Skip to content

hackcatml/mlviewer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

106 Commits

SoFixer

SoFixer

 
 

dump

dump

 
 

gadget

gadget

 
 

icon

icon

 
 

scripts

scripts

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

code.py

code.py

 
 

diff.py

diff.py

 
 

diff.ui

diff.ui

 
 

disasm.py

disasm.py

 
 

disasm.ui

disasm.ui

 
 

dumper.py

dumper.py

 
 

fridaportal.py

fridaportal.py

 
 

gadget.py

gadget.py

 
 

gadget.ui

gadget.ui

 
 

gadget_win.ui

gadget_win.ui

 
 

globvar.py

globvar.py

 
 

hexviewer.py

hexviewer.py

 
 

history.py

history.py

 
 

history.ui

history.ui

 
 

listimgviewer.py

listimgviewer.py

 
 

main.py

main.py

 
 

mlviewer_macos.sh

mlviewer_macos.sh

 
 

mlviewer_wincon.bat

mlviewer_wincon.bat

 
 

requirements.txt

requirements.txt

 
 

spawn.py

spawn.py

 
 

spawn.ui

spawn.ui

 
 

ui.py

ui.py

 
 

ui.ui

ui.ui

 
 

ui_win.py

ui_win.py

 
 

ui_win.ui

ui_win.ui

 
 

utilviewer.py

utilviewer.py

 
 

Repository files navigation

mlviewer

An iOS, Android application memory view & edit PyQt6 application powered by Frida
It's a program running some useful frida scripts with ui to help mobile app analysis

Prerequisite

python > 3.8.0
Running frida-server on your device

Usage

Two ways to run
1. Python Virtual Environment (recommended)

# Git clone
git clone https://github.com/hackcatml/mlviewer
cd mlviewer

# Run
.\mlviewer_wincon.bat (for Windows)
./mlviewer_macos.sh (for macOS)

2. Current Python Environment

# Git clone
git clone https://github.com/hackcatml/mlviewer
cd mlviewer

# Install requirements
pip install -r requirements.txt

# Install capstoen
pip install capstone
pip install --pre --no-binary capstone capstone (for m1, m2 macOS)

# Run
python main.py

Update

git pull origin main

Example

  • Attach, move to an offset from the image base address, patch hex code
    화면 기록 2023-06-21 오후 11 56 29

  • Hex to Arm convert (needs internet connection)
    Drag some hex bytes, mouse right button, click "Hex to Arm"
    화면 기록 2023-06-22 오전 12 06 56

  • Watch arguments, regs on address
    Select address, mouse right button, click "Set Watch Func" or "Set Watch Regs"
    You can monitor arguments with the read option during a function's onEnter or onLeave
    Select args, mouse right button, choose options(ex. select 'args0', check 'onLeave', 'readUtf8String' will log args0.readUtf8String() at onLeave)
    화면 기록 2023-07-02 오후 10 22 58

  • Other examples
    so file dump, memory scan, etc
    https://hackcatml.tistory.com/174

Credits

dump-ios-module
dump-so
frida-il2cpp-bridge
https://armconverter.com
capstone
frida-dexdump
bindiff

About

Mobile app memory view & edit PyQt6 program

Topics

android ios reverse-engineering frida memoryanalysis pyqt6

Resources

Readme

License

GPL-3.0 license
Activity

Stars

20 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases 2

v1.0.1 Latest
Jul 5, 2023
+ 1 release

Packages

No packages published

Languages