search

CryptoGuardOSS / cryptoguard

GNU General Public License v3.0
106 stars 30 forks source link

Adding Multidex Support To Ensure All APK Classes are Scanned #9

Closed LordAmit closed 4 years ago

LordAmit commented 4 years ago

CryptoGuard currently does not properly scan multidex apk file, and only looks at classes.dex file regardless of the dex files included in an apk file.

CryptoGuard uses Soot and dexlib2 for analyzing apks. However, the followings were found:

As a result, apks were not being properly analyzed. To fix that, the following changes were necessary

Change in ApkAnalyzer.java

Options.v().set_process_multiple_dex(true);

This allows Soot to handle multidex based class files.

Change in Utils.java and dexlib2 version

public class Utils {

    File zipFile = new File(apkfile);

-        DexFile dexFile = DexFileFactory.loadDexEntry(zipFile, "classes.dex", true, Opcodes.forApi(23));
+        ZipDexContainer zipContainer = (ZipDexContainer) DexFileFactory.loadDexContainer(zipFile,Opcodes.forApi(23));

-        for (ClassDef classDef : dexFile.getClasses()) {
-            String className = classDef.getType().replace('/', '.');
-            if (!className.contains("android."))
-                classNames.add(className.substring(1, className.length() - 1));
+        for(String dexEntryName: zipContainer.getDexEntryNames()){
+            DexFile dexFile = DexFileFactory.loadDexEntry(zipFile, dexEntryName, true, Opcodes.forApi(23));
+
+            for (ClassDef classDef : dexFile.getClasses()) {
+                String className = classDef.getType().replace('/', '.');
+                if (!className.contains("android.")){
+                    classNames.add(className.substring(1, className.length() - 1));
+                }
+            }
         }

Several necessary changes are happening here: