search

siis / ic3

IC3: Inter-Component Communication Analysis in Android
http://siis.cse.psu.edu/ic3/
Apache License 2.0
36 stars 21 forks source link

How to read the result #10

Closed Mac85 closed 8 years ago

Mac85 commented 8 years ago

Hi, I have runned ic3 with an app of DroidBanch, it's called "ImplicitFlow2". I get these information:

Warning: java.lang.invoke.LambdaMetafactory is a phantom class! Warning: java.lang.ref.Finalizer is a phantom class! Warning: de.ecspride.ImplicitFlow2 is a phantom class! [main] INFO soot.jimple.infoflow.entryPointCreators.AndroidEntryPointCreator - Generated main method: public static void dummyMainMethod() { int $i0;

    $i0 = 0;

 label1:
    if $i0 == 2 goto label1;

    return;
}

[Call Graph] For information on where the call graph may be incomplete, use the verbose option to the cg phase. [Spark] Pointer Assignment Graph in 0.0 seconds. [Spark] Type masks in 0.0 seconds. [Spark] Pointer Graph simplified in 0.0 seconds. [Spark] Propagation in 0.0 seconds. [Spark] Solution found in 0.0 seconds. Callback analysis done. Warning: RelativeLayout is a phantom class! Warning: de.ecspride.RelativeLayout is a phantom class! Warning: android.view.RelativeLayout is a phantom class! Warning: EditText is a phantom class! Warning: de.ecspride.EditText is a phantom class! Warning: android.view.EditText is a phantom class! Warning: requestFocus is a phantom class! Warning: de.ecspride.requestFocus is a phantom class! Warning: android.view.requestFocus is a phantom class! Warning: android.widget.requestFocus is a phantom class! Warning: android.webkit.requestFocus is a phantom class! Could not find layout class requestFocus Warning: Button is a phantom class! Warning: de.ecspride.Button is a phantom class! Warning: android.view.Button is a phantom class! Found 1 layout controls in file res/layout/activity_implicit_flow2.xml [main] INFO edu.psu.cse.siis.ic3.SetupApplication - Entry point calculation done. Warning: de.ecspride.ImplicitFlow2 is a phantom class! [main] INFO soot.jimple.infoflow.entryPointCreators.AndroidEntryPointCreator - Generated main method: public static void dummyMainMethod() { int $i0;

    $i0 = 0;

 label1:
    if $i0 == 2 goto label1;

    return;
}

[Call Graph] For information on where the call graph may be incomplete, use the verbose option to the cg phase. [Spark] Pointer Assignment Graph in 0.0 seconds. [Spark] Type masks in 0.0 seconds. [Spark] Pointer Graph simplified in 0.0 seconds. [Spark] Propagation in 0.0 seconds. [Spark] Solution found in 0.0 seconds. [main] INFO edu.psu.cse.siis.coal.PropagationSceneTransformer - Solving propagation problem (iteration 0) [main] INFO edu.psu.cse.siis.coal.PropagationSceneTransformer - Reached a fixed point Transforming android.content.Intent... Transforming android.content.IntentFilter... Transforming android.os.Bundle... Transforming android.content.ComponentName... Transforming android.app.Activity... Transforming dummyMainClass... Transforming de.ecspride.ImplicitFlow2...

**_Manifest_** Exception in thread "main" java.lang.NullPointerException at edu.psu.cse.siis.ic3.Ic3Analysis.processResults(Ic3Analysis.java:278) at edu.psu.cse.siis.ic3.Ic3Analysis.processResults(Ic3Analysis.java:65) at edu.psu.cse.siis.coal.Analysis.performAnalysis(Analysis.java:70) at edu.psu.cse.siis.ic3.Main.main(Main.java:14)

how to understand if there are any leaks? There are errors in the execution of ic3?

docteau commented 8 years ago

Hi,

It looks like IC3 is not finding any class. Could you make sure that you are pointing it to the right directory. A common source of error, if you're using Dara for retargeting, is that Dare outputs retargeted classes to a retargeted/<app_name> directory under its output directory. This retargeted/<app_name> subdirectory should be used as the input of IC3.

Best, Damien

Mac85 commented 8 years ago

Thanks for your reply. However, it’s doesn’t work. Insted Epicc now works. I analyzed a real app, but I don’t know the results. Can you tell me which are important information that I must read into the file?Please?

Il giorno 28 nov 2015, alle ore 09:36, Damien Octeau notifications@github.com ha scritto:

Hi,

It looks like IC3 is not finding any class. Could you make sure that you are pointing it to the right directory. A common source of error, if you're using Dara for retargeting, is that Dare outputs retargeted classes to a retargeted/ directory under its output directory. This retargeted/ subdirectory should be used as the input of IC3.

Best, Damien

— Reply to this email directly or view it on GitHub https://github.com/siis/ic3/issues/10#issuecomment-160264634.

Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/EmailPhotoActivity$1/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/SnappiiTabGroupActivity$4/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/DrawActivity$3/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/google/zxing/client/android/share/ShareActivity/launchSearch(Ljava/lang/String;)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Protected System Broadcast w/o action check: receiver component:{android/content/BroadcastReceiver} does not check for {0} Possible Broadcast Theft (Sniffing): com/paypal/android/MEP/a/d$1/b()@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/NearbyItemActivity/openBrowser(Ljava/lang/String;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/adapters/FinishedAppListArrayAdapter/showMarket(I)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FormTabActivity$45/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/NearbyItemActivity/sms(Ljava/lang/String;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/MEP/a/d$1/b(I)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/MEP/a/d$1/a(I)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/MEP/a/d/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/a/b/a(Lorg/w3c/dom/Document;Ljava/lang/String;)@0, Source Line: 0, hasExtras=mixed, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/a/b/v()@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/a/b/x()@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/a/b/z()@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/a/k/run()@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/a/k/run()@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/a/b/y()@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/a/b/y()@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FavoritesTabActivity/onListItemClick(Landroid/widget/ListView;Landroid/view/View;IJ)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/MEP/a/d$1/a()@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/AppRater$1/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/MoreTabActivity$3/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/CustomTabActivity$31/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/BrowserTabActivity/onCreate(Landroid/os/Bundle;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/BrowserTabActivity/onCreate(Landroid/os/Bundle;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/CustomTabActivity/showBrowser(Lcom/snappii/angel_investingnews_v10/buttons/BrowserButton;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/CustomTabActivity/showBrowser(Lcom/snappii/angel_investingnews_v10/buttons/BrowserButton;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FormTabActivity/showQRScanner(I)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/SnappiiTabGroupActivity$2/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/PoweredByTabActivity$1/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRCouponActivity$8/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/CustomTabActivity/showQRScanner(I)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/MoreTabActivity$2/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/PoweredByTabActivity$4/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/PoweredByTabActivity$3/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/google/zxing/client/android/book/BrowseBookListener/onItemClick(Landroid/widget/AdapterView;Landroid/view/View;IJ)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/SnappiiTabGroupActivity$3/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/CustomTabActivity$29/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRCouponActivity$9/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/NearbyItemActivity/addToContact(Ljava/lang/String;Ljava/lang/String;)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/CustomTabActivity$30/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/NotificationViewActivity$1/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FormTabActivity/sendEmail(Ljava/lang/String;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRCouponActivity$7/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/SearchResultActivity/share()@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRCouponActivity$3/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Malicious Broadcast Injection: firstpart_com/paypal/android/MEP/PayPalActivity/b()@0, 0 Possible Malicious Broadcast Injection: firstpart_com/paypal/android/MEP/PayPalActivity/b()@0, 0 Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/EmailPhotoActivity/startCameraActivity()@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/google/zxing/client/android/CaptureActivityHandler/handleMessage(Landroid/os/Message;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FormTabActivity$46/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FormTabActivity/showBrowser(Lcom/snappii/angel_investingnews_v10/buttons/BrowserButton;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FormTabActivity/showBrowser(Lcom/snappii/angel_investingnews_v10/buttons/BrowserButton;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/MEP/b/a/a(ILjava/lang/Object;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/MEP/b/a/a(ILjava/lang/Object;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/MEP/b/d/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Broadcast Theft (Sniffing): com/paypal/android/MEP/b/d/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/CustomTabActivity/call(Ljava/lang/String;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/google/zxing/client/android/CaptureActivity$1/onClick(Landroid/content/DialogInterface;I)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FormTabActivity/call(Ljava/lang/String;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/MoreTabActivity/onListItemClick(Landroid/widget/ListView;Landroid/view/View;IJ)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/MoreTabActivity/onListItemClick(Landroid/widget/ListView;Landroid/view/View;IJ)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/AppActivity$8/onClick(Landroid/content/DialogInterface;I)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/NearbyItemActivity/call(Ljava/lang/String;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/AppActivity/onOptionsItemSelected(Landroid/view/MenuItem;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/AppActivity/onOptionsItemSelected(Landroid/view/MenuItem;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FormTabActivity/onActivityResult(IILandroid/content/Intent;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/facebook/android/FbDialog$FbWebViewClient/shouldOverrideUrlLoading(Landroid/webkit/WebView;Ljava/lang/String;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/MoreTabActivity$4/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRCouponActivity$2/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/google/zxing/client/android/share/ShareActivity$1/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/RSSItemActivity/showBrowser()@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/CustomTabActivity/sendEmail(Ljava/lang/String;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/FormTabActivity$44/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRCouponActivity$5/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRBaseActivity/onResume()@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRBaseActivity/onCreate(Landroid/os/Bundle;)@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/NearbyItemActivity/share()@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/NearbyItemActivity/sendEmail(Ljava/lang/String;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/AppActivity$7/onClick(Landroid/content/DialogInterface;I)@0, Source Line: 0, hasExtras=false, hasRead=false, hasWrite=false Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/PoweredByTabActivity$2/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRCodeButtonActivity/share()@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Activity Hijacking: com/snappii/angel_investingnews_v10/activities/QRCouponActivity$10/onClick(Landroid/view/View;)@0, Source Line: 0, hasExtras=true, hasRead=mixed, hasWrite=mixed Possible Service Hijacking: com/snappii/angel_investingnews_v10/SplashScreen/RegisterForNotification()@0, Source Line: 0, hasExtras=true, hasRead=false, hasWrite=false Possible Malicious Activity Launch: com/snappii/angel_investingnews_v10/activities/SearchTabActivity, 0 Possible Malicious Broadcast Injection: com/snappii/angel_investingnews_v10/C2DMRegistrationReceiver, 0 Possible Malicious Broadcast Injection: com/snappii/angel_investingnews_v10/C2DMMessageReceiver, 0

vitaliiavdiienko commented 8 years ago

Hi,

please try to apply the same as I proposed in #12 here. As Damien wrote, you did a mistake in configuring IC3 tool.

Epicc is a quite outdated and has been replaced with IC3.

I analyzed a real app, but I don’t know the results.

IC3 populates MySQL database cc. You can find a lot of interesting information there.

IC3 also supports protocol buffers. More info can be found here

Best Regards, Vitalii