Parser
► DOM (Document Object Model ) parser - Tree Structure based API
The Dom parser implements the DOM API and it creates a DOM tree in memory for a XML document► When to use DOM parser
▲Manipulate the document▲Traverse the document back and forth▲Small XML files
► Drawbacks of DOM parser Consumes lot of memory
XML Parser
<?xml version="1.0" encoding="utf-8"?>
<LinearLayout>
<ListView android:id="@+id/list android:layout_width="fill_parent" android:layout_height="fill_parent" android:layout_weight="1"/>
<Button android:id="@+id/button1" android:layout_width="fill_parent" android:layout_height="wrap_content" android:text="Clear Cache"/>
</LinearLayout>
Node Linear Layout
Node ListView• Attribute• Android:id• Attrinute Android:layout-width• Attrinute Android:layout-heigth
Node Button • Attribute• Android:id• Attrinute Android:layout-width• Attrinute Android:layout-heigth
Document Object Tree
XML ParserXML Document
Model and properties check
Applications’ Metamodel
► Using androidElementsFactory in order to
create model elements.► Instantiate EMF model with java and XML
elements.► Comparison between java and XML elements
properties.
Model instance and properties check
IdentifierTypeFile
XML ElementsId
CastFile
Java Elements
Application’s architecture
Java code describing the interface
describing the plug-in and its dependencies
Plugin’s Architecture
21
PDEPlugin Development
Environment
Plugin A
Plugin B
Core
User Interface
Workbench
JFace
SWT
Workspace
Runtime
Eclipse Platform
JDTJava Development Tools
ExtensionPoint Extension
Plugin’s Architecture
Creating a Plugin
23
Create a new plug-in
Add a View Extension to the
plugin.xml file
Define a View Class for the
Extension within the Plug-in
►Create a plug-in project►Define a plugin.xml file: contains a declaration of the plug-in id, name, pre-requisites,...
XML code added to the plugin.xml file▲Id: a unique name that will be used to identify the view▲name : a translatable name that will be used in the UI for the view▲Icon: a relative name of the icon that will be associated with the view▲Class: a fully qualified name of the class that implements
graphical elements of the interface
Update Site► Contains all required components for the plugin to funtion.► supports installation over the web via an installation url to avoid a
separate download.
Features directory
Plugins directory feature.xmlfile
update site components
Update site
Featurea list of plugins and other features which can be understood as a logical separate unit
maintain the properties •Modify feature name •Add new plugins
feature.xmlfile
24
GUI
25
Demo
26
Project Management
27
SVNHandle collaborative work on project’s source code
Google documents•Requirements•Gantt diagram•Division of labour
•Short and frequent meetings
•Roadmap
• Sprints of 1 to 2 weeks
• Objectifs’ evaluation
Wiki centralise project informationhttp://projets9androidapps.wiki-site.com/index.php/Accueil
Problems ListListing bugs and problems with date of detection, gravity and status
Tools Organizational method
Gantt
28
Durée S1 S2 S3 S4 S1 S2 S3 S4 S1 S2 S3 S4 S1 S2 S3 S4 S1 S2 S3 S4
2 SMise en place des outils de travail collaboratif 1 SFeuille d'organisation de groupe 1 S
4 SPrise en main Android 1 SEtude EMF 1 SManipulation d'EMF 2SEtude des besoins 2 SDocument de specification fonctionnelle 3 SRecherche d'exemples de méta-modèles 2S
5 SEtude des artefacts d'une application Android 4 SÉlaboration d'un méta-modèle 3 S
4SMise en place d'un prototype 3 SAjout des vérifications 3 S
5 SRédaction du rapport 3 SPréparation de la soutenance 3 S
Reverse-engineering d'applications Android 2010 2011
OCT NOV DEC JAN FEV
Finalisation du projet
Livrables
Phase de planning et d'organisation
Etude du projet
Phase de Conception
Phase d'implémentation
Thank you
Do You Have Any Questions ?
29