Thursday, March 20, 2014

jadx - Dex to Java decompiler

there's a new decompiler on the block. it targets dex directly, rather than java class bytecode, so it doesn't rely on dex2jar. i'm pleased by it's performance so far, and it's worth checking out: https://github.com/skylot/jadx
  • it's mostly a cli, with a simple, "experimental" gui.
  • it takes dex or jar files as input
  • it can make a control flow graph.
  • output is configurable -- you can chose to have "simple" branching, where it wont try to be smart about how it decompiles conditionals and loops. this can actually be much easier to read than jd-gui's pervasive "while(true) //a bunch of stuff" constructs.

screenshot
GitHub page curiously lacking in GUI money-shot

Thursday, February 13, 2014

Native Protection & Mono by Nihilus


another interesting tutorial from Nihilus. here's the description from the guide:
this tutorial covers a basic understanding of the Mono/Xamarin for Android, specifically how C#/.NET is used lately to protect games and, who knows, even malwares.
here's the link: https://mega.co.nz/#!C1xU1YqA!m2QKsCIYePGnzmfGCQcZBQOho0nXINV_B4KfCdc6nOA

i was not aware of this ability to run mono code on android and found it interesting.

related to this, wine is on the way for android. this could get interesting.
http://wiki.winehq.org/FOSDEM2014?action=AttachFile&do=get&target=wine-on-android-fosdem-2014.pdf


Wednesday, February 12, 2014

zerdei's luyten, a worthwhile jd-gui alternative

if you use dex2jar + jd-gui and you find the results less than satisfying, that's normal. jd-gui hasn't been updated in at least 100 years. methods often fail to compile and blocks of code are sometimes omitted.

luyten, by deathmarine, which you can get here: https://github.com/deathmarine/Luyten/releases is a front end for procyon, a java decompiler. procyon+luyten has a higher success rate for decompiling methods in my experience, and has higher fidelity output, though it's more verbose. the UI isn't that great, but this pull request by zerdei includes several noteworthy improvements: https://github.com/deathmarine/Luyten/pull/13

feel free to clone and build the jar yourself, but if you're lazy, and somewhat trusting, i built this for you!
https://mega.co.nz/#!K95RlRiB!ak2DWRxC2DgPYDic0eDpQibAuGtIoFZGtU67GzyjEjM

Tuesday, December 24, 2013

hexicle utility

Hex has released a tool called hexicle which wraps a lot of common tools such as smali, baksmali, zipalign, etc. with a friendly ui. it's written in python and is made for linux. here's a bit from the readme, which you should totally read:

The tool is written in python using curses library. The tool comes inclusive of all tools that are necessary for it's fuctionality. Hexicle will always overwrite files. The sources are decompiled in a folder with a same name.


download v1.1: http://www.mediafire.com/download/8o9m2dr7pky2mnf/Hexicle+v1.1.zip
password: hexicle


 if you have any bugs or comments, Hex requested that you just post them here.

Tuesday, October 29, 2013

Nihilus' Reversing DexGuard 5.x

Here's another tutorial kindly written by Nihilus.

It's a teardown of reversing DexGuard's protections, which are legion, along with some of the thought process behind it. I like it because it's pure reversing -- no cracking of the commercial app.

https://mega.co.nz/#!s8MgkDyY!Qd36YVri66wLN1mXFRCQrlebNnxqRKT-ftrlpybCs80

Kindly post feedback if you're so inclined, and contact me if you'd like to share your reversing knowledge :D

Friday, October 25, 2013

hex's keygen tutorial

Got a new tutorial for you good people. The author is hex and he was kind enough to write it and send it to me. It's a no-nonsense keygen'ing guide.

Here's the download: https://mega.co.nz/#!cg4FFB5b!Sw1a0hB2MHNk72sr8VEU8Wi8LMhxt7mqLtBvCfWikHU

Feel free to leave some comments and let him know what you think.

If you'd like to share a cracking tutorial, I'd be glad to link to it, unless it's shit, so let me know. :D

Saturday, June 1, 2013

smali syntax highlighting for sublime

i have been using sublime text 2 + androguard plugin for decompiling and am liking it very much. it doesn't do as well producing correct java as, say, dex2jar + jdgui, but it's sometimes easier to read. it doesn't handle try/catch blocks at all -- just ignores them. this means it's a great alternative for jdgui, which will error out on methods with overlapping try/catch stuff.

since i've been using sublime, i've also needed a smali syntax highlighter, which i found here: https://github.com/ShaneWilton/sublime-smali

it's the best syntax highlighter i've seen because of the line level syntax validation it does. when you write smali, you can be more confident it is correct with this. you should check out the regex if you're a fan of such tedium.