Android???????????
???????????? ???????[ 2013/4/22 10:13:29 ] ????????
????2?????????
?????????????Android??????????????????Google Android?????????????????????????????system.img??????????????????????????????????????????????
????system('start emulator -avd MalDroidAnalyzer -scale 0.8 -system images/root-system.img -ramdisk images/ramdisk.img -kernel images/zImage -prop dalvik.vm.execution-mode=int:portable &');
?????????root-system.img?????root??????????£?Android??????????root?????????????????????????Щ???root?????????????????????????У???????????????????
??????????????????adb???APK????????????????????????monkey???????????????????????????????????????????????????????????????????????????????????3?????????????MalDroidAnalyzer????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????δ?綽???????
???????????????????????????????????logcat???????????????£????????log.txt?????
????system("adb logcat -v time ActivityManager:I camera:V AudioHardware:D Telephony:V CallNotifier:D su:D MediaProvider:V videocamera:V BluetoothEnabler:V BluetoothHIDService:I dalvikvm:W *:S > log.txt");
???????????????log.txt???з?????????????system.img????????json????????????????????????Щ???Android???????????????????????????δ???????????????£?
????09-16 10:18:04.583 W/dalvikvm( 299): MalDroid: { "DexClassLoader": { "path": "/data/data/com.test/files/anserverb.db" } }
????09-16 10:17:27.963 W/dalvikvm( 281): MalDroid: { "SendNet": { "desthost": "www.google.com"?? "destport": "80"?? "data": "7b2263656c6c5f746f77657273223a5b7b226d6f62696c655f6e6574776f726b
5f636f6465223a32362c226c6f636174696f6e5f617265615f636f6465223
a2d312c226d6f62696c655f636f756e7472795f636f6465223a3331302c2263656
c6c5f6964223a2d317d5d2c22726571756573745f61646472657373223
a747275652c22686f7374223a226d6170732e676f6f676c652e636f6
d222c2276657273696f6e223a22312e312e30227d" } }
????09-09 08:37:10.371 W/dalvikvm( 191): MalDroid: { "CryptoUsage": { "operation": "keyalgo"?? "key": "53?? 52?? 67?? 68?? 65?? 48?? 54?? 51?? 67?? 68?? 53?? 56?? 68?? 56?? 53?? 70"?? "algorithm": "AES" } }
????09-09 08:37:12.560 W/dalvikvm( 191): MalDroid: { "CryptoUsage": { "operation": "encryption"?? "algorithm": "AES/CBC/PKCS5Padding"?? "data": "ylmftg6" } }
????09-17 20:17:14.302 W/dalvikvm( 274): MalDroid: { "ServiceStart": { "name": "com.android.md5.Settings" } }
????09-17 20:24:24.944 W/dalvikvm( 126): MalDroid: { "FdAccess": { "path": "2f646174612f646174612f636f6d2e
616e64726f69642e6c61756
e636865722f66696c65732f6c61756e636865722e
707265666572656e636573"?? "id": "588716465" } }
????09-17 20:24:24.965 W/dalvikvm( 126): MalDroid: { "FileRW": { "operation": "read"?? "data": "0005"?? "id": "588716465" } }
?????????????MalDroidAnalyzer??????????????????????????????????檔???????Щ????????????????????????
????1??????????
????2?????????
????3?????????????
????4????????????????
????5??Root?????
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11
sales@spasvo.com