Translate

Monday

Create Control Flow Graph from Android apk Using Soot

Control Flow Graph(Call graphs) Using Soot

Lets look at command to convert any android apk file into Control flow graph or call graphs using soot as a command line tool. This will creates Jimple files for all the classes from apk and dot files for all the methods which is graphical representation as Control Flow Graph (CFG) or call graphs.
For conversion, you need to:

> Download any .apk file
> Download android sdk from android developer site or download android jars
> Download Soot's nightly build version from Soot- Github


Before applied command, you need to know right path for android sdk -platforms directory, .apk file located directory and nightly build version of soot at right directory

Set CLASSPATH of Soot.jar or go to the directory that contains Soot.jar file then type following Command:

java -Xmx2g -jar soot-trunk.jar soot.tools.CFGViewer -w -allow-phantom-refs       -android-jars "D:\sdk\platform" -src-prec apk -output-format dex         -process-dir "C:\apkpath\example.apk"

If you have already set CLASSPATH for jar then type following

>java -Xmx2g soot.tools.CFGViewer -w -allow-phantom-refs -android-jars "D:\sdk\platform" -src-prec apk -output-format dex -process-dir "C:\apkpath\example.apk"


Details: -Xmx2g it represents memory of 2GB which is normally sufficient for any apk process.

-jar can be replaced by -cp which means CLASSPATH or it represent command prompt's current directory.

-W stands for writing

-allow-phantom-refs creates phantom classes for missing or unprocessed classes

-android-jars leads to path for android sdk or jars to process apks

-src-prec represents the file format you are trying to process

-output-format dex is responsible for converting all the classes from apk into dex format
-process-dir shows the path for processing directory or apk located directory


   
This will generate Jimple and dot files in sootOutput directory. The dot files are further used to create control flow graphs by using tools like graphviz .(More about Grphviz click here

Posted by at
Labels: , , , , , , , , , , , , , ,

1 comment:

  1. BirenJune 11, 2016 at 2:40 PM

    Use nightly build version and CGFViewer - it definitely generate .dot file, if classpath is right.

    ReplyDelete

Subscribe to: Post Comments (Atom)