Doldrums is a reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally named libapp.so, for all Dart version 2.10 releases. When run, it outputs a full dump of all classes present in the isolate snapshot.
The tool is currently in beta, and missing some deserialization routines and class information. If it does not work out-of-the-box, please let me know.
Dependencies
Doldrums requires pyelftools to parse the ELF format. You can install it with
pip3 install pyelftools
Usage
To use, simply run the following command, substituting libapp.so for the appropriate binary, and output for the desired output file. Note that the verbose option only works for Dart snapshot v2.12.
python3 src/main.py [-v] libapp.so output
The expected output is a dump of all classes, in the following format:
class MyApp extends StatelessWidget {
Widget build(DynamicType, DynamicType) {
Code at absolute offset: 0xec85c
}
String myPrint(DynamicType, DynamicType) {
Code at absolute offset: 0xeca80
}
}
The absolute code offset indicates the offset into the libapp.so file where the native function may be found.
Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…
Docker is one of the most widely used containerization platforms. But there may come a…
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…