首页>JSP源码>其他类别
下载

新:我们提出了一个名为Vustotal的统一平台,用于评估Android SAST工具。该平台结合了11个Android SAST工具的检测能力,并为目标APK生成相应的检测报告(CSV文件)。

奥塞拉

Ausera是一种用于检测Android应用中安全漏洞的自动化工具。我们已公开使用该工具和相应的基准数据集。我们希望该项目可以使Android应用程序安全分析领域的其他研究人员或实践者受益。如果您有任何疑问和问题,请随时与我们联系([email protected])。我们将继续维护这个项目。感谢您的反馈。

环境配置

  • Ubuntu/MacBook
  • python :( 2和3应该很好)
  • apktool:2.6.1(请使用最新版本的Apktool),参考:Apktool安装指令
  • Java环境(JDK):JDK1.8.0_45 export JAVA_HOME=/usr/lib/jvm/jdk1.8.0_45安装安装Android SDK,参考:SDKMANAGER。在Mac上,SDK将保存在~/Library/Android/sdk/platforms
  • 打开〜/.bashrc并配置JDK和SDK的路径(通过您自己的路径替换): 
 export JAVA_HOME=/usr/lib/jvm/jdk1.8.0_45
export JAVA_BIN=/usr/lib/jvm/jdk1.8.0_45/bin
export CLASSPATH=.:${JAVA_HOME}/lib/dt.jar:${JAVA_HOME}/lib/tools.jar
export PATH=$PATH:${JAVA_HOME}/bin
export PATH=$PATH:/home/dell/Android/Sdk/tools
export PATH=$PATH:/home/dell/Android/Sdk/platform-tools
export PATH=$PATH:/home/dell/Android/Sdk/emulator
export JAVA_HOME JAVA_BIN CLASSPATH PATH

执行记录

https://youtu.be/sfuk3b3iueu

用法

请将目标APK文件放在apks文件夹中

输出报告可以在engine-result/engine-report/apk_sha256_output.json中找到

命令格式:

python apk-engine.py [Repo_Path] [JAVA_HOME_Path] [SDK_Platform_Path]

例子:

python2.7 apk-engine.py /media/dell/49fff1d2-ef19-4e4d-855b-4eca95be873a/dell/Tools/ausera-main/ /usr/lib/jvm/jdk1.8.0_45/ /media/dell/49fff1d2-ef19-4e4d-855b-4eca95be873a/dell/Tools/ausera-main/engine-configuration/libs/android-platforms/

输出

 Public Id: BUG-A003-0001; 
Type: Security Bug; 
Risk Level: High; 
Risk Score: 8;
Sub Type: SMS data leakage; // App vulnerability type
Description: The app sends an SMS attached with the sensitive data (in plaintext) to authenticate that user, but the data is stored in the SMS outbox unexpectedly. If an adversary registers a content observer to the SMS outbox on the mobile device with some permissions, the user's sensitive data can be easily intercepted by the adversary who impersonates that user to manipulate her legitimate banking account.
Location: Found a flow to sink virtualinvoke $r10.<android.telephony.SmsManager: void sendTextMessage(), from the following sources: $r5 = virtualinvoke $r4.<android.widget.EditText: android.text.Editable getText()>() (in <com.globe.gcash.android.activity.transaction.RegistrationTransactionActivity: void doNext()>) 
=> RegistrationTransactionActivity;doNext();$r4;$r5 // Activity, Method, Variables logging
==> pin;firstName;lastName;addr // Sensitive data tagging
Patch Method: Avoid sending sensitive data via SMS and store the sensitive data in the SMS outbox accordingly.

文件

[1] Ausera:Android应用中漏洞检测的自动安全风险评估

 @inproceedings{chen2022ausera,
  title={AUSERA: Automated Security Risk Assessment for Vulnerability Detection in Android Apps},
  author={Chen, Sen and and Zhang, Yuxin and Fan, Lingling and Li, Jiaming and Liu, Yang},
  booktitle={ASE},
  year={2022}
}

[2]对全球Android银行应用程序安全风险的经验评估

 @inproceedings{chen2019ausera,
  title={An Empirical Assessment of Security Risks of Global {Android} Banking Apps},
  author={Chen, Sen and Fan, Lingling and Meng, Guozhu and Su, Ting and Xue, Minhui and Xue, Yinxing and Liu, Yang and Xu, Lihua},
  booktitle={ICSE},
  year={2020}
}

[3]移动银行应用程序是否安全?什么可以改善? 

 @inproceedings{chen2018mobile,
  title={Are mobile banking apps secure? {What} can be improved?},
  author={Chen, Sen and Su, Ting and Fan, Lingling and Meng, Guozhu and Xue, Minhui and Liu, Yang and Xu, Lihua},
  booktitle={ESEC/FSE},
  year={2018}
}

接触

Sen Chen保留所有版权。

展开
附加信息
相关应用
为您推荐
相关资讯 全部