• Frida first met


    Environmental installation python pip install frida pip install frida-tools simulator View CPU architecture ADB kill server \mac does not run. Windows needs to kill the process first adb shell su cat /proc/cpuinfo According to the architecture, download the corresponding server from Frida official website https://github.com/frida/frida/releases For example, my machine is based on arm32, so I […]

  • Analysis of APP signature and encryption and decryption in an automobile community


    1、 Objectives Jiaxuan’s long and short sentences say:BMW diaoche Xiangman Road。 Since then, the fragrant car beauty has become the standard. Boss Li hasn’t talked for a few minutes, so he is ready to change trains again. Today, our goal is an auto community app v8.0.1. 2、 Step Shelling Boss Li said that this app […]

  • [please collect] reverse tool list


    Grab bag image-20210716100519102 Charles https://www.charlesproxy.com/ The MAC end is a very comfortable and easy vase. It grabs the HTTP (s) request of the application layer. It is paid. You can find a cracked version Fiddler “Charles” on the windows side captures the application layer HTTP (s) request. However, it is not recommended because it cannot […]

  • Apk shelling method (update the flash back app solution on December 2021)


    Method 1: Need Frida app: fenghuangxinwen GitHub (code cloud) search Frida_ There are a lot of dump and Frida shelling tools. This is OK. Frida-dexdump can also be used if it can’t be removed: [email protected] Look at readme, the mobile phone starts Frida service, and the terminal inputs commands [email protected] After a while, the shelled […]

  • Frida dexdump shelling


    There are two ways of shelling The first way 1. Git project address https://github.com/hluwa/FRIDA-DEXDump 2. Android starts Frida server 3. Start app 4. Run Frida_ Main file under dexdump file The second way 1. Install Frida dexdump module pip3 install frida-dexdump 2. Android starts Frida server 3. Start app 4. Run Frida dexdump from the […]

  • Rough analysis of an infectious virus sample


    Sample download Sample original documentbe missingMy analysis process documentbe missingTip: do not use physical machine analysis Document information collection View file type, standard PE header After renaming, use the shell checking tool to check whether there is a shell There are 3 sections in total. I don’t know what shell it is! It’s not clear […]

  • Sign in for a mom


    1、 Sign in for a mom App Name: 5aai5aai5biuiowum oawueejioacrowpt + + 8mny2ljiuoa== Download address: ahr0chm6ly93d3cud2fuzg91amlhlmnvbs9hchbzlzi1mjq3my9oaxn0b3j5x3yymdiwmtewmje5 2、 Check the shell first for routine operation Tencent reinforcement, go directly to my sheller, come on! Shelling succeeded! 3、 Grab bag It is found that only sign and time change after capturing packets for many times, and the […]

  • Reverse analysis of motorcycle x


    Limited space Full content and source code: official account: ReverseCode, sendpunching Apk is obviously reinforced by Qihoo 360 when it is put into jadx-1.2.0 Reconfirm with PKID Shelling environment Android 8.1 + fs128arm64 + pyenv local 3.8.2 ADB install mopang apk FRIDA-DEXDump For complete DEX, use violence search DEX 035. For the DEX of […]

  • Reverse Fundamentals: introduction to manual software shelling Technology


    preface: Hello, I’m Jay Chou Here are some notes and articles on manual shelling of their own learning software, hoping to give some help to children’s shoes who learn the reverse and shelling of new software. 1 some concepts 1.1 shelling The full name of shelling should be executable program resource compression, which is a […]

  • Crackme050


    Program observation This program has a shell Open the program, and a pop-up window appears first. The program body will not appear until the pop-up window is closed There is no place to enter the registration code, only one place to display “unregistered”. You can see that this program is to remove the pop-up window […]