tool
ANDetect
ANDetect.jar is a tool for detecting the third-party advertising libraries of an APK. To help testers apply our tools, we provide demo videos.
Dev Environment
JDK version: 11.0.16.1
IntelliJ IDEA: 2020.1.4 x64
Test Environmen
OS Name: Ubuntu 20.04.2 LTS
Processor: 12th Gen Intel® Core™ i9-12900K × 8
Memory: 31.3 GiB
Command
$ java -jar ANDetect.jar -a [APK name] -o [output file name]
where [APK name] refers to the target APK and the result will be written to [output file name]
Running Step
1. Download all files in this folder. Unzip resources.zip and then place the folder 'resources' in the same directory with 'ANDetect.jar' and 'demo_apks'.
2. Run ANDetect.jar with the given demo apks in demo_apks. Choose an apk in demo_apks and name an output file you like, for example 'result.txt', and the file will record the ad libraries detected in the demo apk.
$ java -jar ANDetect.jar -a demo_apks/encrypted_ad.apk -o result.txt
Result
1. [Encrypted APK] presents the APK is encrypted or not.
2. If encrypted, ANDetect analyzes APK by resource features and gives the name of Ad networks in [Res Detect Result].
3. If not-encrypted, ANDetect analyzes APK by structural and semantic features and gives the name as well as version of Ad networks in [SC Detect Result].
Running by docker (new!!!)
In order to running ANDetect.jar, we deployed the lab environment in docker. Follow the steps to run ANDetect.jar.
1. Pull our images from docker hub.
$ docker pull imcaviar/andetect_demo
2. Enter the Bash environment.
$ docker run -ti imcaviar/andetect_demo bash
3. Test ANDetect.jar with four demo APKs.(demo_apks/unencrypted_ad.apk; demo_apks/unencrypted_noad.apk; demo_apks/encrypted_ad.apk; demo_apks/encrypted_noad.apk)
$ java -jar ANDetect.jar -a demo_apks/unencrypted_ad.apk -o result.txt
4. Find the advertising libs in result.txt.
$ cat result.txt