Using HP Fortify to Scan Android JNI C/C++ Code (CMake) This is based on a hands on JNI example project JniExample. Blog: https://arophix.com/2017/12/17/andoid-jni-summary/ HP Fortify does not directly support scanning Android JNI code base, we need some customise steps to tell HP Fortify source analyser to generate the FPR report. Environment MacOS Catalina: 10.15.16 HP …
Continue reading Using HP Fortify to Scan Android JNI C/C++ Code (CMake)
A step by step tutorial to test Android backup and restore Environment Android 7.0+ Google Play is present on device Prepare device Add your Google Account, e.g. shizhen.sg@gmail.com to your device. Select the Google Account shizhen.sg@gmail.com as backup account inside device backup settings. Usually, it is under Settings -> System -> Backup -> Account. Remember …
Continue reading A step by step tutorial to test Android backup and restore
Android Apk reverse engineering using Apktool and Frida Table of Content Environment Setup (macOS mojave) Tamper Smali Code Hooking Android Java Methods Hooking Android C Functions References Environment Setup (macOS mojave) All the steps mentioned below are on macOS Mojave Install Tools on PC Install frida-tools with pip3 Run command $ pip --version and $ …
Continue reading Android Apk reverse engineering using Apktool and Frida
Tamper an Android native shared library (.so) using IDA Pro 7.0 Environment macOS High Sierra Version: 10.13.6 Model Name: Mac mini Processor Name: Intel Core i5 IDA Pro Version 7.0 Target ABI: x86_64 Install / update python2 Reference: https://docs.python-guide.org/starting/install/osx/ brew install python@2 Python2 binary will be installed at /usr/local/bin/pip2.7 Install Keypatcher References: keystone-engine keypatch github …
Continue reading Tamper an Android native shared library (.so) using IDA Pro 7.0
Main Steps 1. Modify Manifest.xml <?xml version="1.0" encoding="utf-8"?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.arophix.xposedmodule"> <application android:icon="@mipmap/ic_launcher" android:label="@string/app_name"> <meta-data android:name="xposedmodule" android:value="true" /> <meta-data android:name="xposeddescription" android:value="Xposed module hooking example" /> <meta-data android:name="xposedminversion" android:value="53" /> </application> </manifest> 2. Add xposed_init Add an Xposed initialisation file under assets folder, i.e. ~/XposedHooking/xposedmodule/src/main/assets/xposed_init Add the full package name for the hooking module, e.g. com.arophix.xposedmodule.XposedModuleExample …
Command sed means “Stream EDitor”. The format for searching and replacing is as below: sed -i.bak s/STRING_TO_REPLACE/STRING_TO_REPLACE_IT/g build.gradle Explanation: pass the -i option to sed to make the changes inline and create a backup of the original file before it does the changes in-place. Without the .bak the command will fail on some platforms, such as Mac …
Cross references Gradle sync issue on Debian OS due to user does not have permission Gradle proxy configuration * What went wrong: A problem occurred configuring root project 'idp-main'. > Could not resolve all files for configuration ':classpath'. > Could not find gradle.jar (com.android.tools.build:gradle:3.0.1). Searched in the following locations: https://jcenter.bintray.com/com/android/tools/build/gradle/3.0.1/gradle-3.0.1.jar > Could …
Cross references Android Gradle Plugin 3.0+ sync issue Gradle proxy configuration I have written an article about all the proxies that should be configured properly in order for gradle working behind a network proxy (See Gradle proxy configuration). However, sometimes even though you are pretty sure that all the proxy settings, i.e. the gradle.properties, bash …
Continue reading Gradle sync issue on Debian OS due to user does not have permission
Cross references Gradle sync issue on Debian OS due to user does not have permission Android Gradle Plugin 3.0+ sync issue Basically, there are TWO kind of proxies you need to configure for your gradle to work properly behind a proxy, i.e. fetching the online dependencies. proxy for gradle proxy for maven Let's assume that …
Problem In the recent android studio update, google uses a libstdc++ that is incompatible with the intel driver installed on the system. This will cause an error like below: Cannot launch AVD in emulator. Output: libGL error: unable to load driver: i965_dri.so libGL error: driver pointer missing libGL error: failed to load driver: i965 libGL …
A daily selection of the best content published on WordPress, collected for you by humans who love to read.
Longreads : The best longform stories on the web
The Art and Craft of Blogging
The latest news on WordPress.com and the WordPress community.
Arophix 