search

worawit / blutter

Flutter Mobile Application Reverse Engineering Tool
MIT License
760 stars 128 forks source link

DartDumper.cpp: 600: error: Unhandle internal class #19

Closed mragonias closed 7 months ago

mragonias commented 7 months ago

` python3 blutter.py "/mnt/c/Users/mrago/Downloads/uav292/lib/arm64-v8a" outuav2921 --rebuild

Dart version: 3.0.5, Snapshot: 90b56a561f70cd55e972cb49b79b3d8b, Target: android arm64 -- Configuring done (15.6s) -- Generating done (0.4s) -- Build files have been written to: /mnt/c/Users/mrago/Documents/frida/blutter-main/build/blutter_dartvm3.0.5_android_arm64 [22/22] Linking CXX executable blutter_dartvm3.0.5_android_arm64 -- Install configuration: "Release" -- Installing: /mnt/c/Users/mrago/Documents/frida/blutter-main/blutter/../bin/blutter_dartvm3.0.5_android_arm64 libapp is loaded at 0x7fd0bf1eb000 Dart heap at 0x7fcf00000000 Analyzing the application Dumping Object Pool /mnt/c/Users/mrago/Documents/frida/blutter-main/blutter/src/DartDumper.cpp: 600: error: Unhandle internal class `

yzctzl commented 7 months ago

I think you should upload your apk file, will help locate the error. AFAIK the reason for this error is that some predefined classes in internal VM are not properly converted to strings.

mragonias commented 7 months ago

I put here libapp/libflutter from 3 differents dart version from 3 different version of same app with DartDumper.cpp: 600: error: Unhandle internal class. https://www.mediafire.com/file/cri6unt2xrah98w/Libs.zip/file

yzctzl commented 7 months ago

i found it, you can just try comment the FATAL() in DartDumper.cpp line 600 or add something like that diff

diff --git a/blutter/src/DartDumper.cpp b/blutter/src/DartDumper.cpp
index 0014cdd..117b097 100644
--- a/blutter/src/DartDumper.cpp
+++ b/blutter/src/DartDumper.cpp
@@ -590,6 +590,11 @@ std::string DartDumper::ObjectToString(dart::Object& obj, bool simpleForm, bool
        }
        case dart::kInstanceCid:
                return std::format("Obj!Object@{:x}", (uint32_t)(intptr_t)obj.ptr());
+       case dart::kLibraryPrefixCid:{
+               const auto& prefix = dart::LibraryPrefix::Cast(obj);
+               const dart::String& name = dart::String::Handle(prefix.name());
+               return std::format("LibraryPrefix: {}@{:x}", name.ToCString(), (uint32_t)(intptr_t)obj.ptr());
+       }
        // TODO: enum subclass
        }
mragonias commented 7 months ago

Thanks you!! Works perfectly

worawit commented 7 months ago

Thanks @yzctzl for the patch. This is my first time seeing LibraryPrefix object in a flutter application. I will investigate more.