Android Apk reverse engineering using Apktool and Frida

Android Apk reverse engineering using Apktool and Frida Table of Content Environment Setup (macOS mojave) Tamper Smali Code Hooking Android Java Methods Hooking Android C Functions References Environment Setup (macOS mojave) All the steps mentioned below are on macOS Mojave Install Tools on PC Install frida-tools with pip3 Run command $ pip --version and $ …

Continue reading Android Apk reverse engineering using Apktool and Frida

Tamper an Android native shared library (.so) using IDA Pro 7.0

Tamper an Android native shared library (.so) using IDA Pro 7.0 Environment macOS High Sierra Version: 10.13.6 Model Name: Mac mini Processor Name: Intel Core i5 IDA Pro Version 7.0 Target ABI: x86_64 Install / update python2 Reference: https://docs.python-guide.org/starting/install/osx/ brew install python@2 Python2 binary will be installed at /usr/local/bin/pip2.7 Install Keypatcher References: keystone-engine keypatch github …

Continue reading Tamper an Android native shared library (.so) using IDA Pro 7.0

Android Xposed Hook Example

Main Steps 1. Modify Manifest.xml <?xml version="1.0" encoding="utf-8"?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.arophix.xposedmodule"> <application android:icon="@mipmap/ic_launcher" android:label="@string/app_name"> <meta-data android:name="xposedmodule" android:value="true" /> <meta-data android:name="xposeddescription" android:value="Xposed module hooking example" /> <meta-data android:name="xposedminversion" android:value="53" /> </application> </manifest> 2. Add xposed_init Add an Xposed initialisation file under assets folder, i.e. ~/XposedHooking/xposedmodule/src/main/assets/xposed_init Add the full package name for the hooking module, e.g. com.arophix.xposedmodule.XposedModuleExample …

Continue reading Android Xposed Hook Example