Giters

liumin0 / jni_helper

Find JNI function signatures in APK and apply to reverse tools.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

JNI Helper

CI

Find JNI function signatures in APK and apply to reverse tools.

Basic Usage

  1. Use extract_jni.py to generate signature.json
  2. Load signature.json into Ghidra/IDA/Radare2

extract_jni.py

extract

Install dependences:

pip3 install -r requirements.txt

Usage:

$ ./extract_jni.py -h
usage: extract_jni.py [-h] [-j WORKERS] [-o OUTFILE] apk

positional arguments:
  apk         /path/to/apk

optional arguments:
  -h, --help  show this help message and exit
  -j WORKERS  parse apk with multiple workers(processes) (default: 8)
  -o OUTFILE  save JNI methods as formatted json file (default: stdout)

Ghidra Plugin

See Ghidra.

Before After
g1 g2

IDA Plugin

See IDA.

Before After
i1 i2

Radare2 Plugin

WIP, see Radare2

Demo

Tested with demo APK: app-debug.apk

TODO

  • support both C/C++ JNI functions
  • support overloaded JNI functions
  • remove Jadx dependence, all in Python
  • support env->RegisterNatives JNI functions

LINKS

About

Find JNI function signatures in APK and apply to reverse tools.

Languages

Language:C++ 87.7%Language:Python 8.5%Language:C 3.7%Language:Makefile 0.1%