Skip to content
Android Library Code Recognition
Branch: master
Clone or download
clucas
clucas Refactoring
Required for coming changes
- move matched classes and methods to FileMatches
- do not use direct InnerMatch variables
- remove useless dbMatcher/method/classes references
Latest commit ae62c06 Jun 19, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
examples
out bin for 1.1.2 May 30, 2019
scripts Updated for JEB 3.1 Jan 18, 2019
src/com/pnf/androsig
test/com/pnf/androsig minor: move legacy method Jun 18, 2019
testdata
.gitignore Updated for JEB 3.1 Jan 18, 2019
README.md README update for Androsig 1.1, sample app May 17, 2019
build-linux.sh
build-windows.cmd
create-eclipse-project-linux.sh
create-eclipse-project-windows.cmd Updated for JEB 3.1 Jan 18, 2019

README.md

Androsig - Android Library Code Matching for JEB

Introduction

The purpose of this plugin is to help deobfuscate obfuscated applications. Using our generic collection of signatures for common libraries, library code can be recognized; methods and classes can be renamed; package hierarchies can be rebuilt.

Minimum JEB version: JEB 3.3

Tutorials on how to use:

Remember to download a signatures bundle of common libraries, as instructed in the tutorial linked.

Building from Source

Use the provided build-xxx script to build both plugins (packaged in a single JAR); the version number 'x.y.z' is located in AndroSigCommon. Update the version number in the script file before building.

Components

Android Signature Generator plugin

This plugin is mainly for generating library signatures which are used to match obfuscated applications.

Android Signature Recognizer plugin

Based on library signatures and through recognizer plugin, library code in obfuscated applications can be recognized.

Getting Started

Prerequisities

Simply drop plugin into [JEB_FOLDER]/coreplugins folder and restart JEB.

Running Signature Generator plugin

  1. In JEB, click File -> Open to open an android apk.
  2. Select File -> Engines -> Execute and select the generator plugin.
  3. Enter the library name (usually the same as application name) and click OK.
  4. The signature file (.sig) will be generated in [JEB_FOLDER]/coreplugins/android_sigs folder.

Running Signature Recognizer plugin

Please make sure all your signature files are in the [JEB_FOLDER]/coreplugins/android_sigs folder.

  1. In JEB, click File -> Open to open an android apk.
  2. Select File -> Engines -> Execute and select the Recognizer plugin.
  3. Customize the matching parameters if need ba and click OK.
  4. The signature file (.sig) will be generated in [JEB_FOLDER]/coreplugins/android_sigs folder.

Result

After running signature recognizer plugin, two files will be generated in your TEMP folder:

  • androsig-mapping.txt: a mapping file shows the original class, method names mapped to the obfuscated names.
  • androsig-report.txt: provides the comprehensive information about the matching.

Copyright and License

JEB Copyright PNF Software, Inc.

https://www.pnfsoftware.com

Licensed under the Apache License, Version 2.0 (the "License"); You may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

You can’t perform that action at this time.