Tamper an Android native shared library (.so) using IDA Pro 7.0

Tamper an Android native shared library (.so) using IDA Pro 7.0 Environment macOS High Sierra Version: 10.13.6 Model Name: Mac mini Processor Name: Intel Core i5 IDA Pro Version 7.0 Target ABI: x86_64 Install / update python2 Reference: https://docs.python-guide.org/starting/install/osx/ brew install python@2 Python2 binary will be installed at /usr/local/bin/pip2.7 Install Keypatcher References: keystone-engine keypatch github …

Continue reading Tamper an Android native shared library (.so) using IDA Pro 7.0

Advertisements

Android Xposed Hook Example

Main Steps 1. Modify Manifest.xml <?xml version="1.0" encoding="utf-8"?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.arophix.xposedmodule"> <application android:icon="@mipmap/ic_launcher" android:label="@string/app_name"> <meta-data android:name="xposedmodule" android:value="true" /> <meta-data android:name="xposeddescription" android:value="Xposed module hooking example" /> <meta-data android:name="xposedminversion" android:value="53" /> </application> </manifest> 2. Add xposed_init Add an Xposed initialisation file under assets folder, i.e. ~/XposedHooking/xposedmodule/src/main/assets/xposed_init Add the full package name for the hooking module, e.g. com.arophix.xposedmodule.XposedModuleExample …

Continue reading Android Xposed Hook Example