Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Detect dynamic loading in Android application
#!/usr/bin/env python3
from pwn import *
import re
import argparse
def adb_shell_cmd(cmd: list, root: bool):
# Executes a given command.
context.device = adb.wait_for_device()
prepared_cmd = adb.process(cmd).recvall(1).decode('utf-8')
if root:
adb.root()
# If adb.root() does not work, add su -c to the command.
if not re.search('uid=0', adb.process(['id']).recvline().decode()):
prepared_cmd = adb.process(['su', '-c'] + cmd).recvall(1).decode('utf-8')
return prepared_cmd
def map_explorer(regex_to_search: str, pid: int):
# Searches proc/maps of an application for a regex expression.
return re.findall('(?='+regex_to_search+')(.*)(?=\r)', adb_shell_cmd(['cat', '/proc/{}/maps'.format(pid)], True))
def main():
parser = argparse.ArgumentParser(description='''Searches the proc/maps file of an application for a
/data/data/[...] path in order to detect dynamic loading''')
parser.add_argument('pid', type=int, help='Process ID of the suspected app.')
arguments = parser.parse_args()
result = map_explorer('/data/data', arguments.pid)
if result:
print('the following paths were found:')
for path in result:
print(path)
else:
print('No dynamic loading was detected.')
if __name__ == "__main__":
main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment