search

Impact-I / reFlutter

Flutter Reverse Engineering Framework
GNU General Public License v3.0
1.77k stars 219 forks source link

dump.dart not found #221

Closed BrilliantFish closed 1 year ago

BrilliantFish commented 1 year ago

Why there is no dump.dart file, I hope to get an answer, thanks a lot.

BrilliantFish commented 1 year ago

There is my flutter & dart version:

BrilliantFish commented 1 year ago

Now I try again, success, wow

alanEG commented 1 year ago

Hi @BrilliantFish I can't find it how did you solve that

AbhiTheModder commented 1 year ago

Hi @BrilliantFish I can't find it how did you solve that

Repack with reflutter and make sure you sign it with uber-apksigner as allowdebug enabled

Atlast run the app for quite a while then try to extract it

alanEG commented 1 year ago

Thank you @AbhiTheModder for your replay

I did all of that and there is no dump.dart 

Null@Null:~/Desktop$ reflutter pokatmon-app.apk                                                         

 Choose an option:           

 1. Traffic monitoring and interception 
 2. Display absolute code offset for functions                                                            

 [1/2]? 2                                                                                                 

 This mode is only for dump and offset output, slow application operation is possible (network patch is still left)

Example: (x.x.x.x) etc.                                                                             
Please enter your BurpSuite IP: x.x.x.x

 Wait...

SnapshotHash: adf563436d12ba0d50ea5beb7f3be1bb
The resulting apk file: ./release.RE.apk
Please sign,align the apk file

Configure Burp Suite proxy server to listen on *:8083 
Proxy Tab -> Options -> Proxy Listeners -> Edit -> Binding Tab

Then enable invisible proxying in Request Handling Tab
Support Invisible Proxying -> true
anany@anany:~/Desktop$ java -jar uber-apk-signer-1.3.0.jar --allowResign -a release.RE.apk 
source:
        /home/anany/Desktop
zipalign location: BUILT_IN 
        /tmp/uapksigner-6020864209158665248/linux-zipalign-33_0_25658768111153528889.tmp
keystore:
        [0] 161a0018 /tmp/temp_8433271430478553380_debug.keystore (DEBUG_EMBEDDED)

01. release.RE.apk

        SIGN
        file: /home/anany/Desktop/release.RE.apk (11.88 MiB)
        checksum: 9700a0e3e6fa9b37fac7a804367faa65a8ec6896c1860a4f7924f4306ab5cbc8 (sha256)
        - zipalign success
        - sign success

        VERIFY
        file: /home/anany/Desktop/release.RE-aligned-debugSigned.apk (11.88 MiB)
        checksum: 3808c08bfb7496b68d5da91b4235561f29cef08dd2e4d4aca1dc42a2f1594f6b (sha256)
        - zipalign verified
        - signature verified [v1, v2, v3]
                23 warnings
                Subject: CN=Android Debug, OU=Android, O=US, L=US, ST=US, C=US
                SHA256: 1e08a903aef9c3a721510b64ec764d01d3d094eb954161b62544ea8f187b5953 / SHA256withRSA
                Expires: Thu Mar 10 22:10:05 EET 2044

[Thu Aug 24 17:02:26 EEST 2023][v1.3.0]
Android: 11
Emulator: waydroid

I did exactly like what the docs say

And I waited a long time around 30min playing on the app but still nothing

AbhiTheModder commented 1 year ago

Tf bruh you need to provide your IP not x.x.x.x 😑

On Thu, Aug 24, 2023, 7:36 PM ElAnanyPwn @.***> wrote:

Thank you @AbhiTheModder https://github.com/AbhiTheModder for your replay

I did all of that and there is no dump.dart

@.***:~/Desktop$ reflutter pokatmon-app.apk

Choose an option:

  1. Traffic monitoring and interception

  2. Display absolute code offset for functions

    [1/2]? 2

    This mode is only for dump and offset output, slow application operation is possible (network patch is still left)

Example: (x.x.x.x) etc. Please enter your BurpSuite IP: x.x.x.x

Wait...

SnapshotHash: adf563436d12ba0d50ea5beb7f3be1bb The resulting apk file: ./release.RE.apk Please sign,align the apk file

Configure Burp Suite proxy server to listen on *:8083 Proxy Tab -> Options -> Proxy Listeners -> Edit -> Binding Tab

Then enable invisible proxying in Request Handling Tab Support Invisible Proxying -> true

@.***:~/Desktop$ java -jar uber-apk-signer-1.3.0.jar --allowResign -a release.RE.apk source: /home/anany/Desktop zipalign location: BUILT_IN /tmp/uapksigner-6020864209158665248/linux-zipalign-33_0_25658768111153528889.tmp keystore: [0] 161a0018 /tmp/temp_8433271430478553380_debug.keystore (DEBUG_EMBEDDED)

  1. release.RE.apk

    SIGN
file: /home/anany/Desktop/release.RE.apk (11.88 MiB)
checksum: 9700a0e3e6fa9b37fac7a804367faa65a8ec6896c1860a4f7924f4306ab5cbc8 (sha256)
- zipalign success
- sign success

VERIFY
file: /home/anany/Desktop/release.RE-aligned-debugSigned.apk (11.88 MiB)
checksum: 3808c08bfb7496b68d5da91b4235561f29cef08dd2e4d4aca1dc42a2f1594f6b (sha256)
- zipalign verified
- signature verified [v1, v2, v3]
        23 warnings
        Subject: CN=Android Debug, OU=Android, O=US, L=US, ST=US, C=US
        SHA256: 1e08a903aef9c3a721510b64ec764d01d3d094eb954161b62544ea8f187b5953 / SHA256withRSA
        Expires: Thu Mar 10 22:10:05 EET 2044

[Thu Aug 24 17:02:26 EEST 2023][v1.3.0]

Android: 11 Emulator: waydroid

I did exactly like what the docs say

And I waited a long time around 30min playing on the app but still nothing

— Reply to this email directly, view it on GitHub https://github.com/Impact-I/reFlutter/issues/221#issuecomment-1691751112, or unsubscribe https://github.com/notifications/unsubscribe-auth/AUQAJZV4IUDKDMUHJOFYUVDXW5NVHANCNFSM6AAAAAAVH3JF5I . You are receiving this because you were mentioned.Message ID: @.***>

AbhiTheModder commented 1 year ago

@alanEG Read more on the blog for full detailed instructions with practical example: https://swarm.ptsecurity.com/fork-bomb-for-flutter/