AUSERA
1.0.0
Ausera는 Android 앱에서 보안 취약점을 감지하기위한 자동화 된 도구입니다. 우리는 도구와 해당 벤치 마크 데이터 세트를 공개적으로 제공했습니다. 우리는이 프로젝트가 Android 앱의 보안 분석 분야에서 다른 연구원이나 예비인에게 도움이 될 수 있기를 바랍니다. 질문과 문제가 있으면 언제든지 문의하십시오 ([email protected]). 우리는이 프로젝트를 계속 유지할 것입니다. 귀하의 의견에 감사드립니다.
export JAVA_HOME=/usr/lib/jvm/jdk1.8.0_45 Android SDK 설치, 참조 : SDKManager. Mac에서는 SDK가 ~/Library/Android/sdk/platforms 에 저장됩니다 export JAVA_HOME=/usr/lib/jvm/jdk1.8.0_45
export JAVA_BIN=/usr/lib/jvm/jdk1.8.0_45/bin
export CLASSPATH=.:${JAVA_HOME}/lib/dt.jar:${JAVA_HOME}/lib/tools.jar
export PATH=$PATH:${JAVA_HOME}/bin
export PATH=$PATH:/home/dell/Android/Sdk/tools
export PATH=$PATH:/home/dell/Android/Sdk/platform-tools
export PATH=$PATH:/home/dell/Android/Sdk/emulator
export JAVA_HOME JAVA_BIN CLASSPATH PATH
https://youtu.be/sfuk3b3iueu
apks폴더에 Target APK 파일을 테스트하에 넣으십시오.출력 보고서는
engine-result/engine-report/apk_sha256_output.json에서 찾을 수 있습니다
명령 형식 :
python apk-engine.py [Repo_Path] [JAVA_HOME_Path] [SDK_Platform_Path]
예:
python2.7 apk-engine.py /media/dell/49fff1d2-ef19-4e4d-855b-4eca95be873a/dell/Tools/ausera-main/ /usr/lib/jvm/jdk1.8.0_45/ /media/dell/49fff1d2-ef19-4e4d-855b-4eca95be873a/dell/Tools/ausera-main/engine-configuration/libs/android-platforms/
Public Id: BUG-A003-0001;
Type: Security Bug;
Risk Level: High;
Risk Score: 8;
Sub Type: SMS data leakage; // App vulnerability type
Description: The app sends an SMS attached with the sensitive data (in plaintext) to authenticate that user, but the data is stored in the SMS outbox unexpectedly. If an adversary registers a content observer to the SMS outbox on the mobile device with some permissions, the user's sensitive data can be easily intercepted by the adversary who impersonates that user to manipulate her legitimate banking account.
Location: Found a flow to sink virtualinvoke $r10.<android.telephony.SmsManager: void sendTextMessage(), from the following sources: $r5 = virtualinvoke $r4.<android.widget.EditText: android.text.Editable getText()>() (in <com.globe.gcash.android.activity.transaction.RegistrationTransactionActivity: void doNext()>)
=> RegistrationTransactionActivity;doNext();$r4;$r5 // Activity, Method, Variables logging
==> pin;firstName;lastName;addr // Sensitive data tagging
Patch Method: Avoid sending sensitive data via SMS and store the sensitive data in the SMS outbox accordingly.
[1] Ausera : Android 앱에서 취약성 탐지를위한 자동 보안 위험 평가
@inproceedings{chen2022ausera,
title={AUSERA: Automated Security Risk Assessment for Vulnerability Detection in Android Apps},
author={Chen, Sen and and Zhang, Yuxin and Fan, Lingling and Li, Jiaming and Liu, Yang},
booktitle={ASE},
year={2022}
}
[2] 글로벌 안드로이드 뱅킹 앱의 보안 위험에 대한 경험적 평가
@inproceedings{chen2019ausera,
title={An Empirical Assessment of Security Risks of Global {Android} Banking Apps},
author={Chen, Sen and Fan, Lingling and Meng, Guozhu and Su, Ting and Xue, Minhui and Xue, Yinxing and Liu, Yang and Xu, Lihua},
booktitle={ICSE},
year={2020}
}
[3] 모바일 뱅킹 앱이 안전합니까? 무엇을 개선 할 수 있습니까?
@inproceedings{chen2018mobile,
title={Are mobile banking apps secure? {What} can be improved?},
author={Chen, Sen and Su, Ting and Fan, Lingling and Meng, Guozhu and Xue, Minhui and Liu, Yang and Xu, Lihua},
booktitle={ESEC/FSE},
year={2018}
}
Sen Chen 모든 저작권이 예약되었습니다.
