I'm trying to make a control flow graph with the soot API from an Android APK. I have read a lot but i feel a little bit helpless how to start from scratch. I'm using a nighty build of soot (downloaded here: https://ssebuild.cased.de/nightly/soot/lib/) because I read that version 2.5.0 is outdated. I found a lot with google, for example:
https://mailman.cs.mcgill.ca/pipermail/soot-list/2014-September/007303.html
First I need to load the Android APK file. On the link it's done with:
SetupApplication app = new SetupApplication(...)
But thats already the first problem, there is no SetupApplication in the nightly build soot.jar.
I did it with the command line, like here:
http://www.abartel.net/dexpler/
that worked almost, but building the control flow graph is only the first step. After that I have to manipulate the graphs and use it as an input for some other framework. So command line is no option for me. I would prefer to do it with Java!
Can someone help a soot newbie?
For getting call graph through Soot, try the Soot lib located at https://github.com/secure-software-engineering/soot-infoflow-android instead. Then import soot.jimple.infoflow.android.SetupApplication in your Java source code. Everything should be fine.