#UniDa 至尊纪念仓库(纪念本人对linker unidbg ExAndroidNativeEmu的学习),这个实现没有意义就此太监。
abbbbbi / unida Goto Github PK
View Code? Open in Web Editor NEWAndroid ARM & ARM64 Debugger based on Unicorn and Frida
Android ARM & ARM64 Debugger based on Unicorn and Frida
#UniDa 至尊纪念仓库(纪念本人对linker unidbg ExAndroidNativeEmu的学习),这个实现没有意义就此太监。
应该是项目没有完成(借此打听进度)。
不过非常感谢大佬的努力,希望能早日完成~
hook_code注释掉了(输出实在是太多了),最后报错如下,完整日志见附件。
粗略看项目代码应该处理都比较完善了,但是不知道为何init没能做完,还请大佬赐教。
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] INFO [Emulator.linker.Module] (Module.py:23) - Calling Init_Array libwechatnormsg.so 0x40043C35 function: 0x3C35
[23:20:16 3562] INFO [Emulator.linker.Module] (Module.py:23) - Calling Init_Array libwechatnormsg.so 0x40043CB5 function: 0x3CB5
[23:20:16 3562] INFO [Emulator.linker.Module] (Module.py:23) - Calling Init_Array libwechatnormsg.so 0x40043EAD function: 0x3EAD
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x3
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] INFO [Emulator.linker.Module] (Module.py:23) - Calling Init_Array libwechatnormsg.so 0x400440AD function: 0x40AD
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x3
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] INFO [Emulator.linker.Module] (Module.py:23) - Calling Init_Array libwechatnormsg.so 0x400440CD function: 0x40CD
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x3
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x3
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x3
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x3
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x3
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x3
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x3
[23:20:16 3562] DEBUG [Emulator.vm.ARM32SyscallHandler] (ARM32SyscallHandler.py:755) - mprotect address= 0x40698000, alignedAddress= 0x40698000, offset= 0, length= 4096, alignedLength= 4096, prot= 0x1
[23:20:16 3562] INFO [Emulator.linker.Module] (Module.py:23) - Calling Init_Array libwechatnormsg.so 0x40044191 function: 0x4191
Traceback (most recent call last):
File "/home/kali/Desktop/test/UniDa/Emulator/Emulator.py", line 75, in call_native
self.mu.emu_start(addr, LR)
File "/home/kali/miniconda3/envs/UniDa/lib/python3.8/site-packages/unicorn/unicorn.py", line 341, in emu_start
raise UcError(status)
unicorn.unicorn.UcError: Invalid memory fetch (UC_ERR_FETCH_UNMAPPED)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "UniDa.py", line 18, in <module>
emulator.loadLibrary("libwechatnormsg.so", True)
File "/home/kali/Desktop/test/UniDa/Emulator/Emulator.py", line 62, in loadLibrary
return self.linker.do_dlopen(fileName, callInit)
File "/home/kali/Desktop/test/UniDa/Emulator/linker/Linker.py", line 113, in do_dlopen
module.callInit(self.emulator)
File "/home/kali/Desktop/test/UniDa/Emulator/linker/Module.py", line 24, in callInit
emulator.call_native(fun_addr)
File "/home/kali/Desktop/test/UniDa/Emulator/Emulator.py", line 77, in call_native
raise Exception(UcError)
Exception: <class 'unicorn.unicorn.UcError'>
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.