/mlviewer

Mobile app memory view & edit PyQt6 program

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

mlviewer

An iOS, Android application memory view & edit PyQt6 application powered by Frida
It's a program running some useful frida scripts with ui to help mobile app analysis

Prerequisite

python > 3.8.0
Running frida-server on your device

Usage

Run

git clone https://github.com/hackcatml/mlviewer

cd mlviewer

pip install -r requirements.txt

python main.py

Example

  • Attach, move to an offset from the image base address, patch hex code
    화면 기록 2023-06-21 오후 11 56 29

  • Hex to Arm convert (needs internet connection)
    Drag some hex bytes, mouse right button, click "Hex to Arm"
    화면 기록 2023-06-22 오전 12 06 56

  • Watch arguments, regs on address
    Select address, mouse right button, click "Set Watch Func" or "Set Watch Regs"
    You can monitor arguments with the read option during a function's onEnter or onLeave
    Select args, mouse right button, choose options(ex. select 'args0', check 'onLeave', 'readUtf8String' will log args0.readUtf8String() at onLeave)
    화면 기록 2023-07-02 오후 10 22 58

  • Other examples
    so file dump, memory scan, etc
    https://hackcatml.tistory.com/174

Credits

dump-ios-module
dump-so
frida-il2cpp-bridge
https://armconverter.com