decaf-project / Droidscope

A dynamic analysis platform for Android

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

README

A docker file to build droidscope environment

Host environment:

Dependencies needed by Droidscope

Please download the dependencies at first via:
wget https://cluster.hpcc.ucr.edu/~zqi020/file_for_unpack/external.tar.gz
wget https://cluster.hpcc.ucr.edu/~zqi020/file_for_unpack/images.tar.gz
wget https://cluster.hpcc.ucr.edu/~zqi020/file_for_unpack/prebuilts.tar.gz
wget https://cluster.hpcc.ucr.edu/~zqi020/file_for_unpack/out.tar.gz
Then use tar -xvf to extract those files, which are needed in step 3

Steps to run Droidscope in docker:

1.Build the docker image

docker build --network=host -t droidscope /path/to/the/dockerfile

2.Search the created image:

sudo docker image ls and copy that IMAGE ID

3.Start the docker image:

sudo docker run -it -e DISPLAY -v /PATH/TO/EXTERNAL:/home/developer/android_source/external -v /PATH/TO/PREBUILTS:/home/developer/android_source/prebuilts -v /PATH/TO/OUT:/home/developer/android_source/out -v /PATH/TO/IMAGE:/home/developer/images -v /tmp/.X11-unix:/tmp/.X11-unix -v $HOME/.Xauthority:/home/developer/.Xauthority --net=host IMAGE_ID

4.Build Droidscope

cp -a /home/developer/Droidscope/droidscope/ /home/developer/android_source/external/
cd /home/developer/android_source/external/droidscope/
sudo ./android-configure.sh
sudo make -j4

5.Start Droidscope in docker container:

./startDroidScope.sh

6.Use tab to list the supported commands

eg. command ps to list the running process

Steps to use DroidUnpack

1. Build unpacker

./condigure --decaf-path=/<PATH_TO_DROIDSCOPE>/ --target=android then make

2. Install app

You may need to run install_uninstall.sh to install the app needed.
Or run the following commads before install the app
adb shell setprop dalvik.vm.dex2oat-filter "interpret-only"
adb shell setprop dalvik.vm.image-dex2oat-filter "interpret-only"

3. Load DroidUnpack in Droidscope

load_plugin DECAF_plugin/DroidUnpack/libunpacker.so

4. Run cmd

do_hookapitests procname

About

A dynamic analysis platform for Android


Languages

Language:C++ 56.5%Language:C 31.8%Language:PHP 3.9%Language:Makefile 2.5%Language:Shell 2.1%Language:Assembly 0.5%Language:Java 0.5%Language:CMake 0.5%Language:Python 0.3%Language:Smalltalk 0.3%Language:Perl 0.2%Language:Roff 0.2%Language:M4 0.2%Language:Objective-C 0.2%Language:OCaml 0.1%Language:C# 0.1%Language:Batchfile 0.0%Language:Haxe 0.0%Language:XSLT 0.0%Language:HTML 0.0%Language:GDB 0.0%Language:SAS 0.0%Language:WebAssembly 0.0%Language:Module Management System 0.0%Language:Haskell 0.0%Language:Dockerfile 0.0%Language:CSS 0.0%Language:Tcl 0.0%Language:Ruby 0.0%Language:Objective-C++ 0.0%Language:sed 0.0%