Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to generate call graph from android APK?

I have downloaded a few Android applications from Google Play. I have got Smali code through reverse engineering tool apktool .I want to generate call graphs for these applications. I have seen many links on stack overflow and Google, most of the suggested tools are either for c/c++ or if they are for Java, they need source code which I don't have, of course.

Is there any way to generate call graphs automatically? Thanks.

like image 968
Junaid Avatar asked Nov 13 '22 15:11

Junaid


1 Answers

apkinspector - http://code.google.com/p/apkinspector/

The goal of this project is to aide analysts and reverse engineers to visualize compiled Android packages and their corresponding DEX code. APKInspector provides both analysis functions and graphic features for the users to gain deep insight into the malicious apps:

  • CFG
  • Call Graph
  • Static Instrumentation
  • Permission Analysis
  • Dalvik codes
  • Smali codes
  • Java codes
  • APK Information

I've tried to install apkinspector in my computer (Debian 6.0):

sudo aptitude install libxext-dev
source compile python-qt and python-sip

http://sourceforge.net/projects/pyqt/files/PyQt4/PyQt-4.9.4/

sudo aptitude install python-tk

easy_install ipython
(sudo aptitude install python-pip & sudo pip install ipython)

vi androguard/androlyze.py
change "import IPython.ipapi" to "import IPython.core.ipapi"
change "from IPython import IPShellEmbed" to "import IPython"
change "IPShellEmbed" to "IPython.embed"

But unfortunately it cannot be used!!!

thus I tried to write my own tool using Ruby, which can be found in here

like image 84
ytliu Avatar answered Nov 15 '22 05:11

ytliu