Doldrums is a reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally named libapp.so
, for all Dart version 2.10 releases. When run, it outputs a full dump of all classes present in the isolate snapshot.
The tool is currently in beta, and missing some deserialization routines and class information. If it does not work out-of-the-box, please let me know.
Dependencies
Doldrums requires pyelftools to parse the ELF format. You can install it with
pip3 install pyelftools
Usage
To use, simply run the following command, substituting libapp.so
for the appropriate binary, and output
for the desired output file. Note that the verbose option only works for Dart snapshot v2.12.
python3 src/main.py [-v] libapp.so output
The expected output is a dump of all classes, in the following format:
class MyApp extends StatelessWidget {
Widget build(DynamicType, DynamicType) {
Code at absolute offset: 0xec85c
}
String myPrint(DynamicType, DynamicType) {
Code at absolute offset: 0xeca80
}
}
The absolute code offset indicates the offset into the libapp.so
file where the native function may be found.
SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…
The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…
The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…
The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…
AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…
Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…