2015-05-29 09:21:26 +00:00
|
|
|
# DASCA
|
2015-06-15 07:22:50 +00:00
|
|
|
## Installation
|
|
|
|
### Prerequisites
|
|
|
|
* Java 8
|
2016-07-31 21:42:42 +00:00
|
|
|
* Java 6 (core libraries for the WALA analysis)
|
2015-10-29 12:48:37 +00:00
|
|
|
* Android SDK (to obtain dx.jar)
|
2016-08-05 16:07:15 +00:00
|
|
|
* Eclipse Neon, including
|
2016-09-11 11:25:36 +00:00
|
|
|
* From http://download.scala-ide.org/sdk/lithium/e44/scala211/stable/site
|
|
|
|
* Scala IDE
|
|
|
|
* Scalatest Runner (optional)
|
|
|
|
* From http://alchim31.free.fr/m2e-scala/update-site
|
|
|
|
* "Maven for Scala" - Maven Integration for Eclipse
|
|
|
|
* From http://download.eclipse.org/releases/neon
|
|
|
|
* m2e - Maven Integration for Eclipse
|
2015-10-15 08:34:37 +00:00
|
|
|
* CVC3 including the Java bindings for CVC3
|
|
|
|
* apktool
|
|
|
|
|
2015-06-15 07:22:50 +00:00
|
|
|
|
|
|
|
### Checkout
|
|
|
|
Note that this repository imports WALA as a submodule. Thus,
|
2015-10-15 08:34:37 +00:00
|
|
|
you either need to recursively clone this repository, e.g.,
|
2015-06-27 18:27:39 +00:00
|
|
|
```
|
2016-07-28 22:45:31 +00:00
|
|
|
git clone --recursive https://git.logicalhacking.com/DASCA/DASCA.git
|
2015-06-27 18:27:39 +00:00
|
|
|
```
|
2015-06-27 19:09:51 +00:00
|
|
|
or execute ``git submodule update --init --recursive`` after
|
|
|
|
cloning the repository.
|
|
|
|
|
2015-10-15 08:34:37 +00:00
|
|
|
|
|
|
|
### Resolving external dependencies
|
2015-10-15 08:59:12 +00:00
|
|
|
* Ensure that the environment variable ``ANDROID_HOME`` is set correctly and that
|
2015-10-15 08:34:37 +00:00
|
|
|
the Android SDK has API 19 installed, i.e.,
|
2015-10-15 08:59:12 +00:00
|
|
|
``${ANDROID_HOME}/platforms/android-19/android.jar`` should be a valid path.
|
|
|
|
* Install ``apktool_2.0.0.jar`` into your local maven repository:
|
2015-06-15 07:22:50 +00:00
|
|
|
```
|
2016-09-11 09:20:44 +00:00
|
|
|
cd $(mktemp -d)
|
|
|
|
|
2015-10-15 08:34:37 +00:00
|
|
|
wget https://bitbucket.org/iBotPeaches/apktool/downloads/apktool_2.0.0.jar
|
2016-09-11 09:20:44 +00:00
|
|
|
|
|
|
|
mvn install:install-file -Dfile=apktool_2.0.0.jar -DgroupId=apktool -DartifactId=apktool -Dpackaging=jar -Dversion=2.0.0
|
2015-10-15 08:57:06 +00:00
|
|
|
```
|
2015-06-15 07:22:50 +00:00
|
|
|
|
|
|
|
### How to Compile
|
2015-10-15 08:34:37 +00:00
|
|
|
First resolve the dependencies using maven:
|
2015-06-15 07:22:50 +00:00
|
|
|
```
|
2016-08-05 15:34:19 +00:00
|
|
|
cd src/eu.aniketos.dasca.parent/
|
2015-06-15 07:22:50 +00:00
|
|
|
mvn -P wala clean install -DskipTests=true -q
|
|
|
|
```
|
|
|
|
After this, all projects can be imported into a fresh Eclipse
|
2015-10-15 08:34:37 +00:00
|
|
|
workspace using `File -> Import -> Maven -> Existing Maven Projects`:
|
2015-10-15 10:39:15 +00:00
|
|
|
1. Select the DASCA ``src`` folder as source for the import
|
|
|
|
2. Import all offered projects (WALA and DASCA)
|
2016-08-08 19:58:06 +00:00
|
|
|
|
2015-10-15 08:34:37 +00:00
|
|
|
While some Wala projects may contain compilation errors, all DASCA
|
2015-06-15 07:22:50 +00:00
|
|
|
projects (i.e., `eu.aniketos.dasca.*`) should compile without errors.
|
|
|
|
|
|
|
|
## Team
|
|
|
|
Main contact: [Achim D. Brucker](http://www.brucker.ch/)
|
|
|
|
|
|
|
|
### Contributors
|
|
|
|
* Thomas Deuster
|
2016-07-30 22:31:42 +00:00
|
|
|
* [Michael Herzberg](http://www.dcs.shef.ac.uk/cgi-bin/makeperson?M.Herzberg)
|
2015-06-15 07:22:50 +00:00
|
|
|
* Tim Herres
|
2016-07-28 22:51:21 +00:00
|
|
|
|
2016-07-30 22:31:42 +00:00
|
|
|
|
2016-07-28 22:51:21 +00:00
|
|
|
### Publications
|
|
|
|
* Achim D. Brucker and Michael Herzberg. [On the Static Analysis of
|
|
|
|
Hybrid Mobile Apps: A Report on the State of Apache Cordova
|
|
|
|
Nation.](https://www.brucker.ch/bibliography/download/2016/brucker.ea-cordova-security-2016.pdf)
|
|
|
|
In International Symposium on Engineering Secure Software
|
|
|
|
and Systems (ESSoS). Lecture Notes in Computer Science (9639), pages
|
|
|
|
72-88, Springer-Verlag, 2016.
|
|
|
|
https://www.brucker.ch/bibliography/abstract/brucker.ea-cordova-security-2016
|
|
|
|
doi: [10.1007/978-3-319-30806-7_5](http://dx.doi.org/10.1007/978-3-319-30806-7_5)
|