charles2gan/GDA-android-reversing-Tool

[](http://www.gda.wiki:9090/?language=en) [](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki) [](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Path-Solver) [](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Vulnerability-Scanner) [](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Python-scripts) [](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Static-Taint-analysis) [](http://www.gda.wiki:9090/update_list.php?language=en) [](https://www.zhihu.com/people/gjden) [](https://twitter.com/charles_gan1)  # ˇ GDA (GJoy Dex Analyzer) GDA 是一个用 C++ 实现的强大的 Dalvik 字节码反编译器，具有分析速度快、内存和磁盘占用低以及更强的反编译 apk、dex、odex、oat、jar、class、aar 文件的能力。 GDA 是完全原生的软件，无需任何安装程序和 Java VM 即可运行，它在任何新的 Windows 系统和虚拟机系统中都能良好运行，无需额外配置。GDA 反编译器项目始于 2013 年，其第一个 1.0 版本于 2015 年在 **[GDA 网站](http://www.gda.wiki:9090/index.php?language=en)** 发布。 GDA 也是一个强大且快速的反向分析平台。它不仅支持基本的反编译操作，还支持许多出色的功能，如 **恶意行为检测、隐私泄露检测、漏洞检测、路径求解、加壳识别、变量跟踪分析、去混淆、Python 和 Java 脚本、设备内存提取、数据解密和加密** 等。 所有功能如下： ``` 𝕬 Interactive Operation: 1. Cross-references for strings, classes, methods and fields; 2. Searching for strings, classes methods and fields; 3. Comments for java code; 4. Rename methods,fields and classes; 5. Save the analysis results in gda db file. ... 𝕭 Utilities for Assisted Analysis: 1. Extracting DEX from ODEX; 2. Extracting DEX from OAT; 3. XML Decoder (Component filter); 4. Algorithm tool(Support rolling encryption and almost all popular encryption algorithms); 5. Device memory dump(Dump so, odex, dex, oat file); 6. Path solving; 7. Static vulnerability scanner; ... 𝕮 Good Features: 1. Brand new dalvik decompiler in c++ with friendly GUI. 2. Packers Recognition. 3. Multi-DEX supporting. 4. De-obfuscate. 5. Malicious Behavior Scanning by API chains. 6. Static vulnerability scanner based on stack state machine and dynamic rule interpreter. 7. Taint analysis to preview the behavior of variables. 8. Taint analysis to source the variables. 9. APIs view with x-reference 10. Deep URL extraction. 11. Association of permissions with modules. 12. Apk Forensics Analysis. 13. Dual decompiler mode. 14. Smart Rename. 15. Device memory data dump, DEX file dump by memory searching. 16. Support Frida to hook and call the selected method or class. 17. Privacy leaking scanning. 18. Sensitive Infomation extraction. 19. Multi-DEX Merge. 20. Path solving based on low-level intermediate representation(LIR). 21. Junk instruction clearing. 22. Support call-graph view. 23. Smali instruction patch, apk repack and install. 24. Support subclass and parentclass view. 25. Support translation of the strings. ... ``` `𝕲𝕯𝕬 快捷键` |快捷键 |描述| |:-|:-| |F5 |切换 Java 到 Smali，再次按下返回 Java| |F |通过数据流分析跟踪参数和返回值| |X |交叉引用，定位调用者（针对字符串、类、方法、字段）| |Esc/◄/Backspace |返回上次访问| |► |前进到下次访问| |G |通过输入 offset 跳转到某处 | |N |重命名变量/方法/类名| |S |根据给定字符串搜索所有元素| |C |注释。仅支持 Java 代码| |DoubleClick |光标位于方法/str/field/class 处，双击访问对象| |M |光标位于 Smali 行，按下 'M' 键编辑指令| |▲ UP |按 'up' 键访问树控件中的上级方法| |▼ Down |按 'down' 键访问树控件中的下级方法| |D |Dump 方法的二进制数据，仅支持 Smali 窗口| |Enter |编辑框的修改生效| |H |以 Hex（十六进制）形式显示数据| |Ctr+H |弹出搜索历史窗口| |Ctr+A |全选| |Ctr+C |复制| |Ctr+V |粘贴，仅适用于可编辑框| |Ctr+X |剪切| |Ctr+F |在代码区域查找字符串| |Ctr+S |将修改保存到 GDA 数据库文件| # ˇ 安装 无需安装，只需双击 bin 即可使用。 注意： 这不是一个开源项目，至少在短期内不是。您可以使用此处发布的免费工具和一些开源脚本。 # ˇ 误报报告 为了版权保护，GDA 受到授权 [VMP](http://vmpsoft.com/) 的保护，这可能会导致某些杀毒软件误报。请忽略或将 GDA 加入白名单。GDA 没有任何恶意行为。 GDA 内嵌了 ADB 和 gdump（用于 dump 设备内存数据），以及漏洞规则、源码污点规则、api 指纹等。因此，您会在 %APPDATA%/GDA 目录下看到一些文件。这种释放其他可执行文件的行为也可能被某些杀毒软件识别为病毒。 # ˇ 支持的平台 仅适用于 Windows # ˇ 用法： ## 1.GUI 模式 只需将文件拖入 GDA 即可。 如果您的文件是 `.jar/.class/.aar` 文件，您需要支持 dx 工具的 java。请确保 java 正常工作。 当分析的 jar 文件过大时，可能需要很长时间进行分析，请耐心等待。 ## 2.CLI 模式 ``` >gda.exe -sh src_file --> start a Shell -sv src_file port --> start a Server -h --> help ------------------------------------------------------------ >gda.exe -h Usage:gda.exe [option] [apk_file] [-o output_file] option: -h help -x show AndroidManifest.xml -p app package name -P permission -i apk base info -a attack surface -k packer -s all the strings -S referenced strings -c cert information -d decompile all code ------------------------------------------------------------ >gda.exe -sv text.apk 12345 File Loading... GDA Server listening on port 12345... >client_gda.py help ``` ***[client_gda.py](https://github.com/charles2gan/GDA-android-reversing-Tool/blob/master/skills/test/client_gda.py)*** ``` ------------------------------------------------------------ >gda -sh test.apk > > GDA Shell >help subcmd [-args]... [-t filter_string] help --> shell command help set -o file--> set output file exit/q --> to exit axml --> content of androidmainfest.xml binfo --> apk base info pname --> apk package name permission --> permissions of APP header n --> header of the n-st dex file attsf --> attacksurface packer --> packer cert --> certifacate appstr --> strings referenced by methods malscan --> malcious behavior sensinf --> sensitive infos interface --> list interface classes uri --> url,path etc. native --> list native methods api --> list api methods listm cname--> list the methods of class(dot) sclass cidx--> list subclasses by class index(hex) pclass cidx--> list parent class by class index(hex) dasm option--> disasembly a method option: @type(e.g., dasm method@0045F0) -n name(signature name,e.g.,"Lcom/base/Binary;->add(Lcom/base/Binary;)V") dec option--> decompile a method or class, option: @type (class/method type), e.g., dec method@21f -c[-m] name(class/method signature name, e.g. , "Lcom/base/Binary;") -a filepath(decompile the all classes) find option--> search object by name(match partial/regex) option: -c[-m][-M][-d][-s][-i][-a] name, e.g., find -C Frame (regex:~"Frame.*") |-c(match class name) |-C(match class name with package) |-m(match method name) |-M(match method name with package) |-d(match field name) |-i(match api method name) |-s(match string) |-a(match all[classes,methods,field and strings] xref option --> search cross-reference of object option(1): @type (method/class/field/string type), e.g. ,xref string@22e option(2): -c[-m][-M][-d][-s][-i][-a] name(match partial), e.g. ,xref -m send |-c(xref of class name) |-s(xref of string) |-m(xref of method name) |-r(xref of resource name) |-f(xref of field name) |-a(xref of all[classes,methods,field and strings] ``` ## 3.LLM 技巧 技巧示例： ***[gda_skills_test.py](https://github.com/charles2gan/GDA-android-reversing-Tool/blob/master/skills/test/gda_skills_test.py)*** 分析恶意软件的示例： ***[skill example for malware analyzing](https://github.com/charles2gan/GDA-android-reversing-Tool/blob/master/skills/mal_skill)*** ## 4.帮助 ***[FAQ 摘要](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Decompiler-FAQ-Summary)*** ***[简明指南](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki)*** ***[如何搜索您需要的内容](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/How-to-search-what-you-need%3F)*** ***[支持 Frida](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-support-for-the-frida)*** ***[Python 脚本](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Python-scripts)*** ***[GDA 隐私泄露检测](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Privacy-Leak-Detection)*** ***[GDA 路径求解器](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Path-Solver)*** ***[GDA APK 取证](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-APK-Forensic)*** ***[GDA 静态污点分析](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Static-Taint-analysis)*** ***[APP 字符串批量解密](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/Batch-decryption-of-APP-strings)*** ***[GDA 漏洞扫描器](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Vulnerability-Scanner)*** ***[GDA：CTF 夺旗](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA:-%22Unpacking-Decompiling-Decrypting%22-to-Capture-the-Flag-in-CTF-Game)*** ***[GDA：基于 Smali 即时编译的 DEX 静态补丁技术](https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA:-DEX-Static-Patch-Technology-Based-on-Smali-Just%E2%80%90in%E2%80%90time-Compilation)*** # ˇ 颜色主题： 仅支持 GDA3.75+，其他版本不使用此主题文件。用法：点击菜单 `File` -> `Import Color Config`，选择一个主题文件并重启 GDA。 ***[在此下载](https://github.com/charles2gan/GDA-android-reversing-Tool/tree/master/GDA%20Color%20theme)***        

标签：APK分析, C++, CIDR扫描, Dalvik字节码, DEX反编译, GDA, OD, URL提取, 主机友好, 云安全监控, 免Java环境, 内存提取, 原生工具, 去混淆, 反编译, 变量追踪, 安卓逆向, 恶意行为检测, 数据擦除, 脱壳检测, 解密加密, 路径求解, 逆向工具, 隐私泄露检测, 静态分析