Small knowledge, big challenge! This article is participating in the creation activity of “Essential Tips for Programmers”

When you get used to the convenience of Python, when you encounter the encryption analysis of so library in reverse Android, in addition to using IDA for function analysis, the call of so library also becomes a problem, especially when you encounter SO with only ARM architecture, you will obviously feel headache

So library call method attempt

1. Rewrite an APP to call the SO library (not recommended)

Pain points:

Early development takes time and effort,
Once developed, it can only run on a real machine or emulator,
There is a huge difference in efficiency and performance if you want to perform scheduled tasks compared to Python or JavaWeb

2. Use javaWeb to call (too limited, if familiar with raspberry PI can be preferred)

Advantage:

Debug is convenient
It can be pulled into the server and executed periodically

Pain points:

If Windows servers only support x86 so library, Linux servers also do not support ARM so library, even if docker can not run ARM container, unless the server system is ARM architecture, the existing ARM system except Android is estimated in raspberry PI

3. Use Python to call the so library (preferred if familiar with Raspberry PI)

Pain points:

The arm so library is not supported

4. Call so from AndroidNativeEmu using Python

Project link :github.com/AeonLucid/A…
Summary: AndroidNativeEmu is an instruction parser based on Unicron implementation that allows you to emulate the Android VIRTUAL machine environment across platforms using Python
Reference materials:
- Blog.csdn.net/zhangmiaopi…
- Blog.csdn.net/qq_26914291…
- www.anquanke.com/post/id/951…

Pain points:

The library only supports simple function calls at present, many functions are not implemented yet, looking forward to the future development

5. Use`unidbg`(recommended)

Advantage:

Virtual JVM environment, support arm32 and ARM64 SO library
Make up for the shortcomings of JavaWeb above

Pain points:

The principle of this library is to find functions from SO, which is more troublesome to load dynamically than the native System. LoadXXX

conclusion

Choose raspberry pie if you can

reporter

The following problem occurs when springboot is invoked on an Ubuntu x86 32-bit system:

/tmp/lib/jniLibs/libkey.so: libstdc++.so: cannot open shared object file: No such file or directory
Copy the code

Due to their own limited ability, the C language is not familiar, temporarily shelved, another day to deal with

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Decryption and call of APK reverse SO library

So library call method attempt

1. Rewrite an APP to call the SO library (not recommended)

2. Use javaWeb to call (too limited, if familiar with raspberry PI can be preferred)

3. Use Python to call the so library (preferred if familiar with Raspberry PI)

4. Call so from AndroidNativeEmu using Python

5. Use`unidbg`(recommended)

conclusion

reporter

Decryption and call of APK reverse SO library

So library call method attempt

1. Rewrite an APP to call the SO library (not recommended)

2. Use javaWeb to call (too limited, if familiar with raspberry PI can be preferred)

3. Use Python to call the so library (preferred if familiar with Raspberry PI)

4. Call so from AndroidNativeEmu using Python

5. Useunidbg(recommended)

conclusion

reporter

Related Posts

Android SDK H5 Through solution evolution

Those little things about FindViewById

Every programmer should know something about open source

5. Use`unidbg`(recommended)