Tamper an Android native shared library (.so) using IDA Pro 7.0

Tamper an Android native shared library (.so) using IDA Pro 7.0 Environment macOS High Sierra Version: 10.13.6 Model Name: Mac mini Processor Name: Intel Core i5 IDA Pro Version 7.0 Target ABI: x86_64 Install / update python2 Reference: https://docs.python-guide.org/starting/install/osx/ brew install python@2 Python2 binary will be installed at /usr/local/bin/pip2.7 Install Keypatcher References: keystone-engine keypatch github …

Continue reading Tamper an Android native shared library (.so) using IDA Pro 7.0


Android Xposed Hook Example

Main Steps 1. Modify Manifest.xml <?xml version="1.0" encoding="utf-8"?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.arophix.xposedmodule"> <application android:icon="@mipmap/ic_launcher" android:label="@string/app_name"> <meta-data android:name="xposedmodule" android:value="true" /> <meta-data android:name="xposeddescription" android:value="Xposed module hooking example" /> <meta-data android:name="xposedminversion" android:value="53" /> </application> </manifest> 2. Add xposed_init Add an Xposed initialisation file under assets folder, i.e. ~/XposedHooking/xposedmodule/src/main/assets/xposed_init Add the full package name for the hooking module, e.g. com.arophix.xposedmodule.XposedModuleExample …

Continue reading Android Xposed Hook Example

sed command usage

Command sed means “Stream EDitor”. The format for searching and replacing is as below: sed -i.bak s/STRING_TO_REPLACE/STRING_TO_REPLACE_IT/g build.gradle Explanation: pass the -i  option to sed to make the changes inline and create a backup of the original file before it does the changes in-place. Without the .bak the command will fail on some platforms, such as Mac …

Continue reading sed command usage