1. Start ida port listening
1.1 Start Android_server service
1.2 Port forwarding
1.3 The software enters debugging mode
2.ida is disconnected
2.1 attach Attachment process
2.2 Break three items
2.3 Select process
2.4 Open Modules
Search for art
PS: Little knowledge
The system functions before Android 4.4 are in libdvm.so
After Android 5.0, the system function is in libart.so
2.5 Open the Openmemory() function
Search for the Openmemory function in libart.so and follow it.
PS: Little knowledge
Generally speaking, the system dex will be loaded in this function, but there will be a problem, which will be discussed later.
2.6 Next breakpoint
3. Run the program to the next breakpoint
3.1 jdb forward running program
3.2 Check that the IDA operation
is successfully disconnected and runs to the place where we disconnected.
3.3 Check the location of dex
Open the register window and you can see that R1 is our dex
Then open R1 in the Hex window.
#It is obvious to see the binary structure of the dex file. If you don’t understand, you can look at the previous dex file analysis.
3.4 Extract key information
The first key information: Address offset: 0xF35CA328
## Use a hexadecimal adder to add, F35DD898
4. dump
4.1 Use script to dump
static main(void){ auto fp, begin, end, dexbyte; / /Open or create a file fp = fopen("d:\\dump.dex", "wb"); //dex base address begin = 0xF34C6320; //dex base address dex file size end = begin 0x00013570; for (dexbyte = begin; dexbyte
4.2 Script dump run
After filling in the script, click run.
4.3 Successful dump
The above is the detailed content of What is the method to dynamically export dex files in Android. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Dreamweaver Mac version
Visual web development tools
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
