segfault-bilibili
strazzere
/ gist:506a592b44c9d228d697
Last active
May 9, 2023 16:13
Attaching to fast loading JNI/native code from an Android app without debugging the Dalvik code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The original issue was that some applications (ex. packers) launch the JNI/native code too fast for a person | |
| to attach an IDA Pro instance to the process. The original solution was wrapping the jni code with your own | |
| "surrogate" application so you could load it slower. | |
| New process is to launch the Android/Dalvik activity with the debugger flag; | |
| # adb shell am start -D com.play.goo_w/com.android.netservice.MainActivity | |
| Which will cause the "Waiting for debugger..." mode to start. This starts the process, allowing you to | |
| attach IDA Pro to the process for the native code. |