radare2-book
radare2-book copied to clipboard
radareorg
How to debug android so with r2
What android type you do have? Is this a Cylon? Or a Terminator? We don't support Replicants yet. And Data plugin was removed because nobody was willing to maintain it.
sorry, my englist is poor. I mean how to debug android so with r2 like ida pro. R2 can't debug the android so in the real android phone?
I dont know how ida does that, but r2 can debug android shared libraries (if this is what u mean by so). In the same way that gdb do. Just attach to the process and put breakpoints or whatever. You can also use r2frida for that purpose
On 20 Aug 2019, at 09:49, allen2015555 [email protected] wrote:
What android type you do have? Is this a Cylon? Or a Terminator? We don't support Replicants yet. And Data plugin was removed because nobody was willing to maintain it.
sorry, my englist is poor. I mean how to debug android so with r2 like ida pro. R2 can't debug the android so in the real android phone?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
I will move the issue to r2book, ok?
Thank you! I hope find the the tutorial for debug android shared library in r2book.
I dont know how ida does that, but r2 can debug android shared libraries (if this is what u mean by so). In the same way that gdb do. Just attach to the process and put breakpoints or whatever. You can also use r2frida for that purpose … On 20 Aug 2019, at 09:49, allen2015555 @.***> wrote: What android type you do have? Is this a Cylon? Or a Terminator? We don't support Replicants yet. And Data plugin was removed because nobody was willing to maintain it. sorry, my englist is poor. I mean how to debug android so with r2 like ida pro. R2 can't debug the android so in the real android phone? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
Thandks for your reply. I will try it.
With radare2 you can set breakpoint on compiled part of binaries such as arm and in .dex files. In pratice I personally just use radare2 for the binary because it is more convenient to debug the smali with real files disassembled than dex binaries. Apk has the particularity to be full repackaged. So I find it better like that.
I have a command to debug remotely an apk from a virtual machine with radare2 on the binary. I will find it and post it here when I will have found it.
The first part is to attach the pid from the android VM with:
gdbserver --attach localhost:12345 18190
where 18190 is the pid of the process.
Note for my future self: reference the r2frida book when ready for consumption
just r2 -d 18190
Yes but after you will need to select what you debug like dex file or .so.
I imagine something like:
gdbserver --attach localhost:1234 <PID>;
radare2 -d gdb://localhost:1234/ -e dbg.exe.path=library.so;
Inspired by https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05c-reverse-engineering-and-tampering#debugging-native-code.