Runthrough

Runthrough

The following instructions deal with the installation of the AQL-System. Along with that Amandroid will be installed. Hence, the AQL-System will be setup to use Amandroid only. (The operating system considered is Linux.)

1. Download the latest version of the AQL-System: here

• Unzip it!

2. Download Amandroid: https://bintray.com/arguslab/maven/argus-saf/3.1.2
   (direct link: https://bintray.com/arguslab/maven/download_file?file_path=com%2Fgithub%2Farguslab%2Fargus-saf_2.12%2F3.1.2%2Fargus-saf_2.12-3.1.2-assembly.jar)
3. Download the DirectLeak1 app from DroidBench 3.0: https://github.com/secure-software-engineering/DroidBench/raw/develop/apk/AndroidSpecific/DirectLeak1.apk
4. Setup a configuration

• Create file config_amandroid.xml located in the directory of the AQL-System
• Copy and Paste the following content:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<config>
	<androidPlatforms>/path/to/android/platforms/</androidPlatforms>
	<androidBuildTools>/path/to/android/buildTools</androidBuildTools>
	<maxMemory>8</maxMemory>
	<tools>
		<tool name="Amandroid" version="312">
			<priority>1</priority>
			<execute>
				<run>/path/to/Amandroid/aqlRun.sh %APP_APK% %MEMORY%</run>
				<result>/path/to/Amandroid/outputPath/%APP_APK_FILENAME%/result/AppData.txt</result>
				<instances>0</instances>
				<memoryPerInstance>4</memoryPerInstance>
			</execute>
			<path>/path/to/Amandroid</path>
			<questions>IntraAppFlows</questions>
			<runOnExit>/path/to/AQL-System/flushMemory.sh</runOnExit>
			<runOnAbort>/path/to/AQL-System/killpid.sh %PID%</runOnAbort>
		</tool>
	</tools>
</config>

• Adjust the configuration:
  • 1: Adjust the path to your Android SDK’s platforms directory (<androidPlatforms>/path/to/android/platforms/</androidPlatforms>)
  • 2 (Optional): The build tools are not required here, still feel free to adjust the respective path as well (<androidBuildTools>/path/to/android/buildTools</androidBuildTools>)
  • 3: Adjust the path for Amandroid (<path>/path/to/Amandroid</path>) (The directory should contain the previously downloaded .jar file.)
  • 4: Use the same path in <run> and <result>
  • 5: Adjust the path to flushMemory.sh and killpid.sh to the path of the AQL-System in <runOnExit> and <runOnAbort>.
  • 6: Lastly adjust <maxMemory> and <memoryPerInstance>. The latter has to be less than or equal to the first value. Both values are given in gigabytes. (If sufficient memory is provided, a tool might be executed multiple times in parallel.)

5. Make sure flushMemory.sh and killpid.sh, located in the AQL-Systems directory, are executeable:

chmod u+x flushMemory.sh killpid.sh

6. Create launch script

cd /path/to/Amandroid
nano aqlRun.sh

7. Copy and Paste the following:

#!/bin/bash
rm -R outputPath
java -Xmx${2}g -jar argus-saf_2.12-3.1.2-assembly.jar t -o outputPath ${1}

8. Save (Ctrl+o) and exit (Ctrl+x) nano
9. Make the script executable:

chmod u+x aqlRun.sh

10. Finally, launch the AQL-System:

cd /path/to/AQL-System
java -jar AQL-System-1.1.1.jar -config config_amandroid.xml -d detailed -gui

11. Type in the query (do not forget to adjust the contained path /path/to/DirectLeak1.apk):

Flows IN App('/path/to/DirectLeak1.apk') ?

12. Click on Ask query (Green play button on the right in the toolbar).
13. Wait for Amandroid to finish its execution.
14. View the AQL-Answer in "Viewer" tab (More information about AQL-Answers can be found: here)