BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment.

Overview

BlackDex

English Version

BlackDex是一个运行在Android手机上的脱壳工具,支持5.0~12,无需依赖任何环境任何手机都可以使用,包括模拟器。只需几秒,即可对已安装包括未安装的APK进行脱壳。

项目声明

本项目并不针对任何加固,在遇到检测环境等均不处理,仅供安全领域分析用途。项目免费开源仅供学习用途、请勿用于非法用途。否则后果自负!

脱壳说明

本项目针对一(落地加载)、二(内存加载)、三(指令抽取)代壳,摆脱对以往脱壳环境的困扰,几乎支持5.0以上的任何系统。并且拥有 快速方便成功率高 的优点。一般只需要几秒钟即可完成对已安装包括未安装应用脱壳。未安装应用脱壳时间主要花费在复制文件IO消耗上,由应用大小决定速度。已安装应用一般在数秒内即可完成脱壳。

脱壳原理

通过DexFile cookie进行脱壳,理论兼容art开始的所有版本。可能少数因设备而异,绝大部分是支持的。资源有限无法大量测试,遇到问题请提issues.

深度脱壳

深度脱壳模式下会自主修复被抽取的方法指令,将指向其他内存块的指令回填至DEX内,解决nop问题,但是不会确保一定会有用,例如:指令需要主动调用才解密等则无法回填或者说是无效回填。深度脱壳并不包含任何解密、主动调用等操作。本功能仍然在测试阶段,可能会出现以下情况,请悉知,愿世上再无nop。

  1. 脱壳时间会大幅度上升,预计几分钟都十几分钟不等
  2. 脱壳期间有可能会出现应用闪退(遇到反检测等)
  3. 会增加脱壳失败几率
  4. 不一定能够100%还原

部分抽取壳脱壳前后对比

xx

环境要求

  • 一台普通手机
  • Xposed
  • Frida
  • Magisk
  • Root
  • 定制系统

架构特别说明

本项目区分32位与64位,目前是2个不同的app,如在Demo已安装列表内无法找到需要开启的app说明不支持,请使用另一个版本。

BlackDex下载:https://github.com/CodingGay/BlackDex/releases

演示

xx

感谢

License

Copyright 2021 Milk

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

   http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Issues
  • not found dex file

    not found dex file

    描述错误 提示 not found dex file

    重现 重现该行为的步骤: 1.单击任意应用

    设备信息

    • 设备: [华硕 zc550kl]
    • Android版本: [5.0.2]

    运行日志 --------- beginning of main W/System.err(14889): java.io.FileNotFoundException: mario-sdk-plugin.apk W/System.err(14889): at android.content.res.AssetManager.openAsset(Native Method) W/System.err(14889): at android.content.res.AssetManager.open(AssetManager.java:322) W/System.err(14889): at android.content.res.AssetManager.open(AssetManager.java:296) W/System.err(14889): at android.app.ActivityThread.isWdjApplication(ActivityThread.java:5177) W/System.err(14889): at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4382) W/System.err(14889): at android.app.ActivityThread.access$1500(ActivityThread.java:151) W/System.err(14889): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1346) W/System.err(14889): at android.os.Handler.dispatchMessage(Handler.java:102) W/System.err(14889): at android.os.Looper.loop(Looper.java:135) W/System.err(14889): at android.app.ActivityThread.main(ActivityThread.java:5291) W/System.err(14889): at java.lang.reflect.Method.invoke(Native Method) W/System.err(14889): at java.lang.reflect.Method.invoke(Method.java:372) W/System.err(14889): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899) W/System.err(14889): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694) --------- beginning of system I/ActivityThread(14889): wandoujia app ? false I/art (14889): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (14889): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art V/Monotype(14889): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(14889): Typeface getFontPathFlipFont - systemFont = default#default W/System.err(14914): java.io.FileNotFoundException: mario-sdk-plugin.apk W/System.err(14914): at android.content.res.AssetManager.openAsset(Native Method) W/System.err(14914): at android.content.res.AssetManager.open(AssetManager.java:322) W/System.err(14914): at android.content.res.AssetManager.open(AssetManager.java:296) W/System.err(14914): at android.app.ActivityThread.isWdjApplication(ActivityThread.java:5177) W/System.err(14914): at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4382) W/System.err(14914): at android.app.ActivityThread.access$1500(ActivityThread.java:151) W/System.err(14914): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1346) W/System.err(14914): at android.os.Handler.dispatchMessage(Handler.java:102) W/System.err(14914): at android.os.Looper.loop(Looper.java:135) W/System.err(14914): at android.app.ActivityThread.main(ActivityThread.java:5291) W/System.err(14914): at java.lang.reflect.Method.invoke(Native Method) W/System.err(14914): at java.lang.reflect.Method.invoke(Method.java:372) W/System.err(14914): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899) W/System.err(14914): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694) I/ActivityThread(14914): wandoujia app ? false I/art (14914): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (14914): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (14914): Background sticky concurrent mark sweep GC freed 1820(96KB) AllocSpace objects, 0(0B) LOS objects, 0% free, 1321KB/1321KB, paused 7.221ms total 34.584ms V/Monotype(14914): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(14914): Typeface getFontPathFlipFont - systemFont = default#default I/DaemonService(14914): DaemonInnerService -> onCreate I/DaemonService(14914): DaemonInnerService -> onStartCommand I/DaemonService(14914): DaemonInnerService -> onDestroy W/art (14889): Before Android 4.1, method android.graphics.PorterDuffColorFilter androidx.vectordrawable.graphics.drawable.VectorDrawableCompat.updateTintFilter(android.graphics.PorterDuffColorFilter, android.content.res.ColorStateList, android.graphics.PorterDuff$Mode) would have incorrectly overridden the package-private method in android.graphics.drawable.Drawable V/Monotype(14889): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(14889): Typeface getFontPathFlipFont - systemFont = default#default V/Monotype(14889): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(14889): Typeface getFontPathFlipFont - systemFont = default#default I/art (14889): Background partial concurrent mark sweep GC freed 5576(284KB) AllocSpace objects, 2(52KB) LOS objects, 40% free, 2MB/3MB, paused 5.478ms total 34.530ms I/MobclickAgent(14889): module init:azio I/art (14889): Background sticky concurrent mark sweep GC freed 6513(630KB) AllocSpace objects, 10(160KB) LOS objects, 12% free, 3MB/3MB, paused 5.538ms total 65.733ms E/PhoneWindow(14889): generateLayout features 1 = 8259/2= 8259/ layoutResource =17367253 D/OpenGLRenderer(14889): Render dirty regions requested: true I/Adreno-EGL(14889): <qeglDrvAPI_eglInitialize:379>: EGL 1.4 QUALCOMM build: AU_LINUX_ANDROID_LA.BR.1.1.3_RB1.05.00.02.032.013_msm8916_64_refs/tags/AU_LINUX_ANDROID_LA.BR.1.1.3_RB1.05.00.02.032.013__release_AU () I/Adreno-EGL(14889): OpenGL ES Shader Compiler Version: E031.25.03.02 I/Adreno-EGL(14889): Build Date: 05/21/15 Thu I/Adreno-EGL(14889): Local Branch: I/Adreno-EGL(14889): Remote Branch: refs/tags/AU_LINUX_ANDROID_LA.BR.1.1.3_RB1.05.00.02.032.013 I/Adreno-EGL(14889): Local Patches: NONE I/Adreno-EGL(14889): Reconstruct Branch: NOTHING I/OpenGLRenderer(14889): Initialized EGL, version 1.4 D/OpenGLRenderer(14889): Enabling debug mode 0 W/art (14889): Suspending all threads took: 16.172ms I/art (14889): Background sticky concurrent mark sweep GC freed 15723(848KB) AllocSpace objects, 8(128KB) LOS objects, 0% free, 7MB/7MB, paused 20.414ms total 49.534ms E/PhoneWindow(14889): generateLayout features 1 = 1091/2= 1091/ layoutResource =17367254 D/BPackageInstallerService(14914): installPackageAsUser: CreateUserExecutor exec: 0 D/BPackageInstallerService(14914): installPackageAsUser: CreatePackageExecutor exec: 0 D/BPackageInstallerService(14914): installPackageAsUser: CopyExecutor exec: 0 D/Settings(14914): loaded Package: com.androlua.GGAPI D/BPackageManagerService(14914): onPackageInstalled: com.androlua.GGAPI, userId: 0 D/TestActivity(14914): startActivityLocked : ComponentInfo{com.androlua.GGAPI/com.androlua.Welcome} D/BProcessManager(14914): init bUid = 10001, bPid = 0 D/BProcessManager(14914): initProcess: com.androlua.GGAPI W/System.err(14977): java.io.FileNotFoundException: mario-sdk-plugin.apk W/System.err(14977): at android.content.res.AssetManager.openAsset(Native Method) W/System.err(14977): at android.content.res.AssetManager.open(AssetManager.java:322) W/System.err(14977): at android.content.res.AssetManager.open(AssetManager.java:296) W/System.err(14977): at android.app.ActivityThread.isWdjApplication(ActivityThread.java:5177) W/System.err(14977): at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4382) W/System.err(14977): at android.app.ActivityThread.access$1500(ActivityThread.java:151) W/System.err(14977): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1346) W/System.err(14977): at android.os.Handler.dispatchMessage(Handler.java:102) W/System.err(14977): at android.os.Looper.loop(Looper.java:135) W/System.err(14977): at android.app.ActivityThread.main(ActivityThread.java:5291) W/System.err(14977): at java.lang.reflect.Method.invoke(Native Method) W/System.err(14977): at java.lang.reflect.Method.invoke(Method.java:372) W/System.err(14977): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899) W/System.err(14977): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694) I/ActivityThread(14977): wandoujia app ? false I/art (14977): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (14977): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art W/art (14977): Suspending all threads took: 15.526ms V/Monotype(14977): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(14977): Typeface getFontPathFlipFont - systemFont = default#default W/ResourcesManager(14977): Asset path '/data/user/0/top.niunaijun.blackdexa32/virtual/cache/junit.jar' does not exist or contains no resources. W/asset (14977): Asset path /system/framework/org.apache.http.legacy.boot.jar is neither a directory nor file (type=1). W/ResourcesManager(14977): Asset path '/system/framework/org.apache.http.legacy.boot.jar' does not exist or contains no resources. W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) D/VmCore (14977): VmCore init. W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/ContextImpl(14977): Failed to ensure directory: /Removable/MicroSD/Android/data/top.niunaijun.blackdexa32/cache W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/ContextImpl(14977): Failed to ensure directory: /Removable/MicroSD/Android/data/com.androlua.GGAPI/cache W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/ContextImpl(14977): Failed to ensure directory: /Removable/MicroSD/Android/data/com.androlua.GGAPI/cache D/VmCore (14977): findClass fail: java/io/UnixFileSystem canonicalize0 D/VmCore (14977): findClass fail: java/io/UnixFileSystem getLastModifiedTime0 D/VmCore (14977): findClass fail: java/io/UnixFileSystem setPermission0 D/VmCore (14977): findClass fail: java/io/UnixFileSystem createFileExclusively0 D/VmCore (14977): findClass fail: java/io/UnixFileSystem list0 D/VmCore (14977): findClass fail: java/io/UnixFileSystem createDirectory0 D/VmCore (14977): findClass fail: java/io/UnixFileSystem setLastModifiedTime0 D/VmCore (14977): findClass fail: java/io/UnixFileSystem setReadOnly0 D/VmCore (14977): findClass fail: java/io/UnixFileSystem getSpace0 D/VmCore (14977): register class:java/lang/VMClassLoader, method:findLoadedClass success! I/art (14977): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (14977): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (14977): Rejecting re-init on previously-failed class java.lang.Class<s.h.e.l.l.A> I/art (14977): Rejecting re-init on previously-failed class java.lang.Class<s.h.e.l.l.A> I/art (14977): Counter: 1 W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) W/System.err(14914): java.lang.NullPointerException: Attempt to get length of null array W/System.err(14914): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(14914): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(14914): at android.os.Binder.execTransact(Binder.java:446) I/Process (14914): Sending signal. PID: 14977 SIG: 9 D/BPackageInstallerService(14914): uninstallPackageAsUser: RemoveAppExecutor exec: 0 D/BPackageInstallerService(14914): uninstallPackageAsUser: RemoveUserExecutor exec: 0 D/BPackageManagerService(14914): onPackageUninstalled: com.androlua.GGAPI, userId: 0 E/PhoneWindow(14889): generateLayout features 1 = 8259/2= 8259/ layoutResource =17367253 D/BProcessManager(14914): App Died: com.androlua.GGAPI I/Process (14914): Sending signal. PID: 14977 SIG: 9 W/System.err(15712): java.io.FileNotFoundException: mario-sdk-plugin.apk W/System.err(15712): at android.content.res.AssetManager.openAsset(Native Method) W/System.err(15712): at android.content.res.AssetManager.open(AssetManager.java:322) W/System.err(15712): at android.content.res.AssetManager.open(AssetManager.java:296) W/System.err(15712): at android.app.ActivityThread.isWdjApplication(ActivityThread.java:5177) W/System.err(15712): at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4382) W/System.err(15712): at android.app.ActivityThread.access$1500(ActivityThread.java:151) W/System.err(15712): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1346) W/System.err(15712): at android.os.Handler.dispatchMessage(Handler.java:102) W/System.err(15712): at android.os.Looper.loop(Looper.java:135) W/System.err(15712): at android.app.ActivityThread.main(ActivityThread.java:5291) W/System.err(15712): at java.lang.reflect.Method.invoke(Native Method) W/System.err(15712): at java.lang.reflect.Method.invoke(Method.java:372) W/System.err(15712): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899) W/System.err(15712): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694) I/ActivityThread(15712): wandoujia app ? false I/art (15712): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (15712): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art W/art (15712): Suspending all threads took: 11.578ms I/art (15712): Background sticky concurrent mark sweep GC freed 1783(94KB) AllocSpace objects, 0(0B) LOS objects, 0% free, 1242KB/1242KB, paused 13.821ms total 30.848ms V/Monotype(15712): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(15712): Typeface getFontPathFlipFont - systemFont = default#default W/System.err(15737): java.io.FileNotFoundException: mario-sdk-plugin.apk W/System.err(15737): at android.content.res.AssetManager.openAsset(Native Method) W/System.err(15737): at android.content.res.AssetManager.open(AssetManager.java:322) I/ActivityThread(15737): wandoujia app ? false W/System.err(15737): at android.content.res.AssetManager.open(AssetManager.java:296) W/System.err(15737): at android.app.ActivityThread.isWdjApplication(ActivityThread.java:5177) W/System.err(15737): at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4382) W/System.err(15737): at android.app.ActivityThread.access$1500(ActivityThread.java:151) W/System.err(15737): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1346) W/System.err(15737): at android.os.Handler.dispatchMessage(Handler.java:102) W/System.err(15737): at android.os.Looper.loop(Looper.java:135) W/System.err(15737): at android.app.ActivityThread.main(ActivityThread.java:5291) W/System.err(15737): at java.lang.reflect.Method.invoke(Native Method) W/System.err(15737): at java.lang.reflect.Method.invoke(Method.java:372) W/System.err(15737): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899) W/System.err(15737): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694) I/art (15737): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (15737): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (15737): Background sticky concurrent mark sweep GC freed 1814(95KB) AllocSpace objects, 0(0B) LOS objects, 0% free, 1322KB/1322KB, paused 7.997ms total 34.932ms V/Monotype(15737): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(15737): Typeface getFontPathFlipFont - systemFont = default#default I/DaemonService(15737): DaemonInnerService -> onCreate I/DaemonService(15737): DaemonInnerService -> onStartCommand I/DaemonService(15737): DaemonInnerService -> onDestroy I/art (15712): Background sticky concurrent mark sweep GC freed 6834(593KB) AllocSpace objects, 17(272KB) LOS objects, 10% free, 2MB/2MB, paused 13.314ms total 125.325ms I/art (15712): Background sticky concurrent mark sweep GC freed 416(34KB) AllocSpace objects, 2(32KB) LOS objects, 3% free, 2MB/2MB, paused 7.079ms total 31.688ms W/art (15712): Before Android 4.1, method android.graphics.PorterDuffColorFilter androidx.vectordrawable.graphics.drawable.VectorDrawableCompat.updateTintFilter(android.graphics.PorterDuffColorFilter, android.content.res.ColorStateList, android.graphics.PorterDuff$Mode) would have incorrectly overridden the package-private method in android.graphics.drawable.Drawable I/MobclickAgent(15712): module init:azio V/Monotype(15712): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(15712): Typeface getFontPathFlipFont - systemFont = default#default V/Monotype(15712): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(15712): Typeface getFontPathFlipFont - systemFont = default#default E/PhoneWindow(15712): generateLayout features 1 = 8259/2= 8259/ layoutResource =17367253 D/OpenGLRenderer(15712): Render dirty regions requested: true I/Adreno-EGL(15712): <qeglDrvAPI_eglInitialize:379>: EGL 1.4 QUALCOMM build: AU_LINUX_ANDROID_LA.BR.1.1.3_RB1.05.00.02.032.013_msm8916_64_refs/tags/AU_LINUX_ANDROID_LA.BR.1.1.3_RB1.05.00.02.032.013__release_AU () I/Adreno-EGL(15712): OpenGL ES Shader Compiler Version: E031.25.03.02 I/Adreno-EGL(15712): Build Date: 05/21/15 Thu I/Adreno-EGL(15712): Local Branch: I/Adreno-EGL(15712): Remote Branch: refs/tags/AU_LINUX_ANDROID_LA.BR.1.1.3_RB1.05.00.02.032.013 I/Adreno-EGL(15712): Local Patches: NONE I/Adreno-EGL(15712): Reconstruct Branch: NOTHING I/OpenGLRenderer(15712): Initialized EGL, version 1.4 D/OpenGLRenderer(15712): Enabling debug mode 0 E/PhoneWindow(15712): generateLayout features 1 = 1091/2= 1091/ layoutResource =17367254 D/BPackageInstallerService(15737): installPackageAsUser: CreateUserExecutor exec: 0 D/BPackageInstallerService(15737): installPackageAsUser: CreatePackageExecutor exec: 0 D/BPackageInstallerService(15737): installPackageAsUser: CopyExecutor exec: 0 D/Settings(15737): loaded Package: com.androlua.GGAPI D/BPackageManagerService(15737): onPackageInstalled: com.androlua.GGAPI, userId: 0 D/TestActivity(15737): startActivityLocked : ComponentInfo{com.androlua.GGAPI/com.androlua.Welcome} D/BProcessManager(15737): init bUid = 10002, bPid = 0 D/BProcessManager(15737): initProcess: com.androlua.GGAPI W/System.err(15852): java.io.FileNotFoundException: mario-sdk-plugin.apk W/System.err(15852): at android.content.res.AssetManager.openAsset(Native Method) W/System.err(15852): at android.content.res.AssetManager.open(AssetManager.java:322) W/System.err(15852): at android.content.res.AssetManager.open(AssetManager.java:296) I/ActivityThread(15852): wandoujia app ? false W/System.err(15852): at android.app.ActivityThread.isWdjApplication(ActivityThread.java:5177) W/System.err(15852): at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4382) W/System.err(15852): at android.app.ActivityThread.access$1500(ActivityThread.java:151) W/System.err(15852): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1346) W/System.err(15852): at android.os.Handler.dispatchMessage(Handler.java:102) W/System.err(15852): at android.os.Looper.loop(Looper.java:135) W/System.err(15852): at android.app.ActivityThread.main(ActivityThread.java:5291) W/System.err(15852): at java.lang.reflect.Method.invoke(Native Method) W/System.err(15852): at java.lang.reflect.Method.invoke(Method.java:372) W/System.err(15852): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899) W/System.err(15852): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694) I/art (15852): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (15852): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art W/art (15852): Suspending all threads took: 5.875ms V/Monotype(15852): SetAppTypeFace- try to flip, app = top.niunaijun.blackdexa32 V/Monotype(15852): Typeface getFontPathFlipFont - systemFont = default#default W/ResourcesManager(15852): Asset path '/data/user/0/top.niunaijun.blackdexa32/virtual/cache/junit.jar' does not exist or contains no resources. W/asset (15852): Asset path /system/framework/org.apache.http.legacy.boot.jar is neither a directory nor file (type=1). W/ResourcesManager(15852): Asset path '/system/framework/org.apache.http.legacy.boot.jar' does not exist or contains no resources. D/VmCore (15852): VmCore init. W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/ContextImpl(15852): Failed to ensure directory: /Removable/MicroSD/Android/data/top.niunaijun.blackdexa32/cache W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/ContextImpl(15852): Failed to ensure directory: /Removable/MicroSD/Android/data/com.androlua.GGAPI/cache W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/ContextImpl(15852): Failed to ensure directory: /Removable/MicroSD/Android/data/com.androlua.GGAPI/cache D/VmCore (15852): findClass fail: java/io/UnixFileSystem canonicalize0 D/VmCore (15852): findClass fail: java/io/UnixFileSystem getLastModifiedTime0 D/VmCore (15852): findClass fail: java/io/UnixFileSystem setPermission0 D/VmCore (15852): findClass fail: java/io/UnixFileSystem createFileExclusively0 D/VmCore (15852): findClass fail: java/io/UnixFileSystem list0 D/VmCore (15852): findClass fail: java/io/UnixFileSystem createDirectory0 D/VmCore (15852): findClass fail: java/io/UnixFileSystem setLastModifiedTime0 D/VmCore (15852): findClass fail: java/io/UnixFileSystem setReadOnly0 D/VmCore (15852): findClass fail: java/io/UnixFileSystem getSpace0 D/VmCore (15852): register class:java/lang/VMClassLoader, method:findLoadedClass success! I/art (15852): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (15852): Turn off relocation for /system/framework/boot.art system:/system/framework/arm/boot.art cache:/data/dalvik-cache/arm/[email protected]@boot.art I/art (15852): Rejecting re-init on previously-failed class java.lang.Class<s.h.e.l.l.A> I/art (15852): Rejecting re-init on previously-failed class java.lang.Class<s.h.e.l.l.A> I/art (15852): Counter: 1 W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) W/System.err(15737): java.lang.NullPointerException: Attempt to get length of null array W/System.err(15737): at top.niunaijun.blackbox.core.system.os.BStorageManagerService.getVolumeList(BStorageManagerService.java:34) W/System.err(15737): at top.niunaijun.blackbox.core.system.os.IBStorageManagerService$Stub.onTransact(IBStorageManagerService.java:70) W/System.err(15737): at android.os.Binder.execTransact(Binder.java:446) I/Process (15737): Sending signal. PID: 15852 SIG: 9 D/BPackageInstallerService(15737): uninstallPackageAsUser: RemoveAppExecutor exec: 0 D/BPackageInstallerService(15737): uninstallPackageAsUser: RemoveUserExecutor exec: 0 D/BPackageManagerService(15737): onPackageUninstalled: com.androlua.GGAPI, userId: 0 E/PhoneWindow(15712): generateLayout features 1 = 8259/2= 8259/ layoutResource =17367253 D/BProcessManager(15737): App Died: com.androlua.GGAPI I/Process (15737): Sending signal. PID: 15852 SIG: 9

    其他说明 上次你说让我别用虚拟机,这次我找了个真机还是一样报错,不知道是什么原因

    bug 
    opened by nspron 13
  • Jiagu 360 is unsupported

    Jiagu 360 is unsupported

    Description error Unpack fail

    image

    Reproduce Steps to reproduce the behavior:

    1. Open BlackDex 32
    2. Choose an app to dump

    Device Information -Equipment: Memu emulator -Android version: 7.1.1

    Run log top.niunaijun.blackdexa32_logcat.txt

    other instructions APK can be downloaded here https://drive.google.com/file/d/1YJ5fXiSdA8wg20s-Y54bWUuq7myD9Rp9/view

    bug 
    opened by ghost 7
  • 脱壳失败

    脱壳失败

    在此写下你的问题 样本双进程守护的,在frida也遇到过 log如下 12-05 12:48:50.037 28329 28329 W .blackdexa32:p: DexFile /data/user/0/top.niunaijun.blackdexa32/code_cache/1638679730036.dex is in boot class path but is not in a known location 12-05 12:48:50.107 1619 10094 I ActivityTaskManager: START u0 {flg=0x18080000 cmp=top.niunaijun.blackdexa32/top.niunaijun.blackbox.proxy.ProxyActivity$P0 (has extras)} from uid 10247 12-05 12:48:50.130 1619 6573 I ActivityTaskManager: The Process top.niunaijun.blackdexa32:p0 Already Exists in BG. So sending its PID: 28329 12-05 12:48:50.205 6485 23994 I MediaProvider: Deleted 1 items on external_primary due to top.niunaijun.blackdexa32 12-05 12:48:50.217 28329 28329 W ContextImpl: Failed to ensure /storage/emulated/0/Android/data/com.gtgj.view/cache: java.lang.SecurityException: Invalid mkdirs path: /storage/emulated/0/Android/data/com.gtgj.view/cache does not contain calling package top.niunaijun.blackdexa32 12-05 12:48:50.226 28329 28329 I .blackdexa32:p: The ClassLoaderContext is a special shared library. 12-05 12:48:50.234 28329 28329 W .blackdexa32:p: ClassLoaderContext classpath size mismatch. expected=0, found=3 (PCL[]{PCL[/system/framework/android.test.base.jar2798937298]#PCL[/system/framework/org.simalliance.openmobileapi.jar408507849]#PCL[/system/framework/org.apache.http.legacy.jar3672776127]} | PCL[/data/user/0/top.niunaijun.blackdexa32/virtual/cache/vm.jar3622534595:/data/user/0/top.niunaijun.blackdexa32/virtual/cache/junit.jar3930985515:/system/framework/org.apache.http.legacy.jar3672776127]) 12-05 12:48:50.237 28329 28329 W .blackdexa32:p: JIT profile information will not be recorded: profile file does not exist. 12-05 12:48:50.237 28329 28329 W .blackdexa32:p0: type=1400 audit(0.0:2474180): avc: granted { execute } for path="/data/data/top.niunaijun.blackdexa32/virtual/data/app/com.gtgj.view/lib/libblackdex.so" dev="dm-10" ino=357787 scontext=u:r:untrusted_app:s0:c247,c256,c512,c768 tcontext=u:object_r:app_data_file:s0:c247,c256,c512,c768 tclass=file app=top.niunaijun.blackdexa32 12-05 12:48:50.401 28329 28329 W top.niunaijun.blackdexa32:p0: Ignoring bad checksum (1121a50b, expected 7fea9ad9) 12-05 12:48:50.549 28329 28329 W .blackdexa32:p0: type=1400 audit(0.0:2474182): avc: granted { execute } for path="/data/data/top.niunaijun.blackdexa32/virtual/data/app/com.gtgj.view/lib/libDexHelper.so" dev="dm-10" ino=612945 scontext=u:r:untrusted_app:s0:c247,c256,c512,c768 tcontext=u:object_r:app_data_file:s0:c247,c256,c512,c768 tclass=file app=top.niunaijun.blackdexa32 12-05 12:48:50.634 28329 28329 W .blackdexa32:p: Opening an oat file without a class loader. Are you using the deprecated DexFile APIs? 12-05 12:48:50.776 28329 28329 F libc : Fatal signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0xff3adfa8 in tid 28329 (.blackdexa32:p0), pid 28329 (.blackdexa32:p0) 12-05 12:48:50.804 28386 28386 F crash_dump32: crash_dump.cpp:522] failed to attach to thread 28329, already traced by 28374 (top.niunaijun.blackdexa32:p0) 12-05 12:48:50.806 28329 28329 I libc : debuggerd_signal_handler test : top.niunaijun.blackdexa32:p0 12-05 12:48:50.806 28329 28329 I libc : debuggerd_signal_handler wait 2 second: top.niunaijun.blackdexa32:p0 12-05 12:48:52.850 1619 3476 I ActivityManager: Process top.niunaijun.blackdexa32:p0 (pid 28329) has died: fg TOP 12-05 12:48:52.852 1619 3476 I BroadcastQueue: cleanupBroadcastLocked skipPendingBroadcastLocked app = ProcessRecord{409a4bd 28329:top.niunaijun.blackdexa32:p0/u0a247} 12-05 12:48:52.853 1619 3476 I BroadcastQueue: cleanupBroadcastLocked skipPendingBroadcastLocked app = ProcessRecord{409a4bd 28329:top.niunaijun.blackdexa32:p0/u0a247} 12-05 12:48:52.874 1619 1931 I ActivityManager: Start proc 28389:top.niunaijun.blackdexa32:p0/u0a247 for top-activity {top.niunaijun.blackdexa32/top.niunaijun.blackbox.proxy.ProxyActivity$P0} 12-05 12:48:52.888 28389 28389 E .blackdexa32:p: Not starting debugger since process cannot load the jdwp agent. 12-05 12:48:52.940 28389 28389 W .blackdexa32:p: Accessing hidden method Ldalvik/system/VMRuntime;->setHiddenApiExemptions([Ljava/lang/String;)V (blacklist,core-platform-api, reflection, denied) 12-05 12:48:52.941 28389 28389 W .blackdexa32:p: Opening an oat file without a class loader. Are you using the deprecated DexFile APIs? 12-05 12:48:52.941 28389 28389 W .blackdexa32:p: DexFile /data/user/0/top.niunaijun.blackdexa32/code_cache/1638679732940.dex is in boot class path but is not in a known location 12-05 12:48:56.032 24161 24188 I TriggerManager: App resume for long time: top.niunaijun.blackdexa32, reset 1->1 12-05 12:48:57.927 28389 28412 I .blackdexa32:p: Waiting for a blocking GC ProfileSaver 12-05 12:48:57.961 28389 28412 I .blackdexa32:p: WaitForGcToComplete blocked ProfileSaver on ClassLinker for 34.148ms 12-05 12:48:57.973 28389 28402 I .blackdexa32:p: WaitForGcToComplete blocked RunEmptyCheckpoint on ProfileSaver for 11.558ms 12-05 12:49:39.030 24161 24188 I FaceActiveScreen: onRecognitionResult result=0, cost=419, ScreenDim=false, ScreenOn=true, curPkg=top.niunaijun.blackdexa32, curAct=top.niunaijun.blackdex.view.main.MainActivity, isKeyguard=false, isFunOn=true 12-05 12:50:11.186 24161 24188 I TriggerManager: App resume for long time: top.niunaijun.blackdexa32, reset 1->1

    opened by NorColumba 4
  • MIUI 12.5 安卓11脱某APP不成功,用旧手机MIUI 11 安卓7可以成功

    MIUI 12.5 安卓11脱某APP不成功,用旧手机MIUI 11 安卓7可以成功

    描述错误 MIUI 12.5 安卓11脱某APP不成功,用旧手机MIUI 11 安卓7可以成功

    重现 重现该行为的步骤: image

    设备信息

    • 设备: [小米9 SE]
    • Android版本: [11]
    • MIUI版本: 12.5

    运行日志 top.niunaijun.blackdexa32_logcat.txt

    其他说明

    bug recorded 
    opened by menggangaaa 4
  • 没有一次成功过

    没有一次成功过

    描述错误 简要说明遇到了什么问题

    重现 重现该行为的步骤: 1.xxx 2.xxx

    设备信息

    • 设备: [华为mate30]
    • Android版本: [10]

    运行日志 请提供运行时所有Logcat日志以便我们排查问题,如果您不是开发者请重现问题之后,提供手机存储:/Download/top.niunaijun.blackdex32(64)_logcat.txt 文件的内容,此内容重启应用将重置,请勿重启应用后才发送。

    其他说明

    bug 
    opened by zdongcoding 4
  • 应用dump失败

    应用dump失败

    描述错误 解析dumpdex失败,app闪退

    重现 重现该行为的步骤:

    1. dump "流星清理卫士"
    2. app闪退

    设备信息

    • 设备: [谷歌 coral]
    • Android版本: [10]

    运行日志

    2021-05-25 10:00:16.206 1999-1999/com.android.systemui D/ImageWallpaper: wallpaper visibility changes to: true
    2021-05-25 10:00:16.208 1464-1677/system_process I/ActivityTaskManager: Displayed top.niunaijun.blackdexa32/top.niunaijun.blackbox.proxy.ProxyActivity$P0: +482ms
    2021-05-25 10:00:16.212 781-781/? D/Zygote: Forked child process 13408
    2021-05-25 10:00:16.217 1464-1679/system_process I/ActivityManager: Start proc 13408:com.meteorandroid.server.ctsclean/u0a129 for added application com.meteorandroid.server.ctsclean
    2021-05-25 10:00:16.217 1464-1680/system_process I/libprocessgroup: Successfully killed process cgroup uid 10129 pid 12902 in 42ms
    2021-05-25 10:00:16.218 1464-1680/system_process I/libprocessgroup: Successfully killed process cgroup uid 10129 pid 12859 in 0ms
    2021-05-25 10:00:16.218 1464-1680/system_process I/libprocessgroup: Successfully killed process cgroup uid 10129 pid 12921 in 0ms
    2021-05-25 10:00:16.218 1464-1680/system_process I/libprocessgroup: Successfully killed process cgroup uid 10129 pid 12963 in 0ms
    2021-05-25 10:00:16.218 1464-1680/system_process I/libprocessgroup: Successfully killed process cgroup uid 10129 pid 12939 in 0ms
    2021-05-25 10:00:16.218 811-811/? D/[email protected]: LAUNCH: 0
    2021-05-25 10:00:16.219 1464-1594/system_process I/ActivityManager: Force stopping com.meteorandroid.server.ctsclean appid=10129 user=0: start instr
    2021-05-25 10:00:16.220 1464-1594/system_process I/ActivityManager: Killing 13408:com.meteorandroid.server.ctsclean/u0a129 (adj -10000): stop com.meteorandroid.server.ctsclean
    2021-05-25 10:00:16.220 1464-1594/system_process W/ActivityManager: Crash of app com.meteorandroid.server.ctsclean running instrumentation ComponentInfo{com.meteorandroid.server.ctsclean/com.lazarus.LazarusInstrumentation}
    2021-05-25 10:00:16.221 1464-1594/system_process I/ActivityManager: Force stopping com.meteorandroid.server.ctsclean appid=10129 user=0: finished inst
    2021-05-25 10:00:16.224 1464-1594/system_process I/ActivityManager: Force stopping com.meteorandroid.server.ctsclean appid=10129 user=0: start instr
    2021-05-25 10:00:16.224 1464-1594/system_process I/ActivityManager: Killing 0:com.meteorandroid.server.ctsclean/u0a129 (adj -10000): stop com.meteorandroid.server.ctsclean
    2021-05-25 10:00:16.224 1464-1594/system_process W/ActivityManager: Crash of app com.meteorandroid.server.ctsclean running instrumentation ComponentInfo{com.meteorandroid.server.ctsclean/com.lazarus.LazarusInstrumentation}
    2021-05-25 10:00:16.224 1464-1594/system_process I/ActivityManager: Force stopping com.meteorandroid.server.ctsclean appid=10129 user=0: finished inst
    2021-05-25 10:00:16.230 1464-1594/system_process I/ActivityManager: Force stopping com.meteorandroid.server.ctsclean appid=10129 user=0: start instr
    2021-05-25 10:00:16.230 1464-1594/system_process I/ActivityManager: Killing 0:com.meteorandroid.server.ctsclean/u0a129 (adj -10000): stop com.meteorandroid.server.ctsclean
    2021-05-25 10:00:16.230 1464-1594/system_process W/ActivityManager: Crash of app com.meteorandroid.server.ctsclean running instrumentation ComponentInfo{com.meteorandroid.server.ctsclean/com.lazarus.LazarusInstrumentation}
    2021-05-25 10:00:16.230 1464-1594/system_process I/ActivityManager: Force stopping com.meteorandroid.server.ctsclean appid=10129 user=0: finished inst
    2021-05-25 10:00:16.235 1464-1680/system_process I/libprocessgroup: Successfully killed process cgroup uid 99052 pid 13237 in 0ms
    2021-05-25 10:00:16.235 2283-2283/? I/Zygote: Process 13237 exited due to signal 9 (Killed)
    2021-05-25 10:00:16.236 1464-1680/system_process I/libprocessgroup: Successfully killed process cgroup uid 10129 pid 13408 in 0ms
    2021-05-25 10:00:16.237 1464-2306/system_process W/Parcel: **** enforceInterface() expected 'android.app.IActivityManager' but read ''
    2021-05-25 10:00:16.237 1464-2306/system_process W/Binder: Caught a RuntimeException from the binder stub implementation.
        java.lang.SecurityException: Binder invocation to an incorrect interface
            at android.os.Parcel.nativeEnforceInterface(Native Method)
            at android.os.Parcel.enforceInterface(Parcel.java:623)
            at android.app.IActivityManager$Stub.onTransact(IActivityManager.java:2323)
            at com.android.server.am.ActivityManagerService.onTransact(ActivityManagerService.java:2738)
            at android.os.Binder.execTransactInternal(Binder.java:1021)
            at android.os.Binder.execTransact(Binder.java:994)
    2021-05-25 10:00:16.237 1464-2306/system_process W/Parcel: **** enforceInterface() expected 'android.app.IActivityManager' but read ''
    2021-05-25 10:00:16.237 1464-2306/system_process W/Binder: Caught a RuntimeException from the binder stub implementation.
        java.lang.SecurityException: Binder invocation to an incorrect interface
            at android.os.Parcel.nativeEnforceInterface(Native Method)
            at android.os.Parcel.enforceInterface(Parcel.java:623)
            at android.app.IActivityManager$Stub.onTransact(IActivityManager.java:2323)
            at com.android.server.am.ActivityManagerService.onTransact(ActivityManagerService.java:2738)
            at android.os.Binder.execTransactInternal(Binder.java:1021)
            at android.os.Binder.execTransact(Binder.java:994)
    2021-05-25 10:00:16.240 781-781/? I/Zygote: Process 13408 exited due to signal 9 (Killed)
    2021-05-25 10:00:16.242 1464-1685/system_process E/KernelCpuUidUserSysTimeReader: Negative user/sys time delta for UID=10143
        Prev times: u=22885681061 s=2241507339 Curr times: u=22887115599 s=2241461524
    2021-05-25 10:00:16.242 781-781/? D/Zygote: Forked child process 13414
    2021-05-25 10:00:16.243 1464-1679/system_process W/ActivityManager: ProcessRecord{8c3d308 0:com.meteorandroid.server.ctsclean/u0a129} start not valid, killing pid=13414, killedByAm=true;No entry in mProcessNames;pendingStart=false;
    2021-05-25 10:00:16.243 1464-1679/system_process I/libprocessgroup: Successfully killed process cgroup uid 10129 pid 0 in 0ms
    2021-05-25 10:00:16.247 781-781/? D/Zygote: Forked child process 13420
    2021-05-25 10:00:16.247 781-781/? I/Zygote: Process 13414 exited due to signal 9 (Killed)
    2021-05-25 10:00:16.254 1464-4005/system_process D/ConnectivityService: ConnectivityService NetworkRequestInfo binderDied(NetworkRequest [ TRACK_DEFAULT id=1996, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10129] ], [email protected])
    2021-05-25 10:00:16.254 1464-4006/system_process D/ConnectivityService: ConnectivityService NetworkRequestInfo binderDied(NetworkRequest [ LISTEN id=1997, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10129] ], [email protected])
    2021-05-25 10:00:16.254 1464-4005/system_process D/ConnectivityService: ConnectivityService NetworkRequestInfo binderDied(NetworkRequest [ TRACK_DEFAULT id=1998, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10129] ], [email protected])
    2021-05-25 10:00:16.254 1464-4380/system_process D/ConnectivityService: ConnectivityService NetworkRequestInfo binderDied(NetworkRequest [ LISTEN id=1999, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10129] ], [email protected])
    2021-05-25 10:00:16.254 1464-1929/system_process D/ConnectivityService: releasing NetworkRequest [ TRACK_DEFAULT id=1996, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10129] ] (release request)
    2021-05-25 10:00:16.255 1464-1929/system_process D/ConnectivityService: releasing NetworkRequest [ TRACK_DEFAULT id=1998, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10129] ] (release request)
    2021-05-25 10:00:16.256 781-781/? I/Zygote: Process 12859 exited due to signal 9 (Killed)
    2021-05-25 10:00:16.257 1464-1679/system_process W/ActivityManager: ProcessRecord{7b61fdd 0:com.meteorandroid.server.ctsclean/u0a129} start not valid, killing pid=13420, killedByAm=true;No entry in mProcessNames;pendingStart=false;
    2021-05-25 10:00:16.258 1464-1679/system_process I/libprocessgroup: Successfully killed process cgroup uid 10129 pid 0 in 0ms
    2021-05-25 10:00:16.270 781-781/? D/Zygote: Forked child process 13439
    2021-05-25 10:00:16.271 1464-1679/system_process I/ActivityManager: Start proc 13439:com.meteorandroid.server.ctsclean/u0a129 for added application com.meteorandroid.server.ctsclean
    2021-05-25 10:00:16.274 781-781/? I/Zygote: Process 13420 exited due to signal 9 (Killed)
    2021-05-25 10:00:16.461 1464-1626/system_process I/DropBoxManagerService: add tag=system_server_strictmode isTagEnabled=true flags=0x2
    2021-05-25 10:00:16.722 13439-13439/com.meteorandroid.server.ctsclean I/SecondaryDex: Installing secondary dex
    2021-05-25 10:00:16.723 13439-13439/com.meteorandroid.server.ctsclean I/SecondaryDex: SecondaryDexExtractor(/data/app/com.meteorandroid.server.ctsclean-PshG7MKbIEKDfOSn8s49Pw==/base.apk, /data/user/0/com.meteorandroid.server.ctsclean/code_cache/secondarydexes)
    2021-05-25 10:00:16.724 13439-13439/com.meteorandroid.server.ctsclean I/SecondaryDex: Blocking on lock /data/user/0/com.meteorandroid.server.ctsclean/code_cache/secondarydexes/SecondaryDex.lock
    2021-05-25 10:00:16.724 13439-13439/com.meteorandroid.server.ctsclean I/SecondaryDex: /data/user/0/com.meteorandroid.server.ctsclean/code_cache/secondarydexes/SecondaryDex.lock locked
    2021-05-25 10:00:16.724 13439-13439/com.meteorandroid.server.ctsclean I/SecondaryDex: SecondaryDexExtractor.load(/data/app/com.meteorandroid.server.ctsclean-PshG7MKbIEKDfOSn8s49Pw==/base.apk, false, )
    2021-05-25 10:00:16.726 13439-13439/com.meteorandroid.server.ctsclean I/SecondaryDex: loading existing secondary dex files
    2021-05-25 10:00:16.727 13439-13439/com.meteorandroid.server.ctsclean I/SecondaryDex: load found 0 secondary dex files
    2021-05-25 10:00:16.727 13439-13439/com.meteorandroid.server.ctsclean I/SecondaryDex: install done
    2021-05-25 10:00:16.752 13439-13439/? D/ProcessObserver: onCreate
    2021-05-25 10:00:16.757 13439-13439/? I/server.ctsclea: System.exit called, status: 0
    2021-05-25 10:00:16.757 13439-13439/? I/AndroidRuntime: VM exiting with result code 0, cleanup skipped.
    2021-05-25 10:00:16.477 1464-1626/system_process I/DropBoxManagerService: add tag=system_server_strictmode isTagEnabled=true flags=0x2
    2021-05-25 10:00:16.767 1464-2316/system_process I/ActivityManager: Process com.meteorandroid.server.ctsclean (pid 13439) has died: fore FGS 
    2021-05-25 10:00:16.767 1464-1680/system_process I/libprocessgroup: Successfully killed process cgroup uid 10129 pid 13439 in 0ms
    2021-05-25 10:00:16.767 781-781/? I/Zygote: Process 13439 exited cleanly (0)
    2021-05-25 10:00:16.768 1464-2316/system_process W/ActivityManager: Crash of app com.meteorandroid.server.ctsclean running instrumentation ComponentInfo{com.meteorandroid.server.ctsclean/com.lazarus.LazarusInstrumentation}
    2021-05-25 10:00:16.768 1464-2316/system_process I/ActivityManager: Force stopping com.meteorandroid.server.ctsclean appid=10129 user=0: finished inst
    2021-05-25 10:00:23.633 815-930/? D/ASH: @ 487347.463: SensorType 19 resampler quality 0
    2021-05-25 10:00:23.633 815-930/? D/ASH: @ 487347.463: SensorType 19 resampler quality 1
    2021-05-25 10:00:24.529 815-930/? D/CHRE: @ 487348.351: [ImuCal] Dynamic sensor configuration: high-performance.
    2021-05-25 10:00:24.532 815-930/? D/ASH: @ 487348.362: SensorType 1 resampler quality 2
    2021-05-25 10:00:31.204 821-861/? D/rlsservice: MonitorDisplayStatus client num 1, display status 1, sensor status 0
    2021-05-25 10:00:44.650 602-637/? I/SDM: HWCDisplay::SetActiveConfig: Active configuration changed to: 0
    

    其他说明

    • 附件

    https://sanbo.lanzoui.com/iyULupg33fc 密码:24bb

    bug 
    opened by hhhaiai 4
  • bug

    bug

    描述错误 在3.1版本中脱爱加密的壳,开启hook脱不成功,不开会得到nop

    设备信息

    • 设备: [小米10]
    • Android版本: [10]

    运行日志 请提供运行时所有Logcat日志以便我们排查问题,如果您不是开发者请重现问题之后,提供手机存储:/Download/top.niunaijun.blackdex32(64)_logcat.txt 文件的内容,此内容重启应用将重置,请勿重启应用后才发送。

    其他说明

    bug 
    opened by yj-jwds 3
  • 开启fixCodeItem后脱壳时出现SIGSEGV [SEGV_ACCERR]

    开启fixCodeItem后脱壳时出现SIGSEGV [SEGV_ACCERR]

    描述错误 将项目内的dumpDex实现移植到root模块下,对某游戏进行注入后脱壳时发现smali全是nop(但是没有其他异常,顺利执行),于是开启了fixCodeItem,但是开启后一脱壳直接就崩了

    设备信息

    • 设备: [小米8]
    • Android版本: [8.1.0]

    运行日志 6:08:58.592 10495-10772/? E/CRASH: signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0000007141ff7e80 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: Build type 'Release', Scripting Backend 'il2cpp', CPU 'arm64-v8a' 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: Build fingerprint: 'Xiaomi/dipper/dipper:8.1.0/OPM1.171019.026/V10.0.6.0.OEACNFH:user/release-keys' 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: Revision: '0' 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: pid: 10495, tid: 10772, name: pool-1-thread-1 >>> com.xxx.xxx <<< 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: x0 000000710f7bc208 x1 0000007141ff7e80 x2 0000000000000018 x3 0000000000000030 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: x4 000000711ffc0910 x5 00000071ddc25465 x6 0000000000000005 x7 000000000000fffd 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: x8 000000710f7bc208 x9 000000000026ae64 x10 0000000000000000 x11 0000007141ff7e80 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: x12 0000000000000018 x13 0000000000000018 x14 0000000000000000 x15 0000000000000000 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: x16 00000071412618c0 x17 00000071de6f6b90 x18 0000000012d2bcf8 x19 0000007115717000 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: x20 0000000000000000 x21 0000007115717000 x22 000000711ffc17fc x23 00000071ddc264c8 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: x24 0000000000000010 x25 000000711ffc2588 x26 00000071157170a0 x27 0000000000000004 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: x28 000000711ffc1530 x29 000000711ffc0eb0 x30 00000071411502c0 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: sp 000000711ffc0cb0 pc 00000071de6f6ba8 pstate 0000000020000000 2021-06-17 06:08:58.592 10495-10772/? E/CRASH: backtrace: 2021-06-17 06:08:58.619 10495-10772/? E/CRASH: #00 pc 000000000000068c [vdso] () 2021-06-17 06:08:58.619 10495-10772/? E/CRASH: #01 pc 0000000000001ba4 /system/lib64/libc.so () 2021-06-17 06:08:58.619 10495-10772/? E/CRASH: #02 pc 00000000000722bc () 这个就是dumpDex所在的so

    其他说明

    ida看了一下,崩在了fixCodeItem里最后那个memcpy上,看了下寄存器,应该是崩在了source地址,也就是new_code_item上

    __int64 __fastcall fixCodeItem(main *a1, const art_lkchan::DexFile *a2, __int64 a3) {  __int64 result; // x0  __int64 v4; // x1  const char *v5; // x4  void *v6; // x1  const char *v7; // [xsp+40h] [xbp-1C0h]  _JNIEnv *v8; // [xsp+50h] [xbp-1B0h]  unsigned int v9; // [xsp+84h] [xbp-17Ch]  __int64 v10; // [xsp+98h] [xbp-168h]  size_t v11; // [xsp+B4h] [xbp-14Ch]  void *v12; // [xsp+B8h] [xbp-148h]  ArtM *v13; // [xsp+C0h] [xbp-140h]  __int64 v14; // [xsp+C8h] [xbp-138h]  const char *v15; // [xsp+D0h] [xbp-130h]  __int64 v16; // [xsp+D8h] [xbp-128h]  __int64 v17; // [xsp+F8h] [xbp-108h]  const unsigned __int8 *v18; // [xsp+100h] [xbp-100h]  unsigned __int16 *v19; // [xsp+108h] [xbp-F8h]  unsigned __int64 i; // [xsp+110h] [xbp-F0h]  const void *v24; // [xsp+140h] [xbp-C0h]  __int64 v25[2]; // [xsp+160h] [xbp-A0h] BYREF  char v26[24]; // [xsp+170h] [xbp-90h] BYREF  char v27[24]; // [xsp+188h] [xbp-78h] BYREF  char v28[72]; // [xsp+1A0h] [xbp-60h] BYREF  __int64 v29; // [xsp+1E8h] [xbp-18h]

     v29 = *(_QWORD *)(_ReadStatusReg(ARM64_SYSREG(3, 3, 13, 0, 2)) + 40);  for ( i = 0LL; ; ++i )  {   result = art_lkchan::DexFile::NumClassDefs(a2);   if ( i >= (unsigned int)result )    break;   v19 = (unsigned __int16 *)art_lkchan::DexFile::GetClassDef(a2, (unsigned __int16)i);   v18 = (const unsigned __int8 *)art_lkchan::DexFile::GetClassData(a2, v19);   v17 = art_lkchan::DexFile::GetTypeId(a2, *v19);   v10 = art_lkchan::DexFile::GetTypeDescriptor(a2, v17);   std::string::basic_string<decltype(nullptr)>(v27, v10);   if ( v18 )   {    art_lkchan::ClassDataItemIterator::ClassDataItemIterator((art_lkchan::ClassDataItemIterator *)v28, a2, v18);    art_lkchan::ClassDataItemIterator::SkipAllFields((art_lkchan::ClassDataItemIterator *)v28);    while ( (art_lkchan::ClassDataItemIterator::HasNextMethod(v28) & 1) != 0 )    {     v9 = art_lkchan::ClassDataItemIterator::GetMemberIndex(v28);     v16 = art_lkchan::DexFile::GetMethodId(a2, v9);     v15 = (const char *)art_lkchan::DexFile::GetMethodName(a2, v16);     v25[0] = art_lkchan::DexFile::GetMethodSignature(a2, v16);     v25[1] = v4;     art_lkchan::Signature::ToString(v25);     v8 = (_JNIEnv *)sub_73268(v27);     v7 = (const char *)sub_73268(v26);     v14 = main::findMethod(a1, v8, v15, v7, v5);     if ( v14 )     {      v13 = (ArtM *)ArtM::GetArtMethod(a1, v14);      v12 = (void )art_lkchan::ClassDataItemIterator::GetMethodCodeItem(v28);      if ( (unsigned int)art_lkchan::ClassDataItemIterator::GetMethodCodeItemOffset(v28) )      {       if ( v12 )       {        v11 = ((__int64 (__fastcall **)(const art_lkchan::DexFile *, void ))((_QWORD *)a2 + 48LL))(a2, v12);        v24 = (const void *)(a3 + (unsigned int)ArtM::GetArtMethodDexCodeItemOffset(v13, v6));        memcpy(v12, v24, v11);  //崩在了这里       }      }     }     else     {      _JNIEnv::ExceptionClear((_JNIEnv *)a1);     }     art_lkchan::ClassDataItemIterator::Next((art_lkchan::ClassDataItemIterator *)v28);     std::string::~string(v26);    }   }   std::string::~string(v27);  }  _ReadStatusReg(ARM64_SYSREG(3, 3, 13, 0, 2));  return result; }

    bug 
    opened by necuil 3
  • 大大们请教个问题,关于修改包名

    大大们请教个问题,关于修改包名

    前面有issue提到,最新加壳会检测包名,所以我改了包名,app启动正常,但是脱壳时会超时报错。 我看了下没有输出log文件,但是脱壳时logcat有这个报错:

    java.lang.NullPointerException: Attempt to invoke virtual method 'android.content.Context android.app.Application.getApplicationContext()' on a null object reference
            at android.app.ActivityThread.handleConfigurationChanged(ActivityThread.java:6591)
            at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:4227)
            at android.app.servertransaction.LaunchActivityItem.execute(LaunchActivityItem.java:91)
            at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:149)
            at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:103)
            at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2613)
            at android.os.Handler.dispatchMessage(Handler.java:110)
            at android.os.Looper.loop(Looper.java:219)
            at android.app.ActivityThread.main(ActivityThread.java:8676)
            at java.lang.reflect.Method.invoke(Native Method)
            at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:513)
            at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1109)
    

    github上的release apk是可以正常工作的,我自己改包名编译的apk不行。 全局搜了下,该refactor的都改了,相应的string也替换了,实在找不到问题,求助

    opened by Synaric 1
  • 爱加密脱壳失败

    爱加密脱壳失败

    测试伪爱加密和爱加密均无法脱壳 伪爱加密可以通过关闭Hook dump来脱壳,但脱出来的是残废dex,无法正常运行 爱加密无法通过调整hook dump与深度脱壳来进行脱壳,BlackDex64会直接闪退,BlackDex32会卡死一会后报错

    设备使用: Samsung Galaxy S10 Android: OneUI 3.1 , Android 11 包: com.sfacg 日志文件

    opened by 3JoB 1
  • 有些app安装后没有出现在脱壳列表内,是为什么

    有些app安装后没有出现在脱壳列表内,是为什么

    描述错误 安装blackdex后,进入脱壳列表没有看到安装的应用程序,只有少数的app出现在列表捏

    重现 重现该行为的步骤: 1.xxx 2.xxx

    设备信息

    • 设备: pixel3
    • Android版本: [10]

    运行日志 请提供运行时所有Logcat日志以便我们排查问题,如果您不是开发者请重现问题之后,提供手机存储:/Download/top.niunaijun.blackdex32(64)_logcat.txt 文件的内容,此内容重启应用将重置,请勿重启应用后才发送。

    其他说明

    bug 
    opened by BiteFoo 1
  • vivo Z3 卡启动页面

    vivo Z3 卡启动页面

    描述错误 vivo Z3 删除了一些文件卡启动页面(不闪退)

    重现 重现该行为的步骤: 1.用i管家和清浊和ES文件浏览器清理除apk以外的所有文件 2.手动删除所有隐藏文件 3.然后就打不开了。。。(不闪退)

    设备信息

    • 设备: [vivo Z3]
    • Android版本: [9]

    运行日志 请提供运行时所有Logcat日志以便我们排查问题,如果您不是开发者请重现问题之后,提供手机存储:/Download/top.niunaijun.blackdex32(64)_logcat.txt 文件的内容,此内容重启应用将重置,请勿重启应用后才发送。

    我没找到这个文件。。。。。。

    其他说明

    bug 
    opened by bestlake 0
  • Jbjb

    Jbjb

    描述错误 简要说明遇到了什么问题

    重现 重现该行为的步骤: 1.xxx 2.xxx

    设备信息

    • 设备: [小米10]
    • Android版本: [10]

    运行日志 请提供运行时所有Logcat日志以便我们排查问题,如果您不是开发者请重现问题之后,提供手机存储:/Download/top.niunaijun.blackdex32(64)_logcat.txt 文件的内容,此内容重启应用将重置,请勿重启应用后才发送。

    其他说明 Bj

    bug 
    opened by jvjfkgv 0
  • 爱加密企业版失败

    爱加密企业版失败

    堆栈信息: 2022-03-25 14:56:18.428 10753-10753/? W/BootstrapClass: reflect bootstrap failed: java.lang.reflect.InvocationTargetException at java.lang.reflect.Method.invoke(Native Method) at me.weishu.reflection.BootstrapClass.(BootstrapClass.java:29) at me.weishu.reflection.BootstrapClass.exemptAll(Unknown Source:0) at me.weishu.reflection.Reflection.unseal(Reflection.java:34) at top.niunaijun.blackbox.BlackBoxCore.doAttachBaseContext(BlackBoxCore.java:82) at top.niunaijun.blackbox.BlackDexCore.doAttachBaseContext(BlackDexCore.java:35) at top.niunaijun.blackdex.app.BlackDexLoader.attachBaseContext(BlackDexLoader.kt:39) at top.niunaijun.blackdex.app.AppManager.doAttachBaseContext(AppManager.kt:13) at top.niunaijun.blackdex.app.App.attachBaseContext(App.kt:31) at android.app.Application.attach(Application.java:338) at android.app.Instrumentation.newApplication(Instrumentation.java:1190) at android.app.LoadedApk.makeApplication(LoadedApk.java:1356) at android.app.ActivityThread.handleBindApplication(ActivityThread.java:6723) at android.app.ActivityThread.access$1500(ActivityThread.java:256) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2091) at android.os.Handler.dispatchMessage(Handler.java:106) at android.os.Looper.loopOnce(Looper.java:201) at android.os.Looper.loop(Looper.java:288) at android.app.ActivityThread.main(ActivityThread.java:7870) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1003) Caused by: java.lang.NoSuchMethodException: dalvik.system.VMRuntime.setHiddenApiExemptions [class [Ljava.lang.String;] at java.lang.Class.getMethod(Class.java:2103) at java.lang.Class.getDeclaredMethod(Class.java:2081) at java.lang.reflect.Method.invoke(Native Method)  at me.weishu.reflection.BootstrapClass.(BootstrapClass.java:29)  at me.weishu.reflection.BootstrapClass.exemptAll(Unknown Source:0)  at me.weishu.reflection.Reflection.unseal(Reflection.java:34)  at top.niunaijun.blackbox.BlackBoxCore.doAttachBaseContext(BlackBoxCore.java:82)  at top.niunaijun.blackbox.BlackDexCore.doAttachBaseContext(BlackDexCore.java:35)  at top.niunaijun.blackdex.app.BlackDexLoader.attachBaseContext(BlackDexLoader.kt:39)  at top.niunaijun.blackdex.app.AppManager.doAttachBaseContext(AppManager.kt:13)  at top.niunaijun.blackdex.app.App.attachBaseContext(App.kt:31)  at android.app.Application.attach(Application.java:338)  at android.app.Instrumentation.newApplication(Instrumentation.java:1190)  at android.app.LoadedApk.makeApplication(LoadedApk.java:1356)  at android.app.ActivityThread.handleBindApplication(ActivityThread.java:6723)  at android.app.ActivityThread.access$1500(ActivityThread.java:256)  at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2091)  at android.os.Handler.dispatchMessage(Handler.java:106)  at android.os.Looper.loopOnce(Looper.java:201)  at android.os.Looper.loop(Looper.java:288)  at android.app.ActivityThread.main(ActivityThread.java:7870)  at java.lang.reflect.Method.invoke(Native Method)  at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548)  at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1003) 

    opened by jialiQAQ 0
  • Ismail

    Ismail

    描述错误 简要说明遇到了什么问题

    重现 重现该行为的步骤: 1.xxx 2.xxx

    设备信息

    • 设备: [小米10]
    • Android版本: [10]

    运行日志 请提供运行时所有Logcat日志以便我们排查问题,如果您不是开发者请重现问题之后,提供手机存储:/Download/top.niunaijun.blackdex32(64)_logcat.txt 文件的内容,此内容重启应用将重置,请勿重启应用后才发送。

    其他说明

    bug 
    opened by Ismailsenlier64522 1
Releases(v3.2)
HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of principals on pools of target hosts without the need to push customized authorized_users files periodically.

HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of principals on pools of target hosts without the need to push customized authorized_users files periodically.

Google 319 May 19, 2022
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps. Using raw RDP cache tile bitmaps extracted by tools like e.g. ANSSI's BMC-Tools as input, it provides a graphical user interface and several placement heuristics for stitching tiles together so that meaningful images or even full screenshots can be reconstructed.

Bundesamt für Sicherheit in der Informationstechnik 162 Jun 17, 2022
A giant list of any useful signatures for developing CSGO cheats.

csgo-signatures A giant list of any useful signatures for developing CSGO cheats. If one of them doesn't work or is incorrect, please let me know and

KittenPopo 67 Mar 16, 2022
FractalCrypt - Free cryptoarchiver permitting any number of hidden volumes for deniable encryption

FractalCrypt - Free cryptoarchiver permitting any number of hidden volumes for deniable encryption

Ivan Serov 344 Jun 14, 2022
CS 244B project to use a public blockchain as a two-phase commit coordinator to securely commit an atomic transaction across any two systems of a database.

blockchain-2pc CS 244B project to use a public blockchain as a two-phase commit coordinator to securely commit an atomic transaction across any two sy

null 4 Jun 13, 2022
x509cert is a tool and library for generating X.509 certificates and certificate requests.

x509cert is a tool and library for generating X.509 certificates and certificate requests. It is written in C99 and uses BearSSL to decode keys and compute signatures.

Michael Forney 9 Nov 25, 2021
Text-Crypt is a tool which encrypts and decrypts texts using a specific and certain key.

Text-Crypt is a tool which encrypts and decrypts texts using a specific and certain key. This tool uses Caesar Cypher Algorithm to encrypt and decrypt a given text.

AnonabdulJ 4 Dec 24, 2021
Library and command line tool to detect SHA-1 collision in a file

sha1collisiondetection Library and command line tool to detect SHA-1 collisions in files Copyright 2017 Marc Stevens [email protected] Distributed

Marc Stevens 1.2k Jun 24, 2022
A useful tool for identifying the architecture, platform type, compiler, and operating system specifications by preprocessor feature support.

Platform-Detector Cross-Platform Information Detector It is a useful tool for identifying the architecture, platform type, compiler, and operating sys

Kambiz Asadzadeh 7 Apr 21, 2022
A Powerful, Easy-to-Use, Compact, Cross-Platform and Installation-Free Crypto Tool. 一个强大,易用,小巧,跨平台且免安装的加密解密签名工具。

GpgFrontend GpgFrontend is a Powerful, Easy-to-Use, Compact, Cross-Platform, and Installation-Free OpenPGP Crypto Tool. By using GpgFrontend, you can

Saturn&Eric 142 Jun 28, 2022
Stegreg is a steganography tool made in C++ that encrypt and hide your data inside an image.

Stegreg Introduction Stegreg is a steganography tool made in C++ that encrypt and hide your data inside an image. Installation git clone https://githu

0UR4N05 27 Jun 10, 2022
This tool demonstrates the power of UAC bypasses and built-in features of Windows.

Auto-Elevate This tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe, steals and imp

null 116 Jun 20, 2022
Rubicon - a New Custom Encryption Algorithm/Tool

Rubicon - a New Custom Encryption Algorithm/Tool Disclaimer DO NOT use this project for purposes other than legitimate red teaming/pentesting jobs

null 25 Mar 12, 2022
FCracker is a command line tool designed to brute force encrypted files like zip, 7z, rar, pdf etc.

FCrack is a command-line tool designed to brute force encrypted files like zip, 7z, rar, pdf, gpg etc.

null 17 Apr 27, 2022
UnrealKey is a tool for automatically finding the AES-256 decryption keys for Unreal Engine 4 encrypted pak files.

UnrealKey UnrealKey is a tool for automatically finding the AES-256 decryption keys for Unreal Engine 4 encrypted pak files.

Devin Acker 22 Apr 24, 2022
CoinBrowser is a tool for Freqtrade where the program writes pairs into text file to be used with spesific exchange.

CoinBrowser CoinBrowser is a tool for Freqtrade where the program writes pairs into text file to be used with spesific exchange. Data for this program

null 22 Feb 28, 2022
A tool to decrypt Call of Duty: World War II's Fast File

A tool to decrypt Call of Duty: World War II's Fast File. This tool was made to allow people making HUDs in Call of Duty: Black Ops III's mod tools to aquire the assets needed to port HUDs from Call of Duty: World War II.

Philip 4 Jan 26, 2022
SM2 simple tool class(C++)/function(C) written using openssl EVP (Based on OpenSSL 1.1.1).

sm2-EVP This project is a simple sm2 tool class(C++)/function(C) written using openssl EVP. Capable Function Brief CPP C GenEcPairKey Generate SM2 Key

Sovea 3 Mar 20, 2022