How to modify a method/field of Dalvik bytecode?

[GoogleCodeExporter]

Hi,

Firstly thank you so much for the great work on Androguard! I followed the 
instructions in the wiki page to de-compile and modify .dex bytecode. But I 
have some difficulties in doing this and it will be great if you would like to 
give me some hints.

The instructions I followed is as following:  
http://code.google.com/p/androguard/wiki/Usage#patch_bytecodes_of_a_method_?

FILE = "./HelloAndroid.dex"
a = androguard.AndroguardS(FILE)
code = a.get_vm().get_methods()[0].get_code()
code.remove_at(0)

AttributeError: DalvikCode instance has no attribute 'remove_at'


When I use the same statements to remove a specific instruction, I was told 
that there is no such method. I further checked the source code and made sure 
that there is no such method in dvm. But in the wiki, it is written that "# 
supposed vm is a JVMFormat or DalvikVMFormat", so I am wondering maybe the 
modification API for DalvikVMFormat is not released yet? If so, I am very glad 
to help on this since I need the Dalvik bytecode editor as a basic of our 
research. 


Another thing is, given that we can use Androguard to modify Java bytecode, is 
there a way for us to generate an updated .class file after modification?

Thanks,

Zhiqiu

Original issue reported on code.google.com by breaddawson on 21 Oct 2011 at 9:12

[GoogleCodeExporter]

Hi,

it's possible to modify a class file with androguard, but not yet a dex file 
(it's in my todo list, but not at the top :))

So if you would like to contribute to this feature, it will be cool :)

Original comment by anthony....@gmail.com on 24 Oct 2011 at 12:01

• Changed state: Accepted

[GoogleCodeExporter]

Thanks for the reply! I've cloned your project and tried to add the .dex 
modification support to .dvm. But as I do not have experience in reversing 
.dex, one problem is that I am kind of lost in the code :(. I've found the doc, 
which shows me a nice hierarchy of the code, and the inline comments are pretty 
helpful. And it will be very great if there is some other documents, such as 
notes about the basic functionality of each class, and the basic workflow. :)

Original comment by breaddawson on 28 Oct 2011 at 12:03

[GoogleCodeExporter]

The code follow the dex documentation, so I think you must read the 
documentation of the format :)

Original comment by anthony....@gmail.com on 28 Oct 2011 at 7:21

[GoogleCodeExporter]

Sure. I was reading the code together with one document about dex file format. 
Hopefully I'll get into it quickly. :) Other than the body of the method 
itself, there is also index field as well as metadata, such as method index, 
local variable size, etc. So I guess I need to modify both the method body and 
these metadata at the same time to make it a valid .dex, right? 

Original comment by breaddawson on 28 Oct 2011 at 4:45

[GoogleCodeExporter]

Yes I think you must modify all variables which depends of the size of the 
method. And also you must modify the CFG.

Original comment by anthony....@gmail.com on 28 Oct 2011 at 7:03

[GoogleCodeExporter]

Hi,

news ?:)

Original comment by anthony....@gmail.com on 8 Nov 2011 at 11:16

[GoogleCodeExporter]

So sorry to say that there is little progress. I am now trying to modify the 
Dalvik interpreter to do the instrumentation. :) 

Original comment by breaddawson on 12 Nov 2011 at 11:59

[GoogleCodeExporter]

Original comment by anthony....@gmail.com on 15 Nov 2011 at 6:12

• Added labels: Priority-Low, Type-Enhancement
• Removed labels: Priority-Medium, Type-Defect

[GoogleCodeExporter]

Original comment by anthony....@gmail.com on 3 Feb 2012 at 6:19

• Changed state: WontFix