Android/Linux vmlinux loader

vmlinux.py is a python script which can load vmlinux image in both IDA Pro and radare2.

vmlinux

vmlinux is a decompressed kernel image, personally I prefer to extract it from boot.img by binwalk. However, imgtool is another good choice.

./imgtool pixel_boot.img extract
lz4 -d extracted/kernel ./pixel_vmlinux

usage

IDA Pro

vmlinux.py		->		C:\Program Files\IDA x.x\loaders\

radare2

r2 -i ./vmlinux.py ./test/pixel_vmlinux

Command Line

python ./vmlinux.py ./test/pixel_vmlinux

KASLR

In some cases, kernel image with KASLR enabled will populate relocation entries upon boot and leave them as 0 in image. fix_kaslr_4_4.c and fix_kaslr_samsung.c can fix these images by re-populating relocation entries with their original addresses.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

test

test

README.md

README.md

fix_kaslr_4_4.c

fix_kaslr_4_4.c

fix_kaslr_samsung.c

fix_kaslr_samsung.c

vmlinux.py

vmlinux.py

Repository files navigation

Android/Linux vmlinux loader

vmlinux

usage

IDA Pro

radare2

Command Line

KASLR

About

Releases

Packages

Languages

Name		Name	Last commit message	Last commit date
Latest commit History 19 Commits
test		test
README.md		README.md
fix_kaslr_4_4.c		fix_kaslr_4_4.c
fix_kaslr_samsung.c		fix_kaslr_samsung.c
vmlinux.py		vmlinux.py

bkerler/droidimg

Folders and files

Latest commit

History

Repository files navigation

Android/Linux vmlinux loader

vmlinux

usage

IDA Pro

radare2

Command Line

KASLR

About

Resources

Stars

Watchers

Forks

Languages