-
Notifications
You must be signed in to change notification settings - Fork 528
GDA Privacy Leak Detection
GDA's privacy leak detecter is a register-tracker based on the GDA decompiler's low-level intermediate representation. Its detection kernel is based on the lightweight and high-speed taint propagation engine FlashFlow, which scans all possible sensitive data generation spots in the app for taint propagation analysis to determine the leak point. At the same time, the path between the effective leak point and the sensitive data generation point is recorded to backtrack nodes of the path, and the privacy leak report is output. This work is shown in the figure:
In the Pro version of GDA decompiler, click on PrivacyLeak (1)
to start scanning. You will soon see the report of privacy leak and the privacy leak window. In the report (2), 'DataPin' represents the generation point of sensitive data, followed by the API generating sensitive data and its caller; 'Leak' refers to the leakage point, followed by the API of leaked data and its caller. Here we can double-click the caller like 'method@xxxxxx' to find the location of the generation point and the leak point. The privacy leak window displays the scanning results in a tree form. We can right-click (3) > Path detail (4) on each root node to view more detailed path information. At the same time, when we click the node of the path, it can be synchronized to the decompiled code (5).