these-android-re/thesis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

resumé francis
All checks were successful
/ test_checkout (push) Successful in 1m54s
Details

Browse source
This commit is contained in:
Jean-Marie 'Histausse' Mineau 2025-09-12 20:49:25 +02:00
parent e4c65b6384
commit b3ccd17582
Signed by: histausse
GPG key ID: B66AEEDA9B645AD2
4 changed files with 275 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

8
4_class_loader/3_obfuscation.typ
View file

@ -94,16 +94,16 @@ To evaluate the tools, we designed a single application that we can customize fo
We used 4 versions of this application:
* A control application that does not do anything special: `Obfuscation.hide_flow(String personal_data)` simply return `personal_data`.
+ A control application that does not do anything special: `Obfuscation.hide_flow(String personal_data)` simply return `personal_data`.
It will be used for checking the expecting result of tools.
* A version that implements self shadowing: the class `Obfuscation` is duplicated: one is the same as the in the control app (`Obfuscation.hide_flow(String)` returns its arguments), and the other version returns a constant string.
+ A version that implements self shadowing: the class `Obfuscation` is duplicated: one is the same as the in the control app (`Obfuscation.hide_flow(String)` returns its arguments), and the other version returns a constant string.
These two versions are embedded in several #DEX of a multi-dex application.
* The third version implement #SDK shadowing and needs an existing class of the #SDK.
+ The third version implement #SDK shadowing and needs an existing class of the #SDK.
We used the #SDK class `Pair` that we try to shadow.
We put data in a new `Pair` instance and reread the data from the `Pair`.
The colliding `Pair` class we created discards the data at the initialisation and stores `null` instead of the argument values.
This decoy class break the flow of information: Flowdroid will detect the information flow if it uses the actuall #SDK implementation of `Pair` to compute the #DFG, but not if it uses the decoy.
* The last version tests for Hidden #API shadowing.
+ The last version tests for Hidden #API shadowing.
Like for the third one, we similarly store data in `com.android.okhttp.Request` and then retrieve it.
Again, the shadowing implementation discards the data.

2
4_class_loader/6_conclusion.typ
View file

@ -1,4 +1,4 @@
#import "../lib.typ": SDK, pb2, pb2-text, highlight-block, ie
#import "../lib.typ": SDK, pb2, pb2-text, highlight-block, ie, todo
#import "X_var.typ": *
== Conclusion <sec:cl-conclusion>