android applications reverse engineering

Android Applications Reverse Engineering

Amel LIMAMWafa BEN ALIOlivier MARTYSahar SOULAIHBenjamin BRUSAImededdine HOSNI

AndroCheck

SupervisorsJean-Rémy FALLERIXavier BLANC

Tools

Overview

Specifications

Application’s architecture

Implementation

Results

Project management

1

2

5

3

4

6

7

Outline

Overview►Increasing number of applications available in Android Markets

►There is no assumption about the developer’s programming skills

►Android applications contain more and more different artifacts and coherence is needed

? •What about application’s structure ? •Is it assured not to crash ?

Main objectives

Specifications

4

Static code analyzer to check requirements

Modular software to ease evolution and adding features

Software compatible with Eclipse environment and ADT

5

Android Platform

Generated at compilation

Android Platform

6

Need mechanisms to check syntax, type consistency, and data flow before compilation and execution

R.javaJava Resources XML descriptors

setContentView(R.layout.myLayout);ObjectType obj = (ObjectType)findViewById(R.id.ObjectId)

<ObjectType android:id="@+id/ObjectId"></ObjectType>

myLayout.xml

myActivity.java

Android Platform

7

Specifications

8

First requirement

Second requirement

Third requirement

A Java object instantiated in the main code must be declared in its corresponding XML layout.

The cast type of a Java object at its instantiation must be compatible with the type of the object declared in the XML layout.

Any useless XML layout must be reported to the developer

Modeling framework and code generation facility

►To develop and manage the whole application life cycle

►To focus on the model.►The model itself is described in a meta-model.

Eclipse Modeling Framework

9

Metamodeling ?► The construction of a collection of concepts within a certain domain

Meta-ModelAnother abstractionModel structure

ModelAn abstraction of phenomena in the real world

Application

Eclipse Modeling Framework

10

UML

XML Schema

…

Impo

rt Ecore Model(.ecore)

Gen Model(.genmodel)

Javacode

Typical EMF usage scenario

11

Application’s architecture

Parsers

► JDT (Java Development Tooling) parser provides APIs to manipulate Java source code

▲ Tree Structure based API : AST (Abstract Syntax Tree)

▲Use an AST parser▲Visit a specific element

Exemple : method invocation, Type, function, class …

The AST representation defines an API to modify, create, read and delete source code.

► Example

public boolean visit(MethodInvocation method){if(method.getName().getIdentifier().equals("findViewById")){

Processing1();}if(method.getName().getIdentifier().equals("setContentView")

){Processing2();

}return true;

}

Java Parser

► DOM (Document Object Model ) parser - Tree Structure based API

The Dom parser implements the DOM API and it creates a DOM tree in memory for a XML document► When to use DOM parser

▲Manipulate the document▲Traverse the document back and forth▲Small XML files

► Drawbacks of DOM parser Consumes lot of memory

XML Parser

<?xml version="1.0" encoding="utf-8"?>

<LinearLayout>

<ListView android:id="@+id/list  android:layout_width="fill_parent" android:layout_height="fill_parent" android:layout_weight="1"/>

<Button android:id="@+id/button1" android:layout_width="fill_parent" android:layout_height="wrap_content" android:text="Clear Cache"/>

</LinearLayout>

Node Linear Layout

Node ListView• Attribute• Android:id• Attrinute Android:layout-width• Attrinute Android:layout-heigth

Node Button • Attribute• Android:id• Attrinute Android:layout-width• Attrinute Android:layout-heigth

Document Object Tree

XML ParserXML Document

Model and properties check

Applications’ Metamodel

► Using androidElementsFactory in order to

create model elements.► Instantiate EMF model with java and XML

elements.► Comparison between java and XML elements

properties.

Model instance and properties check

IdentifierTypeFile

XML ElementsId

CastFile

Java Elements

Application’s architecture

Java code describing the interface

describing the plug-in and its dependencies

Plugin’s Architecture

21

PDEPlugin Development

Environment

Plugin A

Plugin B

Core

User Interface

Workbench

JFace

SWT

Workspace

Runtime

Eclipse Platform

JDTJava Development Tools

ExtensionPoint Extension

Plugin’s Architecture

Creating a Plugin

23

Create a new plug-in

Add a View Extension to the

plugin.xml file

Define a View Class for the

Extension within the Plug-in

►Create a plug-in project►Define a plugin.xml file: contains a declaration of the plug-in id, name, pre-requisites,...

XML code added to the plugin.xml file▲Id: a unique name that will be used to identify the view▲name : a translatable name that will be used in the UI for the view▲Icon: a relative name of the icon that will be associated with the view▲Class: a fully qualified name of the class that implements

graphical elements of the interface

Update Site► Contains all required components for the plugin to funtion.► supports installation over the web via an installation url to avoid a

separate download.

Features directory

Plugins directory feature.xmlfile

update site components

Update site

Featurea list of plugins and other features which can be understood as a logical separate unit

maintain the properties •Modify feature name •Add new plugins

feature.xmlfile

24

GUI

25

Demo

26

Project Management

27

SVNHandle collaborative work on project’s source code

Google documents•Requirements•Gantt diagram•Division of labour

•Short and frequent meetings

•Roadmap

• Sprints of 1 to 2 weeks

• Objectifs’ evaluation

Wiki centralise project informationhttp://projets9androidapps.wiki-site.com/index.php/Accueil

Problems ListListing bugs and problems with date of detection, gravity and status

Tools Organizational method

Gantt

28

Durée S1 S2 S3 S4 S1 S2 S3 S4 S1 S2 S3 S4 S1 S2 S3 S4 S1 S2 S3 S4

2 SMise en place des outils de travail collaboratif 1 SFeuille d'organisation de groupe 1 S

4 SPrise en main Android 1 SEtude EMF 1 SManipulation d'EMF 2SEtude des besoins 2 SDocument de specification fonctionnelle 3 SRecherche d'exemples de méta-modèles 2S

5 SEtude des artefacts d'une application Android 4 SÉlaboration d'un méta-modèle 3 S

4SMise en place d'un prototype 3 SAjout des vérifications 3 S

5 SRédaction du rapport 3 SPréparation de la soutenance 3 S

Reverse-engineering d'applications Android 2010 2011

OCT NOV DEC JAN FEV

Finalisation du projet

Livrables

Phase de planning et d'organisation

Etude du projet

Phase de Conception

Phase d'implémentation

Thank you

Do You Have Any Questions ?

29