evilpan/jni_helper

Stars
385
Rank 111,464 (Top 3 %)
Language
C++
Created about 4 years ago
Updated almost 2 years ago

evilpan/jni_helper

evilpan

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Find JNI function signatures in APK and apply to reverse tools.

JNI Helper

Find JNI function signatures in APK and apply to reverse tools.

Basic Usage

Use extract_jni.py to generate signature.json
Load signature.json into Ghidra/IDA/Radare2

extract_jni.py

Install dependences:

pip3 install -r requirements.txt

Usage:

$ ./extract_jni.py -h
usage: extract_jni.py [-h] [-j WORKERS] [-o OUTFILE] apk

positional arguments:
  apk         /path/to/apk

optional arguments:
  -h, --help  show this help message and exit
  -j WORKERS  parse apk with multiple workers(processes) (default: 8)
  -o OUTFILE  save JNI methods as formatted json file (default: stdout)

Ghidra Plugin

Before	After

IDA Plugin

See IDA.

Before	After

Radare2 Plugin

WIP, see Radare2

Demo

Tested with demo APK: app-debug.apk

TODO

support both C/C++ JNI functions
support overloaded JNI functions
remove Jadx dependence, all in Python
support env->RegisterNatives JNI functions

LINKS

P2P-Over-MiddleBoxes-Demo

A simple demo of P2P communication over middle boxes such as NAT

gptcli

ChatGPT in command line with OpenAI API (gpt-3.5-turbo/gpt-4/gpt-4-32k)

Airkiss

A source code implementation of Wechat(微信) Airkiss protocol

hidemyass

A little post-exploit tool that carefully clean *NIX access logs

TurnServer

Implementation of RFC5766 and RFC5389

dataflow-pass

A LLVM Pass with runtime dataflow sanitization

QTranslator

一个QT5练手项目，实现百度和有道翻译API

stack-overflow-demo

stuff used in my blog post

qncli

七牛云命令行管理小工具/QiNiu Command Line Interface

fSocks

Yet another socks5 proxy to bypass firewall

pyweixin

可编程的轻量级微信客户端模块

pannzh.github.io

evilpan