4

I want to extract all API calls from an Android application's apk. I have used apktool to get the smali code files from the apk. Manually I can spot some API calls, but I need an automated method. For example, I can see the getNetworkInfo call in this line of code:

    invoke-virtual {p0, v0}, Landroid/net/ConnectivityManager;->getNetworkInfo(I)Landroid/net/NetworkInfo;

I have no experience with smali code and very little with Android application analysis; I only spotted the above API call because I happened to know that "getNetworkInfo" is one. But of course, what I don't want to do is begin with a list of all possible API calls and search for each of them in the smali files one by one.

Is there another indication of an API call? Will invoke-virtual or invoke-direct will always mean an API call?

Zainab Abaid
  • 43
  • 1
  • 5
  • 1
    I would recommend using dexlib2 to access the dex file programatically, rather than trying to parse the smali files. – JesusFreke Aug 16 '16 at 17:18

1 Answers1

1

invoke-virtual and invoke-direct just call a method of some object with and without virtual method resolution, respectively. This doesn't necessarily have to be an API call; you could use these instructions with any kind of object, including instances of classes you define in your own code.

In this case, you found a call to a method in the android.net.ConnectivityManager class. If you want to find more API calls, you could start by searching for invoke-* instructions that reference certain classes, which for example might include anything under android.*, java.*, javax.*, etc.

user1354557
  • 2,413
  • 19
  • 29