Android reverse 11.IDA debugs APK SO in Debug mode

Others 2020-04-20 21:48:42 views: null

Sometimes, we need to debug the functions in the SO file during the APK startup process. It is obviously too late to use the additional method!

For example, if you want to debug the JNI_Onload function of the SO library, many times you need to attach and debug it when the program starts!

1. First, you need to set android: debuggable = " true " to AndroidManifest.xml , otherwise there will be an error that it cannot be attached to the emulator!

 

2. Execute [adb devices] in the CMD window to check whether the emulator is properly connected

 

3. Send the android_server under the dbgsrv folder in the IDA installation directory to the Android emulator. Note that the path where the android_server file is located must not have Chinese and spaces, otherwise the adb push command will be wrong, and I will put the android_server file under the root directory of the c drive here. , Use the following command to send android_server to the emulator.
【adb push C:\android_server /data/local/tmp】

 

4. Execute [adb shell] command

 

5. Execute [su] to gain root authority

 

6. Execute [cd / data / local / tmp] to switch the path to / data / local / tmp

 

7. Execute [ls -l] to query all files in the directory and read and write permissions

 

8. Execute [chmod 777 android_server] to modify android_server file permissions to 777 permissions

 

9. Execute [ls -l] again to see if the file permissions have been modified successfully

 

10. Execute [./android_server] to start android_server

 

11. Don't close the original window, reopen a new CMD window, execute [adb forward tcp: 23946 tcp: 23946 ] for port forwarding

 

12. Open DDMS, open it, as long as it can display the process list normally. Then don't close the DDMS!

 

13. The command format to start the process in Debug mode is: adb shell am start -D -n package name / package name. Entry Activity
[ Adb shell am start -D -n com.crackme.jnidynamicregtest / com.crackme.jnidynamicregtest.MainActivity] After the 
command is executed, you can see that the Android emulator has started the process and prompted Waiting for debugger

 

 

14. Open the IDA menu Debugger-> Attach-> Remote ARM Linux / Android debugger, enter 127.0.0.1 and click OK

 

 

15. Select the process to be attached and click OK

 

16. At this time IDA has normally attached the process and paused

17. Debugger-> Debugger option, check three items

 

18. Open the DDMS you just started and check the process port, which is 8613

 

Guess you like

Origin www.cnblogs.com/fuhua/p/12740482.html
Recommended
Ranking
vue project automated build tools 1.0, support for multi-page build
JDBC add, update, delete data
SpringCloud combat service in response to the decline tutorial series (Chapter IV)
A segmentation fault (core dumped) error occurs when C+11 compiles and calls the PCL library
Django achieve websocket
Go语言并发之道--笔记1
Three-tier structure and application
Zhejiang data structure after-school exercise practice two 7-2 Reversing Linked List (25 points)
Front-end interview brushing day9 (updated daily high-frequency inspection points for front-end interviews)
The difference between the shell of the single and double quote
Daily
More
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)

Code World

© 2018 codetd.com