Is there a way to get the parameter value of API call while doing APK static analysis?
Question
I have get the api calls (external methods) of a apk file by androguard,and I also want to get some params value of sensitive apis. Are there some functions or methods for that?
or
Is there a way to get the parameter value of the API call from smali file traversal method?
example:
invoke-static {v0}, Lcom/xyz/sdk/impl/bd;->setWebContentsDebuggingEnabled(Z)V
How can I find the boolean value of the setWebContentsDebuggingEnabled API call?
I read the documentation that last value of the registers will hold the method parameter but can you provide some simple example?
1 answers
solution1
0 2022-01-29 12:49:34
The common way is to build an intra-procedural control flow graph so you can check which possible flows and thus what commands are executed before the invocation you are interested in.
Then check each those flows (go backwards through the list of commands that are executed) where the register you are looking for is written.
Often you end up in processing another method because the register is written using the return value of another method invocation or you go back until you reach the start of the method and recognize that the register value was handed over as argument to the method you are in. So you have to check the whole app code where are calls to this method and thus trace again the used register.
I am not sure if and how Androguard provides such a functionality.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.