-
-
Save zysyyz/adb4a5be69f786c631350f69a5a95d5f to your computer and use it in GitHub Desktop.
Revisions
-
strazzere revised this gist
Feb 5, 2015 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -12,7 +12,8 @@ Next attach forward the jdwp process to a tcp socket so you can connect; # adb jdwp ... 3292 This process returns all available jdwp processes, the last one should be your new pid you want to debug (you could check this through top/ps) # adb forward tcp:8700 jdwp:3292 -
Feb 5, 2015 . 1 changed file with 10 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -8,7 +8,15 @@ New process is to launch the Android/Dalvik activity with the debugger flag; Which will cause the "Waiting for debugger..." mode to start. This starts the process, allowing you to attach IDA Pro to the process for the native code. Next attach forward the jdwp process to a tcp socket so you can connect; # adb jdwp ... 3292 This process returns all available jdwp processes, the last one should be your new pid you want to debug (you could check this through top/ps) # adb forward tcp:8700 jdwp:3292 After you've forwarded the port to the jdwp process, you can connect on your machine via jdb; # jdb -attach localhost:8700 Drop the jdb conneciton and let the Android application run as it normal would. -
Feb 4, 2015 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,7 +3,7 @@ The original issue was that some applications (ex. packers) launch the JNI/nativ "surrogate" application so you could load it slower. New process is to launch the Android/Dalvik activity with the debugger flag; # adb shell am start -D com.play.goo_w/com.android.netservice.MainActivity Which will cause the "Waiting for debugger..." mode to start. This starts the process, allowing you to attach IDA Pro to the process for the native code. -
Feb 3, 2015 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,12 +3,12 @@ The original issue was that some applications (ex. packers) launch the JNI/nativ "surrogate" application so you could load it slower. New process is to launch the Android/Dalvik activity with the debugger flag; # am -D com.strazzere.different / .MainActivity Which will cause the "Waiting for debugger..." mode to start. This starts the process, allowing you to attach IDA Pro to the process for the native code. Next attach a jdwp debugger and continue; # jdb -connect com.sun.jdi.SocketAttach: hostname = 127.0.0.1, port = 8700 Drop the jdb conneciton and let the Android application run as it normal would. -
Feb 3, 2015 . 1 changed file with 5 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,9 +1,12 @@ The original issue was that some applications (ex. packers) launch the JNI/native code too fast for a person to attach an IDA Pro instance to the process. The original solution was wrapping the jni code with your own "surrogate" application so you could load it slower. New process is to launch the Android/Dalvik activity with the debugger flag; #am -D com.strazzere.different / .MainActivity Which will cause the "Waiting for debugger..." mode to start. This starts the process, allowing you to attach IDA Pro to the process for the native code. Next attach a jdwp debugger and continue; jdb -connect com.sun.jdi.SocketAttach: hostname = 127.0.0.1, port = 8700 -
Feb 3, 2015 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,11 @@ The original issue was that some applications (ex. packers) launch the JNI/native code too fast for a person to attach an IDA Pro instance to the process. The original solution was wrapping the jni code with your own "surrogate" application so you could load it slower. New process is to launch the Android/Dalvik activity with the debugger flag; #am -D com.strazzere.different / .MainActivity Which will cause the "Waiting for debugger..." mode to start. This starts the process, allowing you to attach IDA Pro to the process for the native code. Next attach a jdwp debugger and continue; jdb -connect com.sun.jdi.SocketAttach: hostname = 127.0.0.1, port = 8700 Drop the jdb conneciton and let the Android application run as it normal would.