https://github.com/hluwa/Wallbreaker

🔨 Break Java Reverse Engineering form Memory World!
https://github.com/hluwa/Wallbreaker

android debug debugger frida java python reverseengineering security

Last synced: about 2 months ago
JSON representation

🔨 Break Java Reverse Engineering form Memory World!

• Host: GitHub
• URL: https://github.com/hluwa/Wallbreaker
• Owner: hluwa
• License: gpl-3.0
• Archived: true
• Created: 2019-12-07T19:22:15.000Z (almost 5 years ago)
• Default Branch: master
• Last Pushed: 2023-03-26T15:29:07.000Z (over 1 year ago)
• Last Synced: 2024-07-19T07:13:21.115Z (about 2 months ago)
• Topics: android, debug, debugger, frida, java, python, reverseengineering, security
• Language: Python
• Homepage:
• Size: 1020 KB
• Stars: 797
• Watchers: 22
• Forks: 130
• Open Issues: 7
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - hluwa/Wallbreaker - 🔨 Break Java Reverse Engineering form Memory World! (Python)

README

        
# Wallbreaker

🔨 Break Java Reverse Engineering form Memory World!

## WTF?

Wallbreaker is a useful tool to live analyzing Java heap, powered by [frida](https://github.com/frida/frida). Provide

some commands to search object or class from the memory, and beautifully visualize the real structure of the target.

Want to know real data content? list item? map entries? Want to know about implementation of the interface? Try it! What

you see is what you get!

## How to start?

### 1. Install objection

> pip3 install objection

### 2. Download wallbreaker

> mkdir -p ~/.objection/plugins/ \

> git clone https://github.com/hluwa/Wallbreaker ~/.objection/plugins/Wallbreaker

### 3. Loading as objection plugin

> objection -g com.app.name explore -P ~/.objection/plugins

or

> objection -g com.app.name explore \

> plugin load  ~/.objection/plugins/Wallbreaker

### 4. Use wallbreaker command

> plugin wallbreaker objectsearch java.util.HashMap \

> plugin wallbreaker objectdump <object-handle>

## Commands

### Search

 wallbreaker classsearch <type-pattern> 

```

[return all matched class]

```

 wallbreaker objectsearch <instance-class-name>  

```

[return all matched object-handle and toString]

```

### Dump

 wallbreaker classdump <class-name> [--fullname] 

```

[

   pretty print class structure: fields declare, static field value, methods declare.

      set --fullname to display package name of type name.

]

```

 wallbreaker objectdump <object-handle> [--fullname] [--as-class class-name] 

```

[

   pretty print object structure: fields declare and value, methods declare.

      set --fullname to display package name of type name;

      set --as-class to cast instance type(super class, not interface).

   if instance is a collection or map, dump all entries.

]

```

## Demo

[![asciicast](https://asciinema.org/a/XZf8yLWJylCKJfcaYzcKlNbIy.svg)](https://asciinema.org/a/XZf8yLWJylCKJfcaYzcKlNbIy)