FORUMS

[dexdump] εxodus >TRACKERS< apk static analysis

710 posts
Thanks Meter: 959
 
By oF2pks, Senior Member on 24th August 2018, 04:54 PM
Post Reply Email Thread
>TRACKERS< apk static analysis was already available, on android, with AddonsDetectors ; thanks to non-profit εxodus, we have an open source, multi-platform tool, to analyze embedded trackers in apk, on android & PCs, using dexdump.
With it, Rom-developers can scan their already built apps, like webview or Turbo (DeviceHealthServices Google LLC), to countercheck their 'integrity'.

Analysis is based on cross examination of εxodusJSON & dexdump*apk. On android, dexdump can be found in /system/bin

For Playstore installed apps only , you can straight use open-source εxodus.apk https://play.google.com/store/apps/d....exodusprivacy, or directly query online.

Quote:

On Android, check pilot apk ClassyShark3xodus.apk to cross-analyze classes with 179 Exodus' trackers; LongPress touch, on "launch-able (via icons)" packages_list, displays all full classes.
: added unique permission READ_EXTERNAL_STORAGE to scan *.apk, including ones not yet installed with any FileManager.
: attached app_PackagesInfo.apk to scan ALL installed packages (via 2°screen/3dots)
: simple mime +fastscroll +icons
: sub-stats via About/3dots
: sharedUserid and permission.READ_LOGS detection
: search & basic quickToggle switch option



Press on class to get synthetic viewer.
No internet required + zero permissions !
KitKat: due to missing getCodeCacheDir()/api21 ClassySharks can crash after multiple successive attempts

On PCs with python3 (&virtualenv), check exodus-standalone to scan any kind of apps package: *apk.
Otherwise with bash (& attached aapt-dexdump_Linux64.tar.gz with lib64/libc++.so) and working grep -P (pcre) you can also perform any apk like (latest Playstore) firefox61.0.2:

Code:
./dexdump firefox.apk | grep "Class descriptor" | sed 's/ Class descriptor  : //' | grep / | sed 's/\//./g' |sort | uniq > tt.txt
curl -s 'https://reports.exodus-privacy.eu.org/api/trackers' | grep -Po '"code_signature":.*?[^\\]",' | sed 's/"code_signature": //' | sed 's/"",/".",/' | sed 's/|/",\n"/g' | sed 's/"//' | sed 's/",//' | sort | uniq | sed -n '1!p' | xargs -I {} grep {} tt.txt
or simply use attached today signatures : 
cat signatures20182408.txt | xargs -I {} grep {} tt.txt
To get more info on apk : 
./aapt d badging firefox.apk
On android copy firefox.apk on sdcard
cd sdcard
curl32 -s 'https://reports.exodus-privacy.eu.org/api/trackers' | grep64 --buffer-size=10000K -o '"code_signature":.*?[^\\]",' | sed 's/"code_signature": //' | sed 's/"",/".",/' | sed 's/|/",\n"/g' | sed 's/"//' | sed 's/",//' | sort | uniq | sed -n '1!p' > signatures.txt
...
--> code signature of these trackers in firefox
    Adjust...com.adjust.sdk. *41
    Google Analytics...com.google.android.gms.analytics. *112
    Google Firebase Analytics...com.google.android.gms.measurement. *125
    LeanPlum...com.leanplum. *262


[εxodus-STANDALONE: python exodus_analyze.py firefox.apk]
=== Information - APK path: firefox.apk - APK sum: 31ca22d9977f14b0cf13fa0075ac2acc96070491086498819f1c9adbf92223a8 - App version: 61.0.2 - App version code: 2015574793 - App UID: 0992532694558859C09D4071243035F6FE5A20EC - App name: Firefox - App package: org.mozilla.firefox - App permissions: 32 - android.permission.GET_ACCOUNTS - android.permission.ACCESS_NETWORK_STATE - android.permission.MANAGE_ACCOUNTS - android.permission.USE_CREDENTIALS - android.permission.AUTHENTICATE_ACCOUNTS - android.permission.WRITE_SYNC_SETTINGS - android.permission.WRITE_SETTINGS - android.permission.READ_SYNC_STATS - android.permission.READ_SYNC_SETTINGS - org.mozilla.firefox_fxaccount.permission.PER_ACCOUNT_TYPE - com.google.android.c2dm.permission.RECEIVE - org.mozilla.firefox.permission.C2D_MESSAGE - com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY - android.permission.CHANGE_WIFI_STATE - android.permission.ACCESS_WIFI_STATE - android.permission.ACCESS_COARSE_LOCATION - android.permission.ACCESS_FINE_LOCATION - android.permission.ACCESS_NETWORK_STATE - android.permission.INTERNET - android.permission.RECEIVE_BOOT_COMPLETED - android.permission.READ_EXTERNAL_STORAGE - android.permission.WRITE_EXTERNAL_STORAGE - com.android.launcher.permission.INSTALL_SHORTCUT - com.android.launcher.permission.UNINSTALL_SHORTCUT - com.android.browser.permission.READ_HISTORY_BOOKMARKS - android.permission.WAKE_LOCK - android.permission.VIBRATE - android.permission.DOWNLOAD_WITHOUT_NOTIFICATION - android.permission.SYSTEM_ALERT_WINDOW - android.permission.NFC - android.permission.RECORD_AUDIO - android.permission.CAMERA - Certificates: 1 - Issuer: countryName=US, stateOrProvinceName=California, localityName=Mountain View, organizationName=Mozilla Corporation, organizationalUnitName=Release Engineering, commonName=Release Engineering Subject: countryName=US, stateOrProvinceName=California, localityName=Mountain View, organizationName=Mozilla Corporation, organizationalUnitName=Release Engineering, commonName=Release Engineering Fingerprint: 920f4876a6a57b4a6a2f4ccaf65f7d29ce26ff2c Serial: 1282604424 === Found trackers: 4 - Google Firebase Analytics - LeanPlum - Google Analytics - Adjust
./aapt d badging firefox.apk package: name='org.mozilla.firefox' versionCode='2015574793' versionName='61.0.2' platformBuildVersionName='' install-location:'internalOnly' sdkVersion:'16' targetSdkVersion:'23' uses-permission: name='android.permission.GET_ACCOUNTS' uses-permission: name='android.permission.ACCESS_NETWORK_STATE' uses-permission: name='android.permission.MANAGE_ACCOUNTS' uses-permission: name='android.permission.USE_CREDENTIALS' uses-permission: name='android.permission.AUTHENTICATE_ACCOUNTS' uses-permission: name='android.permission.WRITE_SYNC_SETTINGS' uses-permission: name='android.permission.WRITE_SETTINGS' uses-permission: name='android.permission.READ_SYNC_STATS' uses-permission: name='android.permission.READ_SYNC_SETTINGS' uses-permission: name='org.mozilla.firefox_fxaccount.permission.PER_ACCOUNT_TYPE' uses-permission: name='com.google.android.c2dm.permission.RECEIVE' uses-permission: name='org.mozilla.firefox.permission.C2D_MESSAGE' uses-permission: name='com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY' uses-permission: name='android.permission.CHANGE_WIFI_STATE' uses-permission: name='android.permission.ACCESS_WIFI_STATE' uses-permission: name='android.permission.ACCESS_COARSE_LOCATION' uses-permission: name='android.permission.ACCESS_FINE_LOCATION' uses-permission: name='android.permission.ACCESS_NETWORK_STATE' uses-permission: name='android.permission.INTERNET' uses-permission: name='android.permission.RECEIVE_BOOT_COMPLETED' uses-permission: name='android.permission.READ_EXTERNAL_STORAGE' uses-permission: name='android.permission.WRITE_EXTERNAL_STORAGE' uses-permission: name='com.android.launcher.permission.INSTALL_SHORTCUT' uses-permission: name='com.android.launcher.permission.UNINSTALL_SHORTCUT' uses-permission: name='com.android.browser.permission.READ_HISTORY_BOOKMARKS' uses-permission: name='android.permission.WAKE_LOCK' uses-permission: name='android.permission.VIBRATE' uses-permission: name='android.permission.DOWNLOAD_WITHOUT_NOTIFICATION' uses-permission: name='android.permission.SYSTEM_ALERT_WINDOW' uses-permission: name='android.permission.NFC' uses-permission: name='android.permission.RECORD_AUDIO' uses-permission: name='android.permission.CAMERA' application-label:'Firefox' application-label-af:'Firefox' application-label-am:'Firefox' application-label-an:'Firefox' application-label-ar:'Firefox' application-label-as:'Firefox' application-label-ast:'Firefox' application-label-az:'Firefox' application-label-az-AZ:'Firefox' application-label-be:'Firefox' application-label-bg:'Firefox' application-label-bn-BD:'Firefox' application-label-bn-IN:'Firefox' application-label-br:'Firefox' application-label-bs:'Firefox' application-label-ca:'Firefox' application-label-cak:'Firefox' application-label-cs:'Firefox' application-label-cy:'Firefox' application-label-da:'Firefox' application-label-de:'Firefox' application-label-dsb:'Firefox' application-label-el:'Firefox' application-label-en-AU:'Firefox' application-label-en-GB:'Firefox' application-label-en-IN:'Firefox' application-label-en-ZA:'Firefox' application-label-eo:'Firefox' application-label-es:'Firefox' application-label-es-AR:'Firefox' application-label-es-CL:'Firefox' application-label-es-ES:'Firefox' application-label-es-MX:'Firefox' application-label-es-US:'Firefox' application-label-et:'Firefox' application-label-et-EE:'Firefox' application-label-eu:'Firefox' application-label-eu-ES:'Firefox' application-label-fa:'Firefox' application-label-ff:'Firefox' application-label-fi:'Firefox' application-label-fr:'Firefox' application-label-fr-CA:'Firefox' application-label-fy-NL:'Firefox' application-label-ga-IE:'Firefox' application-label-gd:'Firefox' application-label-gl:'Firefox' application-label-gl-ES:'Firefox' application-label-gn:'Firefox' application-label-gu-IN:'Firefox' application-label-hi:'Firefox' application-label-hi-IN:'Firefox' application-label-hr:'Firefox' application-label-hsb:'Firefox' application-label-hu:'Firefox' application-label-hy-AM:'Firefox' application-label-in:'Firefox' application-label-is:'Firefox' application-label-is-IS:'Firefox' application-label-it:'Firefox' application-label-iw:'Firefox' application-label-ja:'Firefox' application-label-ka:'Firefox' application-label-ka-GE:'Firefox' application-label-kab:'Firefox' application-label-kk:'Firefox' application-label-kk-KZ:'Firefox' application-label-km-KH:'Firefox' application-label-kn:'Firefox' application-label-kn-IN:'Firefox' application-label-ko:'Firefox' application-label-ky-KG:'Firefox' application-label-lo:'Firefox' application-label-lo-LA:'Firefox' application-label-lt:'Firefox' application-label-lv:'Firefox' application-label-mai:'Firefox' application-label-mk-MK:'Firefox' application-label-ml:'Firefox' application-label-ml-IN:'Firefox' application-label-mn-MN:'Firefox' application-label-mr:'Firefox' application-label-mr-IN:'Firefox' application-label-ms:'Firefox' application-label-ms-MY:'Firefox' application-label-my:'Firefox' application-label-my-MM:'Firefox' application-label-nb:'Firefox' application-label-nb-NO:'Firefox' application-label-ne-NP:'Firefox' application-label-nl:'Firefox' application-label-nn-NO:'Firefox' application-label-oc:'Firefox' application-label-or:'Firefox' application-label-pa-IN:'Firefox' application-label-pl:'Firefox' application-label-pt:'Firefox' application-label-pt-BR:'Firefox' application-label-pt-PT:'Firefox' application-label-rm:'Firefox' application-label-ro:'Firefox' application-label-ru:'Firefox' application-label-si-LK:'Firefox' application-label-sk:'Firefox' application-label-sl:'Firefox' application-label-son:'Firefox' application-label-sq:'Firefox' application-label-sq-AL:'Firefox' application-label-sr:'Firefox' application-label-sv:'Firefox' application-label-sv-SE:'Firefox' application-label-sw:'Firefox' application-label-ta:'Firefox' application-label-ta-IN:'Firefox' application-label-te:'Firefox' application-label-te-IN:'Firefox' application-label-th:'Firefox' application-label-tl:'Firefox' application-label-tr:'Firefox' application-label-trs:'Firefox' application-label-uk:'Firefox' application-label-ur:'Firefox' application-label-ur-PK:'Firefox' application-label-uz:'Firefox' application-label-uz-UZ:'Firefox' application-label-vi:'Firefox' application-label-wo:'Firefox' application-label-xh:'Firefox' application-label-zam:'Firefox' application-label-zh-CN:'Firefox' application-label-zh-HK:'Firefox' application-label-zh-TW:'Firefox' application-label-zu:'Firefox' application-icon-160:'res/drawable-hdpi-v4/icon.png' application-icon-213:'res/drawable-hdpi-v4/icon.png' application-icon-240:'res/drawable-hdpi-v4/icon.png' application-icon-320:'res/drawable-xhdpi-v4/icon.png' application-icon-480:'res/drawable-xxhdpi-v4/icon.png' application-icon-640:'res/drawable-xxxhdpi-v4/icon.png' application-icon-65535:'res/drawable-xxxhdpi-v4/icon.png' application: label='Firefox' icon='res/drawable-hdpi-v4/icon.png' feature-group: label='' uses-gl-es: '0x20000' uses-feature-not-required: name='android.hardware.audio.low_latency' uses-feature-not-required: name='android.hardware.camera' uses-feature-not-required: name='android.hardware.camera.any' uses-feature-not-required: name='android.hardware.camera.autofocus' uses-feature-not-required: name='android.hardware.location' uses-feature-not-required: name='android.hardware.location.gps' uses-feature-not-required: name='android.hardware.microphone' uses-feature-not-required: name='android.hardware.nfc' uses-feature: name='android.hardware.touchscreen' uses-feature: name='android.hardware.wifi' uses-implied-feature: name='android.hardware.wifi' reason='requested android.permission.ACCESS_WIFI_STATE permission, and requested android.permission.CHANGE_WIFI_STATE permission' main other-activities other-receivers other-services supports-screens: 'small' 'normal' 'large' 'xlarge' supports-any-density: 'true' locales: '--_--' 'af' 'am' 'an' 'ar' 'as' 'ast' 'az' 'az-AZ' 'be' 'bg' 'bn-BD' 'bn-IN' 'br' 'bs' 'ca' 'cak' 'cs' 'cy' 'da' 'de' 'dsb' 'el' 'en-AU' 'en-GB' 'en-IN' 'en-ZA' 'eo' 'es' 'es-AR' 'es-CL' 'es-ES' 'es-MX' 'es-US' 'et' 'et-EE' 'eu' 'eu-ES' 'fa' 'ff' 'fi' 'fr' 'fr-CA' 'fy-NL' 'ga-IE' 'gd' 'gl' 'gl-ES' 'gn' 'gu-IN' 'hi' 'hi-IN' 'hr' 'hsb' 'hu' 'hy-AM' 'in' 'is' 'is-IS' 'it' 'iw' 'ja' 'ka' 'ka-GE' 'kab' 'kk' 'kk-KZ' 'km-KH' 'kn' 'kn-IN' 'ko' 'ky-KG' 'lo' 'lo-LA' 'lt' 'lv' 'mai' 'mk-MK' 'ml' 'ml-IN' 'mn-MN' 'mr' 'mr-IN' 'ms' 'ms-MY' 'my' 'my-MM' 'nb' 'nb-NO' 'ne-NP' 'nl' 'nn-NO' 'oc' 'or' 'pa-IN' 'pl' 'pt' 'pt-BR' 'pt-PT' 'rm' 'ro' 'ru' 'si-LK' 'sk' 'sl' 'son' 'sq' 'sq-AL' 'sr' 'sv' 'sv-SE' 'sw' 'ta' 'ta-IN' 'te' 'te-IN' 'th' 'tl' 'tr' 'trs' 'uk' 'ur' 'ur-PK' 'uz' 'uz-UZ' 'vi' 'wo' 'xh' 'zam' 'zh-CN' 'zh-HK' 'zh-TW' 'zu' densities: '160' '213' '240' '320' '480' '640' '65535' native-code: 'armeabi-v7a'
For odex /system packages; check
-PC: {baksmali list classes} on *.odex or {dextra} on *.vdex http://newandroidbook.com/tools/dextra.html
-android: {oatdump --oat-file=} on *.odex

For android check attached Magisk systemless module with aapt32 curl32 (curl 7.43.0-DEV Android 6.0.1 armv7-a-neon) and grep64 (pcre2grep version 10.22 2016-07-29)

More info for: "tracking software on smartphones" https://theintercept.com/2017/11/24/...-android-apps/
Related tools: https://github.com/ashishb/android-security-awesome
The Following 15 Users Say Thank You to oF2pks For This Useful Post: [ View ] Gift oF2pks Ad-Free
2nd December 2018, 08:10 AM |#2  
jawz101's Avatar
Senior Member
Thanks Meter: 746
 
More
So you make this app now on fdroid? Could there be a way to have it also display all classes not already defined.

Like, 2 options:
1- show classes detected by Exodus signatures

2-
show classes not detected by Exodus signatures
and not com.android.*
and not com.google.*
and not com.firstpartypackage.*

And then a search option

That would be like a way to find new stuff.

Oh, and another complementary tool you might be interested in is called Dexplorer

https://play.google.com/store/apps/d...=com.dexplorer

I love that you made this. It's raw output and styling gives a feel that "I'm analyzing something" and "wow! Look at all of that crap!"


The only thing I might change on the branding is the icon and name. The only reason I recognized it was because it had Exodus in the name. Maybe 10 other people in the world would make that connection. Just an opinion.

Or give it a snazzy tagline like "The World Famous Zuckerberg NSA Cryptominer Detector- GDPR Edition". That will turn heads.

Thanks!
30th April 2019, 11:58 PM |#3  
oF2pks's Avatar
OP Senior Member
Thanks Meter: 959
 
More
ClassySharkExodus upgrade to latest ExodusPrivacy database is on the go on F-Droid: 202
More info https://gitlab.com/oF2pks/3xodusprivacy-toolbox

LongPress gives access to all classes.
Quote:
Originally Posted by jawz101

...
show classes not detected by Exodus signatures
...
And then a search option
...

For xda Only, attached in first post is edition with search option; also attached is app_PackagesInfo which includes additional full scan option (plus sorted permissions, with '=3' when granted). I will finalize these cosmetics on F-Droid later.
@jawz101 , btw; Etip Exodus wip database is now accessible: https://etip.exodus-privacy.eu.org/trackers/export , thx for your previous extractions.
EDIT : added basic quick Toggle to switch between full & Exodus classes list without recalculation.
Attached Thumbnails
Click image for larger version

Name:	aInfos.jpg
Views:	456
Size:	171.3 KB
ID:	4751333  
The Following 3 Users Say Thank You to oF2pks For This Useful Post: [ View ] Gift oF2pks Ad-Free
17th May 2019, 02:49 PM |#4  
Senior Member
Thanks Meter: 163
 
More
Just discovered this on fdroid. Cool app
23rd May 2019, 03:37 PM |#5  
Junior Member
Thanks Meter: 0
 
More
Hello
12th June 2019, 11:37 PM |#6  
yochananmarqos's Avatar
Recognized Contributor
Thanks Meter: 2,481
 
Donate to Me
More
ClassyShark3xodus conflicts with PackageInstaller when opening an APK. It asks every time if I want to open with PackageInstaller or ClassyShark3xodus even though I choose Always for PackageInstaller. There are no defaults set for ClassyShark3xodus and defaults are set for PackageInstaller.

I'm using ClassyShark3xodus 1.0-7 from F-Droid on my OnePlus 7 Pro (see sig).
Attached Thumbnails
Click image for larger version

Name:	Screenshot_20190612-152848.jpg
Views:	224
Size:	178.2 KB
ID:	4775857   Click image for larger version

Name:	Screenshot_20190612-152827.jpg
Views:	224
Size:	220.9 KB
ID:	4775858  
The Following 2 Users Say Thank You to yochananmarqos For This Useful Post: [ View ] Gift yochananmarqos Ad-Free
13th June 2019, 04:16 PM |#7  
oF2pks's Avatar
OP Senior Member
Thanks Meter: 959
 
More
Quote:
Originally Posted by yochananmarqos

ClassyShark3xodus conflicts with PackageInstaller when opening an APK. It asks every time if I want to open with PackageInstaller or ClassyShark3xodus even though I choose Always for PackageInstaller. There are no defaults set for ClassyShark3xodus and defaults are set for PackageInstaller.

I'm using ClassyShark3xodus 1.0-7 from F-Droid on my OnePlus 7 Pro (see sig).

For the conflict, it is solely related to manifest intent declaration : https://bitbucket.org/oF2pks/fdroid-...t.xml#lines-34.
Uninstall ClassyShark and try F-Droid safe Stanley app (same process intent) to countercheck your PackageInstaller behaviour.

If you don't have Magisk installed, then it looks like a bug in Oneplus rom: ClassyShark (& Stanley) doesn't use any privileged rights (conversely to PackageInstaller) nor su; I suggest a bug report on Oneplus forum (?).

With Magisk "remounts", it's possible PackageInstaller get loose : give a try to foss GhostCommander to check what happens with [OpenWith] .apk option and PackageInstaller selected.

btw I wish you could post on xda the json of OP7pro from my deviceInfos fdroid app https://forum.xda-developers.com/and...k-gsf-t3849908 ; so I could see OP7pro generics (they are no private infos in the json).
The Following User Says Thank You to oF2pks For This Useful Post: [ View ] Gift oF2pks Ad-Free
13th June 2019, 04:44 PM |#8  
yochananmarqos's Avatar
Recognized Contributor
Thanks Meter: 2,481
 
Donate to Me
More
Quote:
Originally Posted by oF2pks

For the conflict, it is solely related to manifest intent declaration : https://bitbucket.org/oF2pks/fdroid-...t.xml#lines-34.
Uninstall ClassyShark and try F-Droid safe Stanley app (same process intent) to countercheck your PackageInstaller behaviour.

If you don't have Magisk installed, then it looks like a bug in Oneplus rom: ClassyShark (& Stanley) doesn't use any privileged rights (conversely to PackageInstaller) nor su; I suggest a bug report on Oneplus forum (?).

With Magisk "remounts", it's possible PackageInstaller get loose : give a try to foss GhostCommander to check what happens with [OpenWith] .apk option and PackageInstaller selected.

btw I wish you could post on xda the json of OP7pro from my deviceInfos fdroid app https://forum.xda-developers.com/and...k-gsf-t3849908 ; so I could see OP7pro generics (they are no private infos in the json).

No, I don't have Magisk installed. I'm waiting on my unlock code.

I attached the json file from Kaltura.
Attached Files
File Type: txt 91905161437.json.txt - [Click for QR Code] (60.7 KB, 12 views)
16th June 2019, 02:46 PM |#9  
oF2pks's Avatar
OP Senior Member
Thanks Meter: 959
 
More
Quote:
Originally Posted by yochananmarqos

No, I don't have Magisk installed. I'm waiting on my unlock code.

I attached the json file from Kaltura.

(thx for json, I wish more xda users could throw their json so I could update the app: initially, I thought xda could be interested to settle a global coherent central database (for forums headers ? @MikeChannon ) to help cross-development through similar devices (OEM kernel , soc ...)).

I have uploaded new softened ClassyShark3xodus(202) in post#1 ; normally Oneplus PackageInstaller.apk should use this in manifest:
Code:
            <intent-filter  android:priority="1-99">
                <action android:name="android.intent.action.VIEW" />

                <category android:name="android.intent.category.INSTALL_PACKAGE" />
                <category android:name="android.intent.category.DEFAULT" />

                <data android:scheme="content" />
                <data android:scheme="file" />
                <data android:mimeType="application/vnd.android.package-archive" />
            </intent-filter>
you can check apk's manifest.xml (and many more...) with attached app_PackagesInfo-debug13.apk.

NEW in xda/debug post#1:
  • ClassyShark3xodus : file sha256 (as shown in fdroid' index.xml)
  • app_PackagesInfo : signature decryption cert with sha1/256
The Following 2 Users Say Thank You to oF2pks For This Useful Post: [ View ] Gift oF2pks Ad-Free
1st July 2019, 02:59 AM |#10  
Senior Member
Thanks Meter: 733
 
Donate to Me
More
Awesome project, please keep it up! Exodus is good, but too slow to run from phone, and it only works with apps from PlayStore. Regards.
12th August 2019, 01:18 AM |#11  
Junior Member
Thanks Meter: 6
 
More
Suggestions
I'm poking through the apps on my system, but it took me a while to find the legend; I expected the first menu item to be a list of supported trackers, not a general about popup. Having looked at it for a while now, I've got a large number of comments regarding issues, usability, style, observations, suggestions, etc. Most of them are fairly minor, just renaming menu items and small tweaks for usability, but some documentation is needed in-app.
  1. rename menu item to 'about'
  2. move legend to its own menu item (Related: 1, 2, 11, 14)
  3. format the legend text so it appears the same as the items in the main screen (or use a picture) (Related: 2, 11, 14)
  4. change the urls in the about menu to be clickable
  5. don't highlight package names in white, it looks weird
  6. for gray background on system apps, make the entire background (margins/padding) of the outer element gray, not just the text part. Alternatively, just changed the text color.
  7. consider making the popup screen when tapping an app into a horizontally scrollable view; the hashes/fingerprints don't have to break onto a separate line from the label sha256.
  8. add margins to the screen that pops up on tap; after the loading animation goes away, the letters seem to be only 1px from the window edge, there should be a border of at least 5px around the entire window
  9. Changing the sort method should be labeled as such, I didn't know the funny arrow meant sort until I tapped it
  10. The 'super' label in the menu makes no sense. It should be renamed to Permissions or PackageInfo or Trackers or some such, depending on the view.
  11. In PackageInfo view, there should be something to explain the asterisk and snowflake before the permission label, as well as the ^✓ after it. The nulls should be removed. Consider changing this entire section to a table with headers (*, ☸, permission, group, dangerous, instant, privileged, development, appop, preinstalled, etc) with an explanation of exactly what dangerous, development, *, ☸, and other less obvious terms mean, either on-tap or in a legend somewhere. (Related: 14, 2)
  12. When you tap an app, the information should be cached until the app is closed, to prevent waiting for the work to be done again.
  13. PackageInfo and manifest should be exportable (Related: 15, 17)
  14. Legend for the list of trackers symbols (°, ?, ², μ) (Related: 11, 2)
  15. Having a full package explorer is hardly necessary, but it might be nice to be able to unzip the apk to the sdcard for exploring with another app, along with the list of trackers found in the app and the list of activities, other metadata. (Related: 13, 17)
  16. Firefox Nightly (org.mozilla.fennec_aurora) shows up as having a shared userid, however the package it lists (org.mozilla.fennec.sharedID) doesn't appear to be installed. The other Mozilla apps installed are Klar (org.mozilla.klar), Firefox Lite (org.mozilla.rocket), and Firefox Preview (org.firefox.fenix), none of which are shown as sharing userids.
  17. I can't make selections to copy from various popups to the clipboard. (Related: 13, 15, 16)
  18. After processing an app, save the results for it (more than just #12) until the app is updated.
  19. After processing an app, update the main view; maybe have different symbols or app colors to indicate if an app has been analyzed, and further if any signatures were found.
Yes, it's a long list. Feel free to ignore me, I won't get offended.
The Following User Says Thank You to Efreak2004 For This Useful Post: [ View ] Gift Efreak2004 Ad-Free
Post Reply Subscribe to Thread

Tags
aapt, dexdump, exodus, pcre2grep, εxodus

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes