False Positives in ICC Links #53
Comments
|
Please give me the apk to check. |
|
Following are links of two apks https://drive.google.com/file/d/1Os3iEG8sc9paHaOxxqIZgoCzb-no6XeQ/view?usp=drive_web https://play.google.com/store/apps/details?id=com.ecajmer.combat&hl=en_IN In both of these, we are getting false positives. |
|
I see the problem, For NumberAvtivity, it accidentally assigned the PaymentGateway$2 as the onClickListener which invokes an ICC. I will debug and see why. |
|
Thanks for reply. |
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I am using Amandroid Jar i.e. argus*.jar for finding ICC Links of our own constructed apps.
For many cases, it gives false positives.
For. e.g. in attached apk, there are 2 ICC calls from NumberActivity. One is to OTP and other is to Knumber. But the result of Amandroid says that it has 4 targets (attached the result file). And similar for other activities also....The code of NumberAvtivity is attached which shows that it has only 2 Intent Calls.
Please confirm the reason of this. Does it calculates some indirect ICC calls.
I am running Amandroid as:-
java -jar /home/jyoti/argus.jar t -o . /home/jyoti/app-debug.apkAppData-Electricity-Bill.txt
NumberActivity.txt
Please check how can we avoid these false links.
Thanks
The text was updated successfully, but these errors were encountered: