Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rscloura/Doldrums

A Flutter/Dart reverse engineering tool
https://github.com/rscloura/Doldrums

Last synced: 2 months ago
JSON representation

A Flutter/Dart reverse engineering tool

Host: GitHub
URL: https://github.com/rscloura/Doldrums
Owner: rscloura
Created: 2020-11-29T23:20:32.000Z (about 4 years ago)
Default Branch: main
Last Pushed: 2022-05-01T00:02:08.000Z (over 2 years ago)
Last Synced: 2024-08-03T01:25:43.899Z (6 months ago)
Language: Python
Size: 3.95 MB
Stars: 760
Watchers: 21
Forks: 116
Open Issues: 10
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-rainmana - rscloura/Doldrums - A Flutter/Dart reverse engineering tool (Python)
Awesome-Pentest - Doldrums - A Flutter/Dart reverse engineering tool. `Flutter` (Reverse Engineering Tools / Metadata Tools)

README

        

*To flutter: to move in quick, irregular motions, to beat rapidly, to be agitated.*  

*Doldrums: a period of stagnation.*

Doldrums is a reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally named `libapp.so`, for all Dart version 2.10 releases. When run, it outputs a full dump of all classes present in the isolate snapshot.

The tool is currently in **beta**, and missing some deserialization routines and class information. If it does not work out-of-the-box, please let me know.

## Dependencies

Doldrums requires [pyelftools](https://github.com/eliben/pyelftools) to parse the ELF format. You can install it with

```

pip3 install pyelftools

```

## Usage

To use, simply run the following command, substituting `libapp.so` for the appropriate binary, and `output` for the desired output file. Note that the verbose option only works for Dart snapshot v2.12.

```

python3 src/main.py [-v] libapp.so output

```

The expected output is a dump of all classes, in the following format:

```

class MyApp extends StatelessWidget {

    Widget build(DynamicType, DynamicType) {

        Code at absolute offset: 0xec85c

    }

    String myPrint(DynamicType, DynamicType) {

        Code at absolute offset: 0xeca80

    }

}

```

The absolute code offset indicates the offset into the `libapp.so` file where the native function may be found.

## Reading material

For a detailed write-up on the format, please check my [blog post](https://rloura.wordpress.com/2020/12/04/reversing-flutter-for-android-wip/).

## Related works

[darter](https://github.com/mildsunrise/darter) is a fully implemented and fully tested parser for Dart version 2.5 releases.

## Contribute

If you'd like to help the project, consider making a pull request,  or donating to

* ADA: DdzFFzCqrhsgHAVMtnep9Uq9iF61oxZ31LWVG3izmT8BH54Jz7C2gUBFcy6VnCkrbVNqrkevQ4wSwK7dfh7YrUfvSd5toKdE9tzZrcaB

* BTC: 33piC5kfTdqFyQ5ionmuJkTDJXsFYdzGdS

* ETH: 0x2bF670503C28B551C80191aeE9F7ACC96e101D9B

***

Logo by [Luis Fonseca](https://www.linkedin.com/in/luis-pedro-h-fonseca-4776a024/).