IntelliDroid icon indicating copy to clipboard operation
IntelliDroid copied to clipboard

Published 20 hours ago verified publisher icon miwong

INSTALL_FAILED_OLDER_SDK

Open parulkhanna opened this issue 8 years ago • 7 comments

Hi,

I am experimenting with Intellidroid and I have succefully setup the Intellidroid AppAnalysis and Dynamic Client. While running the Dynamic client. I am trying to install the apk file for the analaysis on the device.

I am getting the following error

> INSTALL /home/parul/Documents/IntelliDroid/AppAnalysis/1/1.apk
3542 KB/s (57618777 bytes in 15.884s)
	pkg: /data/local/tmp/1.apk
Failure [INSTALL_FAILED_OLDER_SDK]

Please let me know, If I am wrongly doing it or any other command is required. Also, I wanted to know the correct parameters of commands.

Thanks, P

parulkhanna avatar Dec 05 '16 15:12 parulkhanna

When you use the INSTALL command IntelliDroid runs the command "adb install apk" (line 62 in AndroidCommunication.py). So this error command is most likely related to the emulator's version. Also, is 1.apk the framework file used by apktool? According to their website, it is shipped with the most recent AOSP framework (https://ibotpeaches.github.io/Apktool/documentation/), so it is most likely incompatible with Intellidroid, which uses Android 4.3.

Hope this helps.

jallen89 avatar Dec 06 '16 03:12 jallen89

Hi,

Thanks for the comment. It was issue with the minSDKversion of the applications I was trying to install on the device. I downloaded the apps supported for Android 4.3 and I succesfully installed the apps. However, When I try to preprocess the same application in the AppAnalysis component. I get following error. Can you please help me with that to. Looks like it is about apk tool. @-desktop:~/Documents/IntelliDroid/AppAnalysis$ ./preprocess/PreprocessAPK.sh ./dropbox.apk mv: cannot stat ‘/home//Documents/IntelliDroid/AppAnalysis/dropbox.apk’: No such file or directory Exception in thread "main" java.lang.UnsupportedClassVersionError: brut/apktool/Main : Unsupported major.minor version 51.0 at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClassCond(ClassLoader.java:631) at java.lang.ClassLoader.defineClass(ClassLoader.java:615) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141) at java.net.URLClassLoader.defineClass(URLClassLoader.java:283) at java.net.URLClassLoader.access$000(URLClassLoader.java:58) at java.net.URLClassLoader$1.run(URLClassLoader.java:197) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) Could not find the main class: brut.apktool.Main. Program will exit. Processing class #0: Landroid/support/v4/app/ActionBarDrawerToggle$1; Processing class #1: Landroid/support/v4/app/ActionBarDrawerToggle$ActionBarDrawerToggleImpl;

End of the output Processing class #4398: Ldbxyzptlk/db240510/z/e; Processing class #4399: Ldbxyzptlk/db240510/z/g; Assembling classes java.io.FileNotFoundException: /home/Documents/IntelliDroid/AppAnalysis/dropbox/apk/classes.jar (No such file or directory) at java.io.FileOutputStream.open(Native Method) at java.io.FileOutputStream.<init>(FileOutputStream.java:194) at java.io.FileOutputStream.<init>(FileOutputStream.java:84) at sun.tools.jar.Main.run(Main.java:167) at sun.tools.jar.Main.main(Main.java:1147) TIA

parulkhanna avatar Dec 06 '16 18:12 parulkhanna

I believe this issue is related to the Java version you are using. Which version of Java are you running? I can run the preprocessing phase with Java 7 and 8.

jallen89 avatar Dec 06 '16 19:12 jallen89

Hi,

Thank you for the reply, I was using Java 6. However, I updated to Java 8 but its still not going away. I then used JAVA 7 and it worked. Thank you.

parulkhanna avatar Dec 06 '16 21:12 parulkhanna

I am excited to explore the system and analyse few applications to see how it works. I wanted to learn the exact way to input the commands. For example: 1)I have preprocessed a Facebook APK. The Output is in a Folder that has fb.apk and some other directories. 2) After building it with ./IntelliDroidAppAnalysis. I have appinfo.json and other files in my folder

Example Code: { "packageName": "com.facebook.katana", "mainActivity": "com.facebook.dash.activities.DashActivity", "callPaths": { "0": { "startMethod": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity.onCreate(Landroid/os/Bundle;)V", "targetMethod": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity.findViewById(I)Landroid/view/View;", "eventChain": [ { "start": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity.onCreate(Landroid/os/Bundle;)V", "target": "invokevirtual \u003c Application, Lcom/facebook/nodex/startup/splashscreen/NodexErrorActivity, findViewById(I)Landroid/view/View; \u003e@145", "type": "activity", "component": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity" } ] }, "1": { "startMethod": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity.onCreate(Landroid/os/Bundle;)V", "targetMethod": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity.findViewById(I)Landroid/view/View;", "eventChain": [ { "start": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity.onCreate(Landroid/os/Bundle;)V", "target": "invokevirtual \u003c Application, Lcom/facebook/nodex/startup/splashscreen/NodexErrorActivity, findViewById(I)Landroid/view/View; \u003e@115", "type": "activity", "component": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity" } ] }, "2": { "startMethod": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity.onCreate(Landroid/os/Bundle;)V", "targetMethod": "java.io.FileOutputStream.write([B)V", "eventChain": [ { "start": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity.onCreate(Landroid/os/Bundle;)V", "target": "PC@149", "type": "activity", "component": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity" }, { "start": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity.onCreate(Landroid/os/Bundle;)V", "target": "invokevirtual \u003c Application, Ljava/io/FileOutputStream, write([B)V \u003e@26", "type": "activity", "component": "com.facebook.nodex.startup.splashscreen.NodexErrorActivity", "constraintsFile": "constraints2_0.py", "variables": { "\u003cChainedInput1\u003e": "IAAv0" }, "stringMap": {}, "strings": { "IAAv4": "" } } ] },

In Phase 2: I initiate Dynamic Client by ./IntelliDroidDynamicClient.py and then I get this output

Connected to IntelliDroidService
> START /home/parul/Documents/IntelliDroid/AppAnalysis/pathOutput
Starting: Intent { cmp=com.facebook.katana/com.facebook.dash.activities.DashActivity }
Status: ok
Activity: com.facebook.katana/.FacebookLoginActivity
ThisTime: 226
TotalTime: 257
Complete
> TRIGGER 1
Starting: Intent { cmp=com.facebook.katana/com.facebook.nodex.startup.splashscreen.NodexErrorActivity }
java.lang.SecurityException: Permission Denial: starting Intent { flg=0x10000000 cmp=com.facebook.katana/com.facebook.nodex.startup.splashscreen.NodexErrorActivity } from null (pid=6334, uid=2000) not exported from uid 10045
	at android.os.Parcel.readException(Parcel.java:1431)
	at android.os.Parcel.readException(Parcel.java:1385)
	at android.app.ActivityManagerProxy.startActivityAndWait(ActivityManagerNative.java:2020)
	at com.android.commands.am.Am.runStart(Am.java:613)
	at com.android.commands.am.Am.onRun(Am.java:232)
	at com.android.internal.os.BaseCommand.run(BaseCommand.java:47)
	at com.android.commands.am.Am.main(Am.java:75)
	at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
	at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:235)

I am not sure if I am doing it right. The motivation here is to find out malicious behaviour. Please correct me if I am wrong somewhere and how to proceed from TRIGGER and so on to generate informative output(commands)*.

Thanks,

parulkhanna avatar Dec 06 '16 22:12 parulkhanna

I believe that error is because that particular component (NodexErrorActivity) isn't exported and that path isn't actually reachable. The static analysis currently doesn't check if a component is exported or not, so it reports those those paths anyway.

miwong avatar Dec 07 '16 19:12 miwong

How to run Intellidroid after performing the preprocessing step?? I already installed everything, and now trying to rung the 2nd step of the static analysis, which is the step after running preprocessing. I can't figure out what should be the argument after the switch --name in the following command ./IntelliDroidAppAnalysis --name <arg> Where I tried different options, like the path to the preprocessed APK.

Mohannadcse avatar Mar 14 '18 04:03 Mohannadcse