IDA debug mode
1. Find the android_server in the dbgsrv directory in the IDA installation directory
2. Put the android_server file under /data/local/tmp of the mobile phone
adb push 文件拖进来 /data/local/tmp
并授权 chomd 777 android_server
3. In the CMD window, run ./android_server
或指定端口方式 ./android_server -p 端口 (默认端口23946)
4.adb forward tcp: port number tcp;: port number
默认 :adb forward tcp:23946 tcp:23946
(注:Android Studio 断点调试为 adb forward tcp:8700 jdwp:程序进程 且在调试模式启动之后)
5. Open DDMS: watch the port number of the program
6. Debug mode start
adb shell am start -D -n包名/类名
7. Check three items in IDA
1》Open ida, select debugger-second item-Remote ARMlinux (fourth item)
2》Add hostname and portt:
hostname:主机号《默认127.0.0.1)
port:端口号(之前android_server运行时的端口号)
3》Click out the process list: select the program to be debugged (you can ctrl+f to search for the package name)
4" After entering, check three items: debugger/options (the penultimate item)
Suspend on process entry point
Suspend on thread start/exitE process exit or start off
Suspend on library load/unload The loading and unloading of the library is broken
8. Mount the program
jdb -connect com.sun.jdi.SocketAttach:hostname=127.0.0.1,port=端号
The mount port is the program startup port, not the IDA startup port, which can be viewed with DDMS.
9. You can run the program directly here with F9 (there is a triangle in the upper left corner)
10. When debugging on the real machine, the debugging mode needs to be turned on.
Execute the command getprop ro.debuggable under the adb shell.
If the value is 0, it needs to be changed to 1
adb shell #adb进入命令行模式
su #切换至超级用户
magisk resetprop ro.debuggable 1
stop;start; #一定要通过该方式重启