Aller au contenu

QARK Feuilles de chaleur

Aperçu général

QARK (Quick Android Review Kit) est un outil d'analyse statique conçu pour rechercher plusieurs vulnérabilités d'application Android liées à la sécurité, soit dans le code source ou les APK emballés.

Installation

Préalables

# Install Python 3.6+
sudo apt update
sudo apt install python3 python3-pip

# Install Java 8+
sudo apt install openjdk-8-jdk

# Install Android SDK (optional but recommended)

Installer QARK

# Install from PyPI
pip3 install qark

# Or install from source
git clone https://github.com/linkedin/qark.git
cd qark
pip3 install -e .
```_

## Utilisation de base

### Analyser l'APK Fichier
```bash
# Basic APK analysis
qark --apk /path/to/app.apk

# Analyze with custom output directory
qark --apk /path/to/app.apk --output-dir /path/to/output

# Generate detailed report
qark --apk /path/to/app.apk --report-type html
```_

### Analyser le code source
```bash
# Analyze Android source code
qark --source /path/to/android/project

# Analyze specific Java files
qark --java /path/to/java/files

# Analyze with custom rules
qark --source /path/to/project --custom-rules /path/to/rules.json

Options de ligne de commande

Options de base

# Show help
qark --help

# Show version
qark --version

# Verbose output
qark --apk app.apk --verbose

# Quiet mode
qark --apk app.apk --quiet

Options d'analyse

# Skip specific checks
qark --apk app.apk --skip-checks "check1,check2"

# Include only specific checks
qark --apk app.apk --include-checks "check1,check2"

# Set minimum severity level
qark --apk app.apk --min-severity medium

# Enable experimental features
qark --apk app.apk --experimental

Options de sortie

# Generate HTML report
qark --apk app.apk --report-type html

# Generate JSON report
qark --apk app.apk --report-type json

# Generate XML report
qark --apk app.apk --report-type xml

# Custom output file
qark --apk app.apk --output-file report.html

Vérifications de sécurité

Vulnérabilités communes Détecté

# SSL/TLS Issues
- Weak SSL/TLS configurations
- Certificate validation bypasses
- Insecure hostname verification

# Data Storage Issues
- Insecure data storage
- Unencrypted databases
- Sensitive data in logs

# Authentication Issues
- Weak authentication mechanisms
- Hardcoded credentials
- Insecure session management

# Communication Issues
- Unencrypted communications
- Weak cryptographic implementations
- Insecure network protocols

Règles douanières

\\\\{
  "rules": [
    \\\\{
      "id": "custom_rule_1",
      "name": "Custom Security Check",
      "description": "Checks for custom security issue",
      "severity": "high",
      "pattern": "regex_pattern_here"
    \\\\}
  ]
\\\\}

Utilisation avancée

Analyse par lots

# Analyze multiple APKs
for apk in *.apk; do
    qark --apk "$apk" --output-dir "results_$(basename "$apk" .apk)"
done

# Parallel analysis
find . -name "*.apk"|xargs -P 4 -I \\\\{\\\\} qark --apk \\\\{\\\\}

Intégration avec CI/CD

# Jenkins pipeline example
qark --apk app.apk --report-type json --output-file qark_report.json
if [ $? -eq 0 ]; then
    echo "QARK analysis completed successfully"
else
    echo "QARK analysis failed"
    exit 1
fi

Résultats de filtrage

# Filter by severity
qark --apk app.apk --min-severity high

# Filter by category
qark --apk app.apk --include-checks "ssl,crypto,storage"

# Exclude false positives
qark --apk app.apk --exclude-patterns "test,debug"

Analyse des rapports

Comprendre les niveaux de gravité

# Critical - Immediate security risk
# High - Significant security risk
# Medium - Moderate security risk
# Low - Minor security concern
# Info - Informational finding

Questions et règlements communs

# SSL Certificate Validation
Issue: Disabled certificate validation
Fix: Implement proper certificate validation

# Hardcoded Secrets
Issue: API keys in source code
Fix: Use secure configuration management

# Insecure Data Storage
Issue: Unencrypted sensitive data
Fix: Implement proper encryption

Configuration

Fichier de configuration

\\\\{
  "output_dir": "./qark_output",
  "report_type": "html",
  "min_severity": "medium",
  "skip_checks": [],
  "include_checks": [],
  "custom_rules": "./custom_rules.json"
\\\\}

Variables d'environnement

# Set QARK configuration
export QARK_CONFIG=/path/to/config.json

# Set Android SDK path
export ANDROID_HOME=/path/to/android/sdk

# Set Java home
export JAVA_HOME=/path/to/java

Dépannage

Questions communes

# Java not found
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64

# Android SDK issues
export ANDROID_HOME=/path/to/android/sdk
export PATH=$PATH:$ANDROID_HOME/tools:$ANDROID_HOME/platform-tools

# Permission issues
chmod +x qark
sudo chown -R $USER:$USER ~/.qark

Mode de débogage

# Enable debug logging
qark --apk app.apk --debug

# Verbose output with stack traces
qark --apk app.apk --verbose --debug

Meilleures pratiques

Essais de sécurité Flux de travail

1. Static Analysis with QARK
   qark --apk app.apk --report-type html

2. Review findings and prioritize fixes

3. Dynamic testing with other tools

4. Re-test after fixes
   qark --apk fixed_app.apk --compare baseline_report.json

Conseils pour l'intégration

# Automate with scripts
#!/bin/bash
APK_FILE=$1
OUTPUT_DIR="qark_$(date +%Y%m%d_%H%M%S)"
qark --apk "$APK_FILE" --output-dir "$OUTPUT_DIR" --report-type html
echo "Report generated in $OUTPUT_DIR"

# Use with other security tools
qark --apk app.apk && \
mobsf_scan app.apk && \
drozer_scan app.apk

Ressources

  • Documentation officielle: [QARK GitHub] (LINK_3)
  • Directives en matière de sécurité: [WOWASP Mobile Security] (LINK_3)
  • Android Security: [Meilleures pratiques en matière de sécurité Android] (LINK_3)