fuzzy class comp

2024-11-19 21:09:08 +01:00 · 2024-11-19 21:09:08 +01:00 · 0b572e1885
commit 0b572e1885
parent ad789abc7b
4 changed files with 252 additions and 2 deletions
--- a/android_class_shadowing_scanner/init.py
+++ b/android_class_shadowing_scanner/init.py
@ -17,6 +17,7 @@ from androguard.core.apk import APK  # type: ignore
 from .androzoo import download_apk
 from .data import ApkData, load_from_directory
 from .cmp_smali import cmp_smali
 from .analysis import analyze
@ -618,7 +619,12 @@ def check_smali_platform():
                for smalli_dir in smalli_dirs:
                    if (smalli_dir / cl_f).exists():
                        with (smalli_dir / cl_f).open("r") as file:
-                            if file.read() != plt_smali:
+                            if not cmp_smali(
                                file.read(),
                                plt_smali,
                                sha256,
                                f"{a_sdk_dir / 'platform'}",
                            ):
                                plat_diff_smalli.add(cl)
                                break
@ -641,13 +647,28 @@ def check_smali_platform():
                for smalli_dir in smalli_dirs:
                    if (smalli_dir / cl_f).exists():
                        with (smalli_dir / cl_f).open("r") as file:
-                            if file.read() != sdk_smali:
+                            if not cmp_smali(
                                file.read(), sdk_smali, sha256, f"{a_sdk_dir / 'sdk'}"
                            ):
                                sdk_diff_smalli.add(cl)
                                break
            data[f"sdk_{sdk_v}_diff_smalli"] = list(sdk_diff_smalli)
            data[f"platform_{sdk_v}_diff_smalli"] = list(plat_diff_smalli)
        for cl in data["duplicated_classes"]:
            cl_f = cl.removesuffix(";").removeprefix("L") + ".smali"
            smali = None
            for cdir in smalli_dirs:
                if (cdir / cl_f).exists():
                    with (cdir / cl_f).open() as file:
                        smali_new = file.read()
                    if smali is None:
                        smali = smali_new
                    elif not cmp_smali(smali, smali_new, sha256, sha256):
                        dist_dup_classes.add(cl)
        data["redef_classes"] = list(dist_dup_classes)
    if args.output_dir:
        with (args.output_dir / sha256).open("w") as file:
            json.dump(data, file)
--- a/android_class_shadowing_scanner/cmp_smali.py
+++ b/android_class_shadowing_scanner/cmp_smali.py
@ -0,0 +1,53 @@
 def cmp_smali(sm1: str, sm2: str, sha256_1: str = "", sha256_2: str = "") -> bool:
    meths_1 = get_methods(sm1, sha256_1)
    meths_2 = get_methods(sm2, sha256_2)
    if set(meths_1.keys()) != set(meths_2.keys()):
        return False
    for m in meths_1.keys():
        s1 = meths_1[m]
        s2 = meths_2[m]
        for b1 in s1:
            match = False
            for b2 in s2:
                if b1 == b2:
                    match = True
                    break
            if not match:
                return False
        for b2 in s2:
            match = False
            for b1 in s1:
                if b1 == b2:
                    match = True
                    break
            if not match:
                return False
    return True
 def get_methods(sm: str, sha256: str = "") -> dict[str, list[list[str]]]:
    class_name = "UNINITIALIZED"
    current_meth: None | str = None
    current_body: list[str] = []
    rest: dict[str, list[list[str]]] = {}
    for line in sm.split("\n"):
        striped = line.strip()
        if striped.startswith(".class "):
            class_name = striped.split(" ")[-1]
        if striped == ".end method":
            if current_meth is None:
                print(f"ERROR PARSING SMALI of {class_name} {sha256}")
            else:
                if current_meth not in rest:
                    rest[current_meth] = []
                rest[current_meth].append(current_body)
            current_body = []
            current_meth = None
        if current_meth is not None and striped and not striped.startswith(".line "):
            current_body.append(striped)
        if striped.startswith(".method "):
            if current_meth is not None:
                print(f"ERROR PARSING SMALI of {class_name} {sha256}")
            current_meth = striped.split(" ")[-1]
            current_body = []
    return rest
--- a/android_class_shadowing_scanner/data_mining.py
+++ b/android_class_shadowing_scanner/data_mining.py
@ -6,9 +6,16 @@ from pathlib import Path
 from .platform_classes import MIN_MAX_SDK
 from matplotlib import pyplot as plt
 import matplotlib
 def stats(db: Path, out: Path, folder_plat_diff_smali: Path, detail_class_redef: Path):
    occ_sdk34 = {}
    occ_hid34 = {}
    occ_self_redef = {}
    occ_self = {}
    nb_sdk_cl_redef = 0
    nb_sdk_cl_id = 0
    nb_app_sdk_cl_redef = 0
@ -23,6 +30,9 @@ def stats(db: Path, out: Path, folder_plat_diff_smali: Path, detail_class_redef:
        l_nb_sdk_cl_id = 0
        for cl in data["sdk_34_classes"]:
            nb_sdk_cl_redef += 1
            if cl not in occ_sdk34:
                occ_sdk34[cl] = 0
            occ_sdk34[cl] += 1
            if any(
                [
                    cl not in data[lst]
@ -45,6 +55,9 @@ def stats(db: Path, out: Path, folder_plat_diff_smali: Path, detail_class_redef:
        l_nb_hid_cl_id = 0
        for cl in data["platform_non_sdk_34_classes"]:
            if cl not in occ_hid34:
                occ_hid34[cl] = 0
            occ_hid34[cl] += 1
            nb_hid_cl_redef += 1
            if any(
                [
@ -72,6 +85,14 @@ def stats(db: Path, out: Path, folder_plat_diff_smali: Path, detail_class_redef:
    with detail_class_redef.open("r") as fd:
        data = json.load(fd)
    for v in data.values():
        for cl in v["redef_classes"]:
            if cl not in occ_self_redef:
                occ_self_redef[cl] = 0
            occ_self_redef[cl] += 1
        for cl in v["duplicated_classes"]:
            if cl not in occ_self:
                occ_self[cl] = 0
            occ_self[cl] += 1
        if v["duplicated_classes"]:
            nb_app_self_shadow += 1
        if v["duplicated_classes"] and not v["redef_classes"]:
@ -233,6 +254,88 @@ def stats(db: Path, out: Path, folder_plat_diff_smali: Path, detail_class_redef:
        for row in data_only:
            writer.writerow(row)
    # occ_sdk34 = {}
    # occ_hid34 = {}
    # occ_self_redef = {}
    # occ_self = {}
    print()
    print(
        "redefined class SDK                                               occurences"
    )
    print()
    for cl in sorted(occ_sdk34.keys(), key=lambda x: occ_sdk34[x], reverse=True)[:10]:
        print(f"{cl:<70} {occ_sdk34[cl]: >5}")
    print()
    print()
    print(
        "redefined class Hidden                                            occurences"
    )
    print()
    for cl in sorted(occ_hid34.keys(), key=lambda x: occ_hid34[x], reverse=True)[:10]:
        print(f"{cl:<70} {occ_hid34[cl]: >5}")
    print()
    print()
    print(
        "collision class Self                                              occurences"
    )
    print()
    for cl in sorted(occ_self.keys(), key=lambda x: occ_self[x], reverse=True)[:10]:
        print(f"{cl:<70} {occ_self[cl]: >5}")
    print()
    print()
    print(
        "redefined class Self                                              occurences"
    )
    print()
    for cl in sorted(
        occ_self_redef.keys(), key=lambda x: occ_self_redef[x], reverse=True
    )[:10]:
        print(f"{cl:<70} {occ_self_redef[cl]: >5}")
    print()
    print()
    print(
        "redefined class SDK <= 7                                          occurences"
    )
    print()
    for cl in sorted(
        filter(lambda cl: MIN_MAX_SDK[cl][0] == 7, occ_sdk34.keys()),
        key=lambda x: occ_sdk34[x],
        reverse=True,
    )[:10]:
        print(f"{cl:<70} {occ_sdk34[cl]: >5}")
    print()
    print()
    print(
        "redefined class SDK = 8                                           occurences"
    )
    print()
    for cl in sorted(
        filter(lambda cl: MIN_MAX_SDK[cl][0] == 8, occ_sdk34.keys()),
        key=lambda x: occ_sdk34[x],
        reverse=True,
    )[:10]:
        print(f"{cl:<70} {occ_sdk34[cl]: >5}")
    print()
    print()
    print(
        "redefined class SDK = 16                                          occurences"
    )
    print()
    for cl in sorted(
        filter(lambda cl: MIN_MAX_SDK[cl][0] == 16, occ_sdk34.keys()),
        key=lambda x: occ_sdk34[x],
        reverse=True,
    )[:10]:
        print(f"{cl:<70} {occ_sdk34[cl]: >5}")
    print()
 def analyse_sdk_redef(folder: Path, db: Path, out: Path):
    with sqlite3.connect(db) as con:
@ -289,6 +392,7 @@ def analyse_sdk_redef(folder: Path, db: Path, out: Path):
    for cl, n in classes_occ.items():
        cls_by_sdk[MIN_MAX_SDK[cl][0]] += n
    matplotlib.rcParams.update({"font.size": 22})
    plt.figure(figsize=(20, 9), dpi=80)
    plt.bar(
        ["<=7" if i == 7 else str(i) for i in range(7, 35)],
@ -308,6 +412,8 @@ def analyse_sdk_redef(folder: Path, db: Path, out: Path):
        edgecolor="black",
    )
    plt.legend(loc="upper left")
    plt.ylabel("Nb Classes")
    plt.xlabel("First SDK containing the class")
    plt.savefig(out / "redef_sdk_relative_min_sdk.pdf", format="pdf")
    plt.savefig(out / "redef_sdk_relative_min_sdk.svg", format="svg")
    plt.show()
@ -332,6 +438,8 @@ def analyse_sdk_redef(folder: Path, db: Path, out: Path):
        edgecolor="black",
    )
    plt.legend(loc="upper left")
    plt.ylabel("Nb Classes")
    plt.xlabel("First SDK containing the class")
    plt.savefig(out / "redef_sdk_relative_targ_sdk.pdf", format="pdf")
    plt.savefig(out / "redef_sdk_relative_targ_sdk.svg", format="svg")
    plt.show()
--- a/run_exp_6.sh
+++ b/run_exp_6.sh
@ -0,0 +1,68 @@
 #!/usr/bin/bash
 WD=$(pwd)
 SCRIPT_DIR="$(dirname "$(readlink -f "$0")")"
 PLATFORM_DIR=$(mktemp -d)
 APKTOOL="${WD}/apktool.jar"
 DB="${SCRIPT_DIR}/data/app-2023-xp4.db"
 LIST=$(mktemp)
 CHUNK_FOLDER="./app-2023-exp6"
 APKTOOL="${SCRIPT_DIR}/apktool.jar"
 ANDROZOO_KEY="${SCRIPT_DIR}/.ZOO_KEY"
 OUT_DIR="app-2023-xp6.out"
 app_lst=(
  '00'
  '01'
  '02'
  '03'
  '04'
  '05'
  '06'
  '07'
  '08'
  '09'
  '10'
  '11'
  '12'
  '13'
  '14'
  '15'
  '16'
  '17'
  '18'
  '19'
 )
 mkdir -p "${OUT_DIR}"
 unzip platforms.zip -d "${PLATFORM_DIR}"
 for ad in "${PLATFORM_DIR}"/**/{platform,sdk}; do
  cd ${ad}
  for jar in "${ad}"/*.jar; do
    java -Xmx8G -jar ${APKTOOL} d "${jar}" 
  done
 done
 cd "${WD}"
 sqlite3 ${DB} 'SELECT sha256 FROM data WHERE nb_def_platform_32_classes >= 1 OR nb_def_platform_33_classes >= 1 OR nb_def_platform_34_classes >= 1 OR nb_duplicate_classes>=1;' > "${LIST}"
 N_CHUNK=$(python3 -c "print($(cat ${LIST} | wc -l)//20 + 1)")
 rm -r "${CHUNK_FOLDER}"
 mkdir "${CHUNK_FOLDER}"
 split -a 2 -d -l "${N_CHUNK}" "${LIST}" "${CHUNK_FOLDER}"
 worker () {
    for sha in $(cat "${1}"); do
        "${SCRIPT_DIR}"/venv/bin/check-platf-reder --api-key-file "${ANDROZOO_KEY}" --sha256 "${sha}" --path-platform-smali "${PLATFORM_DIR}" --apktool-jar "${APKTOOL}" --output-dir "${OUT_DIR}"
    done
    echo "Finished ${1}"
 }
 for lst in ${app_lst[@]}; do
    worker "${CHUNK_FOLDER}/${lst}" &
    sleep 1
 done
 echo 'PROCESS LAUNCHED'