A lightweight Android native library emulation framework for executing the encryption algorithm.

These details have not been verified by PyPI

Project description

Infernum

PyPI PyPI - Python Version

Infernum is a lightweight Android native library emulation framework based on Unicorn. It is mainly used to execute the encryption algorithm, so it doesn't provide JNI or file system support. It supports arch ARM and ARM64.

Requirements

Python 3.7+
Unicorn 2.0.0+

Installation

$ pip install infernum

Usage

Load modules and call functions.

from infernum import Infernum
from infernum.const import ARCH_ARM64

# Initialize emulator
emulator = Infernum(ARCH_ARM64)

# Load modules
emulator.load_module("lib64/libz.so")

# Construct arguments
data = b"infernum"

v1 = emulator.create_buffer(len(data))
v2 = len(data)

emulator.write_bytes(v1, data)

# Call function by symbol
emulator.call_symbol("crc32", 0, v1, v2)

# Call function by address
symbol = emulator.find_symbol("crc32")
emulator.call_address(symbol.address, 0, v1, v2)

Emulate arch ARM.

from infernum import Infernum
from infernum.const import ARCH_ARM

emulator = Infernum(ARCH_ARM)

Read/Write data.

# Create buffer
v1 = emulator.create_buffer(64)
v2 = emulator.create_string("infernum")

# Write data
emulator.write_int(v1, 1)
emulator.write_bytes(v1, b"infernum")
emulator.write_string(v2, "infernum")

# Read data
emulator.read_int(v1)
emulator.read_bytes(v1, 8)
emulator.read_string(v2)

Hook instructions.

def hook_code(uc, address, size, user_data):
    emu = user_data["emulator"]

symbol = emulator.find_symbol("zlibVersion")
emulator.add_hook(symbol.address, hook_code)

Trace instructions.

# Trace all instructions
emulator = Infernum(ARCH_ARM64, trace_inst=True)

# Trace instructions in this module
emulator.load_module("lib64/libz.so", trace_inst=True)

Execute initialization functions in section .init_array.

emulator.load_module("lib64/libsample1.so", exec_init_array=True)

Project details

These details have not been verified by PyPI

Release history Release notifications | RSS feed

This version

0.1.1

Nov 21, 2022

0.1.0

Sep 16, 2022

0.0.2

Sep 9, 2022

0.0.1

Sep 8, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

infernum-0.1.1.tar.gz (12.7 kB view details)

Uploaded Nov 21, 2022 Source

Built Distribution

infernum-0.1.1-py3-none-any.whl (13.5 kB view details)

Uploaded Nov 21, 2022 Python 3

File details

Details for the file infernum-0.1.1.tar.gz.

File metadata

Download URL: infernum-0.1.1.tar.gz
Upload date: Nov 21, 2022
Size: 12.7 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.1 CPython/3.9.13

File hashes

Hashes for infernum-0.1.1.tar.gz
Algorithm	Hash digest
SHA256	`cb0d19509e2d81a8fd7a97856f9cc1b49626768aa3186f51b45c448465b62c05`
MD5	`f340fa78913341975ba4ab6328721f2c`
BLAKE2b-256	`240e3e7ab9cd1d06d02f8ac972d01ece8fc5ba51c78e383067a24306c98eadca`

See more details on using hashes here.

File details

Details for the file infernum-0.1.1-py3-none-any.whl.

File metadata

Download URL: infernum-0.1.1-py3-none-any.whl
Upload date: Nov 21, 2022
Size: 13.5 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.1 CPython/3.9.13

File hashes

Hashes for infernum-0.1.1-py3-none-any.whl
Algorithm	Hash digest
SHA256	`3d431ac998f7c54b8c6cb601f4cf6efa9e110576635247b728e04226fc6a7e57`
MD5	`e559019cfaa64aa0e1454af5ad7d2ac3`
BLAKE2b-256	`cfa4091d2ae9b4ff9d1ce0dd32c35b5a505ce5811c616bb977297b6ece446509`