qark android 代码安全审计

 .d88888b.           d8888   8888888b.    888    d8P
d88P" "Y88b         d88888   888   Y88b   888   d8P
888     888        d88P888   888    888   888  d8P
888     888       d88P 888   888   d88P   888d88K
888     888      d88P  888   8888888P"    8888888b
888 Y8b 888     d88P   888   888 T88b     888  Y88b
Y88b.Y8b88P    d8888888888   888  T88b    888   Y88b
 "Y888888"    d88P     888   888   T88b   888    Y88b
       Y8b

1. 下载源代码

git clone https://github.com/linkedin/qark.git

2. 安装， 首先您需要安装了python2.7 + 的环境

3. sudo /usr/local/bin/python setup.py install

setup为qark中的setup.py 安装脚本

4. 如果提示需要升级python的一些类库， 需要提前升级好。

5. 安装成功后就可以进行代码审计了。

python qarkMain.py –source 1 –pathtoapk /tmp/test.apk –exploit 0 –install 0

备注： 您需要安装android sdk， 如果你已经有android sdk ，则直接指定目录即可。

Updated config value:: rootDir /home/test/software/qark-latest/qark/qark
INFO – Initializing…

Certain functionalities in QARK rely on using Android SDK. You may have an existing Android SDK on your system that you may want to use.
If not, QARK makes it easier for you to download the required components from Android SDK, automatically. If you select “n” to the following option, you would be asked to provide a location to the Android SDK manually.
It is recommended that you let QARK download and setup Android SDK. This will not affect any existing Android SDK setup you may have on your system.

Do you want QARK to download and set up Android SDK?[y/n] :n
Please enter the fullpath to your Android SDK root directory:/home/test/software/qark/android-sdk_r24.3.4-linux
ERROR – That doesnt seem to be the root directory of Android SDK. Please try again.

此篇文章已被阅读2363 次