search

charles2gan / GDA-android-reversing-Tool

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.
https://twitter.com/charles_gan1
Apache License 2.0
4.2k stars 525 forks source link

最新版反编译bug #103

Open bhwxha opened 2 years ago

bhwxha commented 2 years ago

链接:https://drive.google.com/file/d/1_LvHtYY4MnBa3zBZ-WbXJ6gsQi7SeysM/view?usp=sharing

方法:com.qq.e.comm.plugin.a.d.a(JSONObject jSONObject, c cVar)

image

只对p1.c()进行getBytes

但实际上是对前面所有字符串进行getBytes image

charles2gan commented 2 years ago

谢谢,已经加入修复列表。

bhwxha commented 2 years ago

@charles2gan 新的2个bug

链接:https://drive.google.com/file/d/13OflkLZUEUXDYqxwujTVCwqEuLy2IRZW/view?usp=sharing

方法:a.a.a.a$c.run()

image

image

方法:a.a.a.a.a(byte[] content)

image

image

charles2gan commented 2 years ago

ok, 感谢反馈!

charles2gan commented 2 years ago

你提供的链接:https://drive.google.com/file/d/1_LvHtYY4MnBa3zBZ-WbXJ6gsQi7SeysM/view?usp=sharing 里没有方法:com.qq.e.comm.plugin.a.d.a(JSONObject jSONObject, c cVar)。 你确认一下是否传错了文件。

bhwxha commented 2 years ago

@charles2gan 我把链接文件又下载下来看了一下,没错,有这个方法 你再检查一下,看看能否找到?

image

charles2gan commented 2 years ago

重新下了你的APK,有了

bhwxha commented 2 years ago

@charles2gan 新的bug: 链接:https://drive.google.com/file/d/1wBXoLXEbEHpTmLhojIm9EuptBTV1nDJZ/view?usp=sharing 方法:com.kanxue.cipher7test.MainActivity$1.onClick(android.view.View) : void

image image

GDA是优秀的反编译器,但最近的伪代码bug有些多,无奈,能否检查优化这块的代码?

charles2gan commented 2 years ago

收到,回头我看看,下个版本修复。

bhwxha commented 2 years ago

@charles2gan 新的bug: 链接:https://drive.google.com/file/d/10Pp4i9sHThylR5JNSpK6MRPXNLBa-VKb/view?usp=sharing 方法:com.meituan.android.common.datacollection.DataProcessor.collectData(android.content.Context) : byte[]

image

image

charles2gan commented 2 years ago

感谢反馈,已经加入修复列表。

bhwxha commented 1 year ago

@charles2gan GDA4.04 bug:

链接:https://drive.google.com/file/d/1uLQ83wUG9V4LZrihEZ3jVVznefuDZeYZ/view?usp=share_link 方法:formatFa.comic.FAppProtect.onCreate

根据smali,应该是和-1进行比较,此外,代码块里面的数字也许用10进制,会比较清晰?用this.id而不是i.id,会比较清晰?

image

image

bhwxha commented 1 year ago

@charles2gan gda 4.04 bug app:https://drive.google.com/file/d/1w3ZTTSDu54qrSfao7KfDlmffId3MKTWO/view?usp=share_link

method:com.meituan.android.common.mtguard.wtscore.plugin.sign.core.a.a(android.content.Context, java.net.URI, boolean, byte[], java.lang.String, java.lang.String, java.util.Map, java.lang.String, java.util.Map) : java.net.URI

v9应该是个类实例,但是gda的伪代码缺失了它的初始化

jeb image

gda image

bhwxha commented 1 year ago

@charles2gan gda 4.04 bug app:https://drive.google.com/file/d/1w3ZTTSDu54qrSfao7KfDlmffId3MKTWO/view?usp=share_link method:com.meituan.android.common.mtguard.wtscore.plugin.sign.core.d.a(java.util.List, java.lang.String) : void

gda gda bug 美团 58e965873808a49c10301dfd631cb04e

jadx image