[feature]APK Dalvik Signature Lookup

skylot / jadx

Dex to Java decompiler

Apache License 2.0

40.96k stars 4.81k forks source link

[feature]APK Dalvik Signature Lookup #2201

Open imanbingi opened 3 months ago

imanbingi commented 3 months ago

Describe your idea

Hi there, Great job done. I want to know if it is possible to add something similar to IDA Pro FLIRT as follows: 1.Create signatures of standard/3rd party library dalvik functions. 2.Apply a lookup for these functions instead of decompilation. I think this may help to isolate actual user code from library codes and avoid the repetition of identifying/decompiling library codes for every single APK. Thankx.

jpstotz commented 1 month ago

Developing a signature format that is compiler agnostic (and may be even obfuscator agnostic) is quite a bit of work and then processing thousand of libraries to generate the signatures, providing them for download, refreshing them when new versions come out....

Jadx-Gui has a plugin system. Feel free to write and publish such a library identification plugin.

imanbingi commented 1 month ago

Great to hear that. I will take this on in my spare time. However, I may need the following about jadx flow chain to get started:

API to hook after jadx deobfuscation.
Overview of jadx code generation architecture.