these-ammii/thesis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

wip
Some checks failed
/ test_checkout (push) Failing after 1s
Details

Browse source
This commit is contained in:
Jean-Marie Mineau 2025-07-08 15:52:37 +02:00
parent 65baae4d0d
commit f4163d8c91
Signed by: histausse
GPG key ID: B66AEEDA9B645AD2
2 changed files with 32 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

35
2_background/X_tools.typ
View file

@ -5,11 +5,9 @@
Due to the specificities of Android, the usual tools for reverse engineering are not enough. Due to the specificities of Android, the usual tools for reverse engineering are not enough.
#todo[blabla intro in @sec:bg-tools] #todo[blabla intro in @sec:bg-tools]
#todo[References in @sec:bg-tools]
=== Android Studio <sec:bg-android-studio> === Android Studio <sec:bg-android-studio>
The whole Android developement ecosystem is packaged by Google in the #IDE Android Studio. The whole Android developement ecosystem is packaged by Google in the #IDE Android Studio#footnote[https://developer.android.com/studio].
In practice, Android Studio is a source-code editor that wrap arround the different tools of the android #SDK. In practice, Android Studio is a source-code editor that wrap arround the different tools of the android #SDK.
The #SDK tools and packages can be installed manually with the `sdkmanager` tool. The #SDK tools and packages can be installed manually with the `sdkmanager` tool.
Among the notable tools in the #SDK, they are: Among the notable tools in the #SDK, they are:
@ -35,17 +33,42 @@ Among the notable tools in the #SDK, they are:
=== Apktool <sec:bg-apktool> === Apktool <sec:bg-apktool>
Apktool is a *reengineering tool* for Android #APK files. Apktool#footnote[https://apktool.org/] is a _reengineering tool_ for Android #APK files.
It can be used to disassemble an application: it will extract the files from the #APK file, convert the binary #AXML to text #XML, and use smali/backsmali to convert the #DEX files to smali, an assembler-like langage that match the Dalvik bytecode instructions. It can be used to disassemble an application: it will extract the files from the #APK file, convert the binary #AXML to text #XML, and use smali/backsmali#footnote[https://github.com/JesusFreke/smali] to convert the #DEX files to smali, an assembler-like langage that match the Dalvik bytecode instructions.
The main strenght of Apktool is that after having disassemble an application, the content of the application can be edited and reassemble into a new #APK. The main strenght of Apktool is that after having disassemble an application, the content of the application can be edited and reassemble into a new #APK.
=== Androguard <sec:bg-androguard> === Androguard <sec:bg-androguard>
Androguard is a python library for parsing and analysing #APK files. #todo[ref to androguard paper]
Androguard#footnote[https://github.com/androguard/androguard] is a python library for parsing and analysing #APK files.
Its main feature is disassembling #APK files.
It can be used to automatically read Android manifests, ressources, and bytecode.
Contrary to Apktool, it can be used programatically, whithout parsing text files, to analyse the application, but it cannot repackage a modified application.
In addition, it can perform additionnal analysis, like computing a call graph or control flow graph.
=== Jadx <sec:bg-jadx> === Jadx <sec:bg-jadx>
Jadx#footnote[https://github.com/skylot/jadx] is an application decompiler.
It convert #DEX files to Java source code.
It is not always capable of decompiling all classes of an application, so it cannot be used to recompile a new application, but the code generated can be verry helpfull to reverse an application.
In addition to decompilling #DEX files, Jadx can also decode Android manifests and application ressources.
=== Soot <sec:bg-soot> === Soot <sec:bg-soot>
#todo[soot ref]
Soot#footnote[https://github.com/soot-oss/soot] is a Java optimization framework.
It can leaft java bytecode to other intermediate representations that can be used to perform optimization then converted back to bytecode.
Because Dalvik bytecode and Java bytecode are equivalent, support for Android was added to Soot, and Soot features are now leveraged to analyse Android applications.
One of the best known example of Soot usage for Android analysis is Flowdroid #todo[ref], a tool that compute data flow in an application.
A new version of Soot, SootUp#footnote[https://github.com/soot-oss/SootUp], is currently beeing worked on.
Compared to Soot, it has a modernize interface and architecture, but it is not yet feature complete and some tools like Flowdroid are still using Soot.
=== Frida <sec:bg-frida> === Frida <sec:bg-frida>
Fidra#footnote[https://frida.re/] is a dynamic intrumentation toolki.

5
2_background/main.typ
View file

@ -1,12 +1,13 @@
#import "../lib.typ": todo #import "../lib.typ": todo, epigraph
= Background <sec:bg> = Background <sec:bg>
#epigraph("Alexis \"Lex\" Murphy, Jurassic Park")[This is a Unix system. I know this.]
#todo[Present field background and related work] #todo[Present field background and related work]
#include("X_android.typ") #include("X_android.typ")
#include("X_tools.typ") #include("X_tools.typ")
#text(fill: luma(75%), lorem(200))
/* /*
* Cours generique sur android * Cours generique sur android