Awesome
JNI Helper
Find JNI function signatures in APK and apply to reverse tools.
Basic Usage
- Use extract_jni.py to generate
signature.json - Load
signature.jsoninto Ghidra/IDA/BinaryNinja
extract_jni.py
Install dependences:
pip3 install -r requirements.txt
Usage:
$ ./extract_jni.py -h
usage: extract_jni.py [-h] [-j WORKERS] [-o OUTFILE] apk
positional arguments:
apk /path/to/apk
optional arguments:
-h, --help show this help message and exit
-j WORKERS parse apk with multiple workers(processes) (default: 8)
-o OUTFILE save JNI methods as formatted json file (default: stdout)
Example:
./extract_jni.py app-debug.apk -o signature.json
Ghidra Plugin
See Ghidra.
| Before | After |
|---|---|
 |  |
IDA Plugin
See IDA.
| Before | After |
|---|---|
 |  |
Binary Ninja Plugin
see Binary Ninja.
| Type | Image |
|---|---|
| Before |  |
| After |  |
Radare2 Plugin
WIP, see Radare2
Demo
Tested with demo APK.
cd demo_apk
./gradlew assembleDebug
TODO
- support both C/C++ JNI functions
- support overloaded JNI functions
- remove Jadx dependence, all in Python
- Add BinaryNinja plugin
- support env->RegisterNatives JNI functions