很多应用内嵌了google admob广告库,广告库没有源码,而且二进制代码也经过了代码混淆。普通用户很难知道广告究竟干了什么。
因此,我尝试分析这些广告库经过baksmail反汇编后的smali代码,然后在其中寻找敏感API的调用,其中,敏感API有Intent,Uri,File IO,Network IO,Database,ContentResolver,SMS,App List,TelephonyManager,Digest,Cipher等相关的几十个API。
得出的结果是:
admob广告库调用了以下敏感API:
所列第一行是API的description,第二行调用该API的类->方法。
Landroid/content/Intent;-><init>(Landroid/content/Context;Ljava/lang/Class;)VLcom/google/ads/AdActivity$StaticMethodWrapper;->launchAdActivity
*******************
Landroid/content/Intent;-><init>()V
Lcom/google/ads/AdActivity;->a
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/AdActivity;->a
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/AdActivity;->a
*******************
Landroid/content/Intent;-><init>()V
Lcom/google/ads/AdActivity;->a
*******************
Lcom/google/ads/AdActivity;->startActivity(Landroid/content/Intent;)V
Lcom/google/ads/AdActivity;->a
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/al;->a
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/r;->a
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/r;->a
*******************
Landroid/content/ContentResolver;->query(Landroid/net/Uri;[Ljava/lang/String;Ljava/lang/String;[Ljava/lang/String;Ljava/lang/String;)Landroid/database/Cursor;
Lcom/google/ads/at$a;->run
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/as;-><clinit>
*******************
Ljava/security/MessageDigest;->getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;
Lcom/google/ads/b;->d
*******************
Ljava/security/MessageDigest;->update([B)V
Lcom/google/ads/b;->d
*******************
Ljava/security/MessageDigest;->update([B)V
Lcom/google/ads/b;->d
*******************
Ljava/security/MessageDigest;->digest()[B
Lcom/google/ads/b;->d
*******************
Ljavax/crypto/spec/SecretKeySpec;-><init>([BLjava/lang/String;)V
Lcom/google/ads/an;->a
*******************
Ljavax/crypto/Cipher;->getInstance(Ljava/lang/String;)Ljavax/crypto/Cipher;
Lcom/google/ads/an;->a
*******************
Ljavax/crypto/Cipher;->init(ILjava/security/Key;Ljava/security/spec/AlgorithmParameterSpec;)V
Lcom/google/ads/an;->a
*******************
Ljavax/crypto/Cipher;->doFinal([B)[B
Lcom/google/ads/an;->a
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/q;->a
*******************
Landroid/content/Intent;-><init>(Ljava/lang/String;Landroid/net/Uri;)V
Lcom/google/ads/q;->a
*******************
Ljava/security/MessageDigest;->getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;
Lcom/google/ads/aj;->a
*******************
Ljava/security/MessageDigest;->update([B)V
Lcom/google/ads/aj;->a
*******************
Ljava/security/MessageDigest;->digest()[B
Lcom/google/ads/aj;->a
*******************
Ljava/net/URL;->openConnection()Ljava/net/URLConnection;
Lcom/google/ads/ae;->a
*******************
Ljava/net/URL;-><init>(Ljava/lang/String;)V
Lcom/google/ads/ae;->run
*******************
Ljava/security/MessageDigest;->getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;
Lcom/google/ads/util/AdUtil;->b
*******************
Ljava/security/MessageDigest;->update([BII)V
Lcom/google/ads/util/AdUtil;->b
*******************
Ljava/security/MessageDigest;->digest()[B
Lcom/google/ads/util/AdUtil;->b
*******************
Landroid/content/Intent;-><init>(Landroid/content/Context;Ljava/lang/Class;)V
Lcom/google/ads/util/AdUtil;->c
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/util/AdUtil;->e
*******************
Landroid/content/Intent;-><init>(Ljava/lang/String;Landroid/net/Uri;)V
Lcom/google/ads/util/AdUtil;->e
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/util/AdUtil;->e
*******************
Landroid/content/Intent;-><init>(Ljava/lang/String;Landroid/net/Uri;)V
Lcom/google/ads/util/AdUtil;->e
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/util/AdUtil;->f
*******************
Landroid/content/Intent;-><init>(Ljava/lang/String;Landroid/net/Uri;)V
Lcom/google/ads/util/AdUtil;->f
*******************
Ljava/net/URL;-><init>(Ljava/lang/String;)V
Lcom/google/ads/util/g$b;->a
*******************
Ljava/net/URL;->openConnection()Ljava/net/URLConnection;
Lcom/google/ads/util/g$b;->a
*******************
Ljava/net/URL;-><init>(Ljava/lang/String;)V
Lcom/google/ads/internal/f;->b
*******************
Landroid/content/Intent;-><init>(Ljava/lang/String;)V
Lcom/google/ads/internal/k$a$3;->onClick
*******************
Ljava/net/URL;->openConnection()Ljava/net/URLConnection;
Lcom/google/ads/internal/f$1;->a
*******************
Landroid/content/Intent;-><init>(Ljava/lang/String;)V
Lcom/google/ads/internal/AdWebView$1;->onDownloadStart
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/internal/AdWebView$1;->onDownloadStart
*******************
Landroid/net/Uri;->parse(Ljava/lang/String;)Landroid/net/Uri;
Lcom/google/ads/internal/i;->shouldOverrideUrlLoading
*******************
Ljava/net/URL;->openConnection()Ljava/net/URLConnection;
Lcom/google/ads/internal/j;->a
*******************
Ljava/net/URL;-><init>(Ljava/lang/String;)V
Lcom/google/ads/internal/j;->run
注:敏感API的列表来自APImonitor:https://code.google.com/p/droidbox/wiki/APIMonitor