Skip to main content
Reverse Engineering

All Questions

Ask Question
Tagged with
9 questions
Newest Active Bountied Unanswered
0 votes
1 answer
405 views

Reverse engineering ELF: The e_phentsize field in the ELF header is less than the size of an ELF program header

I have extracted the .so binary libTheArmKing.so (located in lib directory in apk file) from a hack of World War Heroes game (an Android game) from Plantimod Forum. file output: libTheArmKing.so: ELF ...
raspiduino's user avatar
raspiduino
  • 249
0 votes
1 answer
486 views

What does this function do?

I'm trying to understand what client sends to server. I already did most of the work, but one function left. I can't understand what to do with this function and what it does. I've tried to change ...
Sergey's user avatar
Sergey
  • 1
2 votes
1 answer
483 views

How to use x64-86 elf file from an apk file in a linux machine?

I'm building a jar file that use jni to load an x86-64 elf extracted from Android apk file. But when I run my app, it throw this exception: Caused by: java.lang.UnsatisfiedLinkError: /lib/x86_64-...
Phương Nguyễn's user avatar
Phương Nguyễn
  • 121
5 votes
1 answer
2k views

Find function in a stripped dynamic ELF library

Im currently reverse engineering an android app and this app calls a function named "getUserInfo" in an ARM 32bit ELF library called "libcms.so" (from TikTok) via the Java Native Interface. My ...
SinOfficial's user avatar
SinOfficial
  • 153
3 votes
1 answer
264 views

Enumerating (name, addresses) in PLT of an ELF file without elf.h

I want to show users imported symbols of a given ELF file like this(#1) in a disassembler project.(Android app) 1d21a: f7fa e8e8 blx 173ec ; __android_log_print@plt ... Currently, I can only show ...
Hyeonseo Yang's user avatar
Hyeonseo Yang
  • 341
4 votes
1 answer
121 views

What does a C++ identifier ending in $_## mean?

In trying to understand a .so from an Android game made with Cocos2d-x, I've come across identifiers like the following (after demangling): SceneActionMap::updateTalkMode(float)::$_37 SceneActionMap::...
Squ's user avatar
Squ
  • 73
1 vote
0 answers
403 views

Accessing .rodata/.rel.data.ro

Analyzing an android ELF binary. How/where does something access a specific area of .rodata or .rel.data.ro? Have tried using objdump, rabin2, readelf, etc and I can't seem to figure out how it is ...
Craig's user avatar
Craig
  • 11
1 vote
0 answers
2k views

How to change the export function name of android so file (ELF format)

Here are my .so files: libJlcVideoEncoder.so java_so_change.exe Below are export functions inside .so files: Java_com_jlc_BubbleChat_libJlcVideoEncoder_JNIJlcInit ...
cute_star's user avatar
cute_star
  • 11
10 votes
2 answers
3k views

Fixing the checksum of a modified Android ELF

I've hex-edited a string in an Android ELF binary. Now, it won't run, and gives the error message CANNOT LINK EXECUTABLE, presumably due to a bad checksum. Does anybody have a tool to fix the ...
user1636717's user avatar
user1636717
  • 181