Xposed install on samsung note5 for Android7.x 1.prepare twrp download https://twrp.me/samsung/samsunggalaxynote5.html xposed 7.0 https://www.wrbug.com/2017/07/20/Xposed_Android7.0%E7%89%88%E6%9C%AC%E6%A1%86%E6%9E%B6%E5%8F%91%E5%B8%83/ 2.flash image heimdall flash --pit 9200.pit --SYSTEM AP/system.img ...

this article describe how to root huawei mate 9 pro 1.unlock bootloader get unlock code at https://www.emui.com/cn/plugin/unlock/detail then : adb reboot bootloader fastboot oem unlock xxxx 12 adb reboot bootloaderfastboot oem unlock xxxx 2.flash recovery down...

  I successfully built my own kernel(boot.img) for samsung s7 edge(SM-G9350 Android7.0), There are many puzzles when build and flash samsung rom(kernel): source download from http://opensource.samsung.com/ may be not complete! how to find out whether the source is complete?  check this dir: /system/lib/modules/, if the kernel you built contain...

  load android arm64 image by default:   Rebase image :   select Image base and set the value to _text’s address, here is 0xffffffc000080000   use this idc script to load kernel symbol: IDC script /* kallsyms loader */ /* by goroh_kun */ /* modified from H2enum Version 1.09 */ #include ...

In this article, i’ll show you how to get root after gaining kernel arbitrary address read and write. Android 7.0 still use 3.1x version of Linux kernel by 2017.3.31. So ,we use Linux kernel 3.18 as example to explain how to gain root access. The precondition is gaining arbitrary address read and write.  Any process that fork from zygote  h...

1.Download cf_auto_root find a version that fit your device in https://autoroot.chainfire.eu/ decompress cf_auto_root and get recovery.img、cache.img 2.Flash img flash recovery.img and cache.img to your device,the process of flashing is similar to part 5 of this article: Build and Flash Samsung Kernel(boot.img) on Ubuntu ( I ) 3.Reboot reboot you...

In this article, we will build and flash samsung kernel from source code.The test environment is on Samsung Note5 Android6.0, Ubuntu 14.04. 1.Download samsung firmware download samsung firmware on http://opensource.samsung.com/ and download the android6.0 source code(if you want to build custom system.img,i will tell this part in the next article) 2...

1.Install Burp Certificate on Android this part you can see : 安卓APP测试之使用Burp Suite实现HTTPS抓包方法 2.Set Proxy set proxy on burpsuite and mobile: set proxy on mobile,ensure that burpsuite and test mobile at the same wifi. 3.Modify key API So far,you can monitor many https connections such as self signed certificate with weak c...

This article will discuss something about Android4.2 kernel debugging,i won’t tell you how to set up the environment , if you want to know how,please review this article : Android Linux内核编译调试 , but that article still contains some errors, for example , the command to open an emulator that can be debugged is as below: ...

1.Overview In 0ctf2016 ,there are many hard challenges,the ‘state of art’ is one of that. This article will not only talk about that challenge but also introduce some details of Android ART.If you find something wrong, please don’t hesitate to tell me,thanks! 2. Android ART I won’t introduce the all of Android ART in ...

In the process of learning English these days , i want to find some useful apps to make me more effective,so, finding this app : “voa每日英语”  (by 2015.12.08) . This app seemed good until i saw the comments: Then i installed this app and see how it would act : Every time when i open this app,it will automatically download ads! so i crack...

今年的比赛运气比较好,最终排名前20(学生潜力榜第四),到手2500大洋 ^-^ 这次阿里的题出的比去年难得多了,到第三题各种so混淆,只能怪自己源码研究的还不够深,还得继续努力阿~ 第一题 用netbeans动态跟smali,在所有比较处下断点,经调试发现在45540行,v4固定为520676,并与计算过后的输入值作比较(v10): 当输入为1时v10为124751,输入为2时v10为124752,输入为3时v10为124753...

这篇文章将从Android源码编译开始,一步步定制自己的Android ROM。使用到的设备为Nexus 5,Android源码版本为4.4.4_r2,编译环境为kali2.0 64位。 1.Android源码编译 android源码下载这里不再介绍,具体可以看google的官方文档。 1.1准备编译环境 编译android源码需要sun/oracle的jdk(kali2.0自带的为openJDK),3.8版本的make,还要安装的依赖库如下: ...

APK的http请求中使用的安全措施大致可以分成3个阶段: java层的签名+加密 so层的签名+加密 https 当然,并不是说在so中的安全措施就一定比在java层的安全,https亦如此(曾经看过一个apk在java层模拟了https,一样也能起到比较好的安全防护效果)。 https也不能完全保障安全性,APK的保护还是需要综合各类措施。这篇文章将介绍如何使用fiddler监控任意APK发送的https请求,可以...

Cydia Substrate出了android版本的hook框架,不仅能hook java层函数,还能hook so中的函数,其核心原理是函数的inline hook,与xposed有着十分大的差别(xposed主要通过hookMethodNative将java层函数替换成native层函数而完成hook)。 合理使用Cydia Substrate可以有效绕过反调试,签名校验还可以制作脱壳机等,大大加快分析APK的效率。这篇文章主要介绍使用Cydia Substrate A...

+
跳转到评论