Closed malebuffy closed 6 years ago
Just curious, is adb started as root? I.e. if you adb shell
do you get a root prompt? If not, try running adb root
to restart adb in root mode.
Well it was just that. Thanks btw! I did a:
adb shell
and then a su
and granted adb SU permissions
after that I run Kisskiss however I got a error message:
An error occurred attaching and finding the memory. The app is packed with Qihoo...
-1 is service pid -1 is clone pid
is also strange...
adb shell ./data/local/tmp/kisskiss com.package.name.to.unpack
is an example command. Where com.package.name.to.unpack
you will need to put the package name to unpack.
:)
I know I am using the correct name ie.
com.myqihoopackedapp.example.
Just thought that it is obvious.
It sounds like either it isn't properly running as root or potentially SELinux is dropped the permission in some sort of way.
Just thought that it is obvious.
You would assume, however there are multiple times people have had issues with this...
To clarify, you're dropping into an adb shell, then escalating to root via su, then attempting to run kisskiss while in the root shell?
Can you provide the binary you're running it against incase this is binary specific?
So I rerooted the phone, compiled everything again and now when I run the app and the unpacker, it finds the app in the memory but I get the following messages which isnt promising:
[*] Nothing special found, assuming Bangcle...
[!] Something unexpected happened, new version of packer/protectors? Or it wasnt packed/protected!
Well it is protected so I guess its a new version of Qihoo. Any chance of this new version of packer/protector implemented or is the develpoment of this unpacker stopped?
Would there be another solution we could try?
Thanks for this great package and support btw!
If you provide the file I can't quickly look at it and see if it's an error or a new version entirely. If it's a new version entirely, it might get put on the back burner for a bit - though I can add it to the issues tab for getting around to it.
The file can be found here. I am curious what the outcome will be:
https://dl.dropboxusercontent.com/u/102537211/iviewHD_1.1.40.apk
After further investigation running APKiD on the above .apk, I get following results.
-> Packer: Jiagu -> compiler: dexlib 2.x
Although when I try to decompile it creates a folder named qihoo where my source should be.
Any information of this Jiagu packer and a way around it?
Ah glad you used APKiD :)
Jiagu is an interesting one - it's from Tencent and depending on the version can easily be dumped from memory. I'll try to dig into this on the weekend -- I'll be traveling for a holiday party and might have some time in the airport to do this.
Just watch out for Airport Security....lol
Did you have time to figure something out?
I did not, it's on the todo list... Maybe sometime this week? My suggestion though would be to fire up a device or emulator and potentially run the gdb
script. It seeks the memory locations looking for the Dalvik headers. You could also reproduce this manually.
yey something to kill time! will dig into it.
Didn't manage to do it. I suppose it's too advanced for me!
Going to close this as it should now be fixed. Also this issue conflates too many issues together.
Hello,
I have managed to compile and use adb to push kiskiss to a rooted galaxy s3 with android 4.3. However, when I try the last adb command
adb shell ./data/local/tmp/kisskiss com.package.name.to.unpack
I get a error Not root, quitting although the device is rooted.
What can be the problem?