Recovering all ASM instructions even when AOT snapshot is compiled with `dwarf-stack-traces` mode

worawit / blutter

Flutter Mobile Application Reverse Engineering Tool

MIT License

752 stars 128 forks source link

Recovering all ASM instructions even when AOT snapshot is compiled with `dwarf-stack-traces` mode #77

Open exhumea opened 2 weeks ago

exhumea commented 2 weeks ago

From what I get, blutter is failing at recovering most of ASM instructions when AOT snapshot is compiled with dwarf-stack-traces mode (in particular, as soon as flutter app is built with --obfuscate flag), since CodeSourceMap objects are no longer present in snapshot.

Do you have any plan to also support this case in blutter, or any ideas on how we could handle this case as well?

worawit commented 1 week ago

By default, obfuscated flutter app is stripped. So, the Dart functions information in dwarf is removed.

To recover all functions, I plan to do linear sweep disassembling and function call analysis. I still have no time to do it.