-
Notifications
You must be signed in to change notification settings - Fork 70
1. Installation and Execution
Tom S edited this page Aug 29, 2024
·
5 revisions
- First, obviously, you have to download Jandroid.
- Install all pre-requisites. This can be done by navigating to the base folder (also referred to as ) and executing
pip install -r requirements.txt. - If you're planning on using neo4j, then download and install it, and create a database named
neo4j, with passwordn3o4j. If you want to use different credentials, then edit the config file at <Jandroid home>/config/jandroid.conf accordingly.
- Copy your APK/.ext4/system.img files to <Jandroid home>/apps/.
- Define any templates you want. The next section describes this step in greater detail. Note that Jandroid comes with some pre-defined templates. If you don’t want to use them, rename the file extension to something other than .template.
- Also, set any configuration options you want. This can be done by modifying the <Jandroid home>/config/jandroid.conf file. You can, for example, choose to run Jandroid in multiple parallel threads. However, this can use up a lot of memory, so do this only if you’re running Jandroid on a fairly powerful server.
- Finally, run Jandroid from within the <Jandroid home>/src folder using the following command:
python jandroid.py [-h] [-f FOLDER] [-p [{android}]] [-e [{device,ext4,img}]] [-g [{neo4j,visjs,both}]]
usage: python jandroid.py [-h] [-f FOLDER] [-p [{android}]] [-e [{device,ext4,img}]]
[-g [{neo4j,visjs,both}]]
A tool for performing pattern matching against applications.
optional arguments:
-h, --help show this help message and exit
-f FOLDER, --folder FOLDER
folder containing apps to be analysed (or to which
apps should be pulled, when used with the -p flag).
Provide absolute path to folder as argument.
-p [{android}], --platform [{android}]
the type of files/platform to be analysed, e.g.,
android. Only android is currently supported. Support
for other files to be added.
-e [{device,ext4,img}], --extract [{device,ext4,img}]
extract Android apps from connected device or system
image. Only relevant when platform=android. Use "-e
device" to pull APKs from device (default). (Make sure
that only one Android device is connected and that it
is unlocked.) Use "-e ext4" to extract applications
from an ext4 system image. Use "-e img" to pull
applications from a .img system image. Apps get pulled
to <root>/apps/ directory or to folder specified with
the -f option. If pulling from system image, the image
must be in this folder as well.
-g [{neo4j,visjs,both}], --graph [{neo4j,visjs,both}]
show results on graph. Use "-g neo4j" to output to a
Neo4j database. Requires that a Neo4j database be up
and running on http://localhost:7474 with
username:neo4j and password:n3o4jn3o4j (or user-
specified values from config). Or use "-g visjs"
to create a vis.js network in html that can be viewed
from the output folder. Or use "-g both" to generate
both.
-v [{debug,info,warning,error,critical}], --verbosity , --log-level
set logging level. Use "-v debug" to show all
debug messages.
Use "-v info" to show only info messages.
Use "-v warning" to show warnings and errors.
Use "-v error" to show only errors.
Use "-v critical" to show only critical errors.
-t TEMPLATE, --template TEMPLATE
specify template to use for analysis.
Provide filename as argument.