- MacOS
- Xcode 13
- A rooted iOS device
- Downloader
- Static Assessment Framework(SAF)
- Dynamic Assessment Framework (DAF)
- Gathter call traces and network traffic
- Inference (data, purpose)
- Compliance check
- install Python 3.10.10
python3.10 -m venv LalaineEnvsource LalaineEnv/bin/activatecd Lalainepython -m pip install wheel setuptoolsbrew install cmake libomppip install -r requirements.txt
We utilize Macaca, an open-source automation testing framework that supports various types of applications including native, mobile, hybrid, web, and mobile web applications. Macaca offers automation drivers, environment support, peripheral tools, and integration solutions to tackle challenges such as test automation and client-side performance. In addition, we configure NoSmoke, a cross-platform UI crawler that scans view trees, performs OCR operations, and generates and executes UI test cases.
- install macaca https://macacajs.github.io/guide/environment-setup.html#macaca-cli
- install nosmoke https://macacajs.github.io/NoSmoke/guide/
We utilize Frida, a dynamic code instrumentation toolkit. We inject snippets of JavaScript into native apps on iOS. We built our hooking framework on top of the Frida API.
- install Frida’s CLI tools on MacOS: https://frida.re/docs/installation/
- configure Frida on your rooted iOS device: https://frida.re/docs/ios/
We utilized Fiddler, which is a web debugging proxy tool that monitors, analyzes, and modifies the traffic on the iOS device.
- install Fiddler on your MacOS: https://docs.telerik.com/fiddler/configure-fiddler/tasks/configureformac
- configure your rooted iOS device: https://docs.telerik.com/fiddler/configure-fiddler/tasks/configureforios
- Put the information of the app that you want to download in app_info.json
- App binary downloader
- install ipatool
- Auth with your own AppleID and password
ipatool auth login -e <email> -p <password> cd downloaderpython app_binary_downloader.py --input_file ./app_info.json --result_dir ./ipa/- The results will be in the folder /ipa/
- Privacy label crawler
cd downloader- download ChromeDriver which is compatible with your browser and put it under the folder downloader
python privacy_label_crawler.py --input_file ./app_info.json --result_dir ./label/ --driver_path ./chromedriver- The results will be in the folder /label/
cd staticScanner- Put the binary of app (.ipa) you want to static scan under the folder /app
- Run the command
python find_in_decrypted_ipas.py -f ./API_List.txt -i ./app/ - More options:
-
- The results will be in the file find_in_decrypted_ret.txt
- Put the app binary code (.ipa) in the app folder 0 (you can create more folders to allow batch analysis). You can use ipatool to download app: https://github.com/majd/ipatool
- Launch the macaca server to connect with device:
macaca server --verbose - Launch Fiddler to capture/decrypt Traffic from iOS Device:
Tools > Options > HTTPS and check Decrypt HTTPS traffic. After finishing the dynamic testing, save the network traffic under the default path ./result/0/har/; (If you save it in another folder, you need to specify it when running analyze_log.py) - Obtain your iOS device ID by running
xcrun xctrace list devices - Run the script to execute the app and gather data:
python batch_ui_frida_test.py -d . -n 0 -i <device id> -s <smoke_path> - Options:
-
- Download the corpus.csv and put it under purpose_prediction/data/
- Download privacy label of apps we crawled from app store and put it under data folder. If the app you want to test is not on the list, you can manually add it to this file to allow further analysis.
- Run the script
python analyze_log.py -d . -n 0 - Options:
-
- Analyzing result can be found in ./result/0/prediction_output/
- Run the script
python compliance_check.py -d . -n 0 - Options:
-
- Analyzing result can be found in ./result/0/inconsistency_output/
The other materials (e.g., l-data, privacy ontology, severity breakdown, etc) can be found in https://sites.google.com/view/privacylabel/home