tool

ANDetect

ANDetect.jar is a tool for detecting the third-party advertising libraries of an APK. To help testers apply our tools, we provide demo videos. 

Dev Environment

JDK version: 11.0.16.1

IntelliJ IDEA: 2020.1.4 x64

Test Environmen

OS Name: Ubuntu 20.04.2 LTS

Processor: 12th Gen Intel® Core™ i9-12900K × 8 

Memory: 31.3 GiB

Command

$ java -jar ANDetect.jar -a [APK name] -o [output file name]

where [APK name] refers to the target APK and the result will be written to [output file name] 

Running Step

1. Download all files in this folder. Unzip resources.zip and then place the folder 'resources' in the same directory with 'ANDetect.jar' and 'demo_apks'.

2. Run ANDetect.jar with the given demo apks in demo_apks. Choose an apk in demo_apks and name an output file you like, for example 'result.txt', and the file will record the ad libraries detected in the demo apk.

$ java -jar ANDetect.jar -a demo_apks/encrypted_ad.apk -o result.txt

Result

1. [Encrypted APK] presents the APK is encrypted or not.

2. If encrypted, ANDetect analyzes APK by resource features and gives the name of Ad networks in [Res Detect Result].

3. If not-encrypted, ANDetect analyzes APK by structural and semantic features and gives the name as well as version of Ad networks in [SC Detect Result].

Running by docker (new!!!)

In order to running ANDetect.jar, we deployed the lab environment in docker. Follow the steps to run ANDetect.jar.

1. Pull our images from docker hub.

$ docker pull imcaviar/andetect_demo

2. Enter the Bash environment.

$ docker run -ti imcaviar/andetect_demo bash

3. Test ANDetect.jar with four demo APKs.(demo_apks/unencrypted_ad.apk; demo_apks/unencrypted_noad.apk; demo_apks/encrypted_ad.apk; demo_apks/encrypted_noad.apk)

$ java -jar ANDetect.jar -a demo_apks/unencrypted_ad.apk -o result.txt

4. Find the advertising libs in result.txt.

$ cat result.txt