Skip to content
/ frida_lib_dumper Public

dump loaded library (.so) from memory to get decrypted lib for Android

8 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

m4fn3/frida_lib_dumper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
android
android
 
 
README.md
README.md
 
 
dumper.js
dumper.js
 
 
dumper.py
dumper.py
 
 
label_ida.py
label_ida.py
 
 

Repository files navigation

frida_lib_dumper

dump loaded library (.so) from memory to get decrypted lib for Android

Basic Usage

  1. Put identifier of target Android app and library name in dumper.py
  2. Connect to your device through adb and run frida-server
  3. Run dumper.py

Sample Usage for Unity Apps

  1. Extract dump.cs by Zygisk-Il2CppDumper or Auto-Il2CppDumper and save to a folder in which label_ida.py exists
  2. Dump libil2cpp.so using dumper.py
  3. Load libil2cpp.so into IDA
  4. Go [File] → [Script file] and select label_ida.py to apply symbols in IDA

Acknowledgements

About

dump loaded library (.so) from memory to get decrypted lib for Android

Resources

Readme
Activity

Stars

8 stars

Watchers

1 watching

Forks

1 fork
Report repository

Languages