A^( for ^( engineers, crackers and safety analyst. Or you’ll be able to name it rattling, why are raspberries so fluffy or but, duck warriors are wealthy as fuck. Whatever you prefer! Built on best of pyqt5, frida and a few horrible code.
Something you’ll be able to do with Dwarf
- watchpoints with out beef up
- visible emulation with auto map from goal, ^( reminiscence accesses
- breaks module loading cycle, java categories
- set breaks prerequisites and customized logics
- inject code on each and every breakpointed thread
- trade information along with your goal and show it in UI
- digging thru reminiscence, disassembly and jvm fields/purposes
- backtrace each local and java
- takes all of your frida agent in script editor, convert hooks to breakpoints and many others
- all of this may also be accomplished thru scripting to construct customized ^( good judgment
A frida server operating anyplace.
- make sure that you’ll be able to use ‘adb’ command in console or ^(
- root at the tool/emulator is needed!
- make sure that frida is in /machine/bin|xbin with a+x permissions or ultimately use Dwarf to mechanically set up newest frida server
Setup and run
git clone https://github.com/iGio90/Dwarf
pip3 set up -r necessities.txt
You can set up keystone-engine to permit assembler:
OSX / Unix
pip3 set up keystone-engine
dex2jar equipment (required for baksmali/decompiling)
On Windows upload d2j folder to %PATH% and alter:
'java -Xms512m -Xmx1024m -cp "%CP%" %*'
in d2j_invoke.bat to
'java -Xms512m -Xmx4096m -cp "%CP%" %*'
You can trade in .dwarf
"dwarf_ui_hexedit_bpl": 32 (default: 16) - Bytes consistent with line in hexview
"dwarf_ui_hexstyle": "higher", "decrease" (default: "higher") - general hexstyle 0xabcdef or 0xABCDEF (be aware: click on at the "Offset (X)" in hexview to switch)
"dwarf_ui_font_size": 12 (default: 12) - (be aware: hexview/disasm use different font look forward to settingsdlg or trade lib/utils.py get_os_monospace_font())