From f0673800804f8d66622bac880fda8cd5936ebbf6 Mon Sep 17 00:00:00 2001 From: ScreaMy7 Date: Tue, 20 Aug 2024 17:42:27 +0530 Subject: [PATCH 01/12] blutter tool added --- tools/android/MASTG-TOOL-01111.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 tools/android/MASTG-TOOL-01111.md diff --git a/tools/android/MASTG-TOOL-01111.md b/tools/android/MASTG-TOOL-01111.md new file mode 100644 index 0000000000..e69de29bb2 From 2a72e406ec4472d7ab3419f97900759ba4a461ca Mon Sep 17 00:00:00 2001 From: ScreaMy7 Date: Wed, 21 Aug 2024 11:37:18 +0530 Subject: [PATCH 02/12] blutter tool --- tools/android/MASTG-TOOL-0111.md | 17 +++++++++++++++++ tools/android/MASTG-TOOL-01111.md | 0 2 files changed, 17 insertions(+) create mode 100644 tools/android/MASTG-TOOL-0111.md delete mode 100644 tools/android/MASTG-TOOL-01111.md diff --git a/tools/android/MASTG-TOOL-0111.md b/tools/android/MASTG-TOOL-0111.md new file mode 100644 index 0000000000..f7b726fb93 --- /dev/null +++ b/tools/android/MASTG-TOOL-0111.md @@ -0,0 +1,17 @@ +--- +title: Blutter +platform: android +source: https://github.com/worawit/blutter +--- + +[Blutter](https://github.com/worawit/blutter) is an open-source tool created to support the reverse engineering of Flutter applications by compiling the Dart AOT Runtime. It targets the lib files found in decompiled apks and is compatible with the latest versions of Dart. It makes use of an advanced C++20 formatting library. The tool is compatible with Linux, Windows, and macOS operating systems. Blutter is capable of extracting and analyzing Dart objects and can generate Frida scripts for further analysis. It automatically compiles any required Dart versions that are not already installed. + +This tool does require a specific environment to work, which can be found [here](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup).If you don’t want to setup the environment here is the docker support for the blutter tool. + +Use the apktool to Extract "lib" directory from apk file. +``` +python3 blutter.py path/to/app/lib/arm64-v8a out_dir +``` + +Reference: +[B(l)utter – Reversing Flutter Applications](https://www.youtube.com/watch?v=EU3KOzNkCdI) diff --git a/tools/android/MASTG-TOOL-01111.md b/tools/android/MASTG-TOOL-01111.md deleted file mode 100644 index e69de29bb2..0000000000 From 6aa43b4afeb03b9d8702d07efe7340c348ef4e8a Mon Sep 17 00:00:00 2001 From: ScreaMy7 Date: Wed, 21 Aug 2024 11:43:27 +0530 Subject: [PATCH 03/12] fixes --- tools/android/MASTG-TOOL-0111.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/android/MASTG-TOOL-0111.md b/tools/android/MASTG-TOOL-0111.md index f7b726fb93..a6363587ad 100644 --- a/tools/android/MASTG-TOOL-0111.md +++ b/tools/android/MASTG-TOOL-0111.md @@ -9,7 +9,8 @@ source: https://github.com/worawit/blutter This tool does require a specific environment to work, which can be found [here](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup).If you don’t want to setup the environment here is the docker support for the blutter tool. Use the apktool to Extract "lib" directory from apk file. -``` + +```bash python3 blutter.py path/to/app/lib/arm64-v8a out_dir ``` From 630b08c6ab2c77f4b5da233982473c800b76f55e Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Tue, 1 Oct 2024 09:29:05 +0200 Subject: [PATCH 04/12] Update tools/android/MASTG-TOOL-0111.md Co-authored-by: Jeroen Beckers --- tools/android/MASTG-TOOL-0111.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/android/MASTG-TOOL-0111.md b/tools/android/MASTG-TOOL-0111.md index a6363587ad..89478ba43a 100644 --- a/tools/android/MASTG-TOOL-0111.md +++ b/tools/android/MASTG-TOOL-0111.md @@ -4,7 +4,7 @@ platform: android source: https://github.com/worawit/blutter --- -[Blutter](https://github.com/worawit/blutter) is an open-source tool created to support the reverse engineering of Flutter applications by compiling the Dart AOT Runtime. It targets the lib files found in decompiled apks and is compatible with the latest versions of Dart. It makes use of an advanced C++20 formatting library. The tool is compatible with Linux, Windows, and macOS operating systems. Blutter is capable of extracting and analyzing Dart objects and can generate Frida scripts for further analysis. It automatically compiles any required Dart versions that are not already installed. +[Blutter](https://github.com/worawit/blutter) is an open-source tool created to support the reverse engineering of Flutter applications. Unlike other Flutter tools, Blutter parses the libapp.so file locally, without requiring you to run the app on a device. The tool is compatible Linux, Windows, and macOS, but can only analyse Android ARM64 apps. Blutter is capable of extracting and analyzing Dart objects and it can generate Frida scripts for further analysis. This tool does require a specific environment to work, which can be found [here](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup).If you don’t want to setup the environment here is the docker support for the blutter tool. From 9f4e2df3f4f236acd555c6775c73a79f6bcb77d4 Mon Sep 17 00:00:00 2001 From: ScreaM <70141504+ScreaMy7@users.noreply.github.com> Date: Fri, 18 Oct 2024 14:05:44 +0530 Subject: [PATCH 05/12] minor changes,changed tool number and added dockerfile --- tools/android/MASTG-TOOL-0111.md | 18 ------------ tools/android/MASTG-TOOL-0116.md | 47 ++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+), 18 deletions(-) delete mode 100644 tools/android/MASTG-TOOL-0111.md create mode 100644 tools/android/MASTG-TOOL-0116.md diff --git a/tools/android/MASTG-TOOL-0111.md b/tools/android/MASTG-TOOL-0111.md deleted file mode 100644 index 89478ba43a..0000000000 --- a/tools/android/MASTG-TOOL-0111.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -title: Blutter -platform: android -source: https://github.com/worawit/blutter ---- - -[Blutter](https://github.com/worawit/blutter) is an open-source tool created to support the reverse engineering of Flutter applications. Unlike other Flutter tools, Blutter parses the libapp.so file locally, without requiring you to run the app on a device. The tool is compatible Linux, Windows, and macOS, but can only analyse Android ARM64 apps. Blutter is capable of extracting and analyzing Dart objects and it can generate Frida scripts for further analysis. - -This tool does require a specific environment to work, which can be found [here](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup).If you don’t want to setup the environment here is the docker support for the blutter tool. - -Use the apktool to Extract "lib" directory from apk file. - -```bash -python3 blutter.py path/to/app/lib/arm64-v8a out_dir -``` - -Reference: -[B(l)utter – Reversing Flutter Applications](https://www.youtube.com/watch?v=EU3KOzNkCdI) diff --git a/tools/android/MASTG-TOOL-0116.md b/tools/android/MASTG-TOOL-0116.md new file mode 100644 index 0000000000..84fdd2e085 --- /dev/null +++ b/tools/android/MASTG-TOOL-0116.md @@ -0,0 +1,47 @@ +--- +title: Blutter +platform: android +source: https://github.com/worawit/blutter +--- + +[Blutter](https://github.com/worawit/blutter) is an open-source tool created to support the reverse engineering of Flutter applications. Unlike other Flutter tools, Blutter parses the libapp.so file locally, without requiring you to run the app on a device. The tool is compatible Linux, Windows, and macOS, but can only analyse Android ARM64 apps. Blutter is capable of extracting and analyzing Dart objects, it provides annotations for instructions, including function names or pool objects when applicable, and it can generate Frida scripts for further analysis. + +This tool requires a specific environment to function. You can find the environment setup instructions [here](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, if you prefer not to set up the environment manually, you can use the Docker file provided below. + +``` +# reference: https://github.com/worawit/blutter/pull/50 + +# Use Ubuntu 23.10 as the base image +FROM ubuntu:23.10 + +# Update and upgrade the system +RUN apt-get update && \ + apt-get upgrade -y + +# Install necessary packages +RUN apt-get install -y \ + python3-pyelftools \ + python3-requests \ + git \ + cmake \ + ninja-build \ + build-essential \ + pkg-config \ + libicu-dev \ + libcapstone-dev + +# Clone the specified repository +RUN git clone https://github.com/worawit/blutter.git + +# Set the working directory to the cloned repository +WORKDIR /blutter + +# Entry point for running the specific command +ENTRYPOINT ["python3", "blutter.py"] + +# Default command arguments (can be overridden when running the container) +CMD ["/app/arm64-v8a", "/app/blutter_output"] +``` + +Reference: +[B(l)utter – Reversing Flutter Applications](https://www.youtube.com/watch?v=EU3KOzNkCdI) From 6ceb90adf0ffdf6224fd9036d946b3920d91a73d Mon Sep 17 00:00:00 2001 From: ScreaM <70141504+ScreaMy7@users.noreply.github.com> Date: Fri, 18 Oct 2024 14:09:39 +0530 Subject: [PATCH 06/12] added code block language --- tools/android/MASTG-TOOL-0116.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/android/MASTG-TOOL-0116.md b/tools/android/MASTG-TOOL-0116.md index 84fdd2e085..e02cebc500 100644 --- a/tools/android/MASTG-TOOL-0116.md +++ b/tools/android/MASTG-TOOL-0116.md @@ -8,7 +8,7 @@ source: https://github.com/worawit/blutter This tool requires a specific environment to function. You can find the environment setup instructions [here](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, if you prefer not to set up the environment manually, you can use the Docker file provided below. -``` +```yml # reference: https://github.com/worawit/blutter/pull/50 # Use Ubuntu 23.10 as the base image From 0692c5638a0f8c80d1047db093aa362964d15764 Mon Sep 17 00:00:00 2001 From: Jeroen Beckers Date: Mon, 4 Nov 2024 13:23:12 +0000 Subject: [PATCH 07/12] Remove docker script --- tools/android/MASTG-TOOL-0116.md | 35 -------------------------------- 1 file changed, 35 deletions(-) diff --git a/tools/android/MASTG-TOOL-0116.md b/tools/android/MASTG-TOOL-0116.md index e02cebc500..3784c937ab 100644 --- a/tools/android/MASTG-TOOL-0116.md +++ b/tools/android/MASTG-TOOL-0116.md @@ -8,40 +8,5 @@ source: https://github.com/worawit/blutter This tool requires a specific environment to function. You can find the environment setup instructions [here](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, if you prefer not to set up the environment manually, you can use the Docker file provided below. -```yml -# reference: https://github.com/worawit/blutter/pull/50 - -# Use Ubuntu 23.10 as the base image -FROM ubuntu:23.10 - -# Update and upgrade the system -RUN apt-get update && \ - apt-get upgrade -y - -# Install necessary packages -RUN apt-get install -y \ - python3-pyelftools \ - python3-requests \ - git \ - cmake \ - ninja-build \ - build-essential \ - pkg-config \ - libicu-dev \ - libcapstone-dev - -# Clone the specified repository -RUN git clone https://github.com/worawit/blutter.git - -# Set the working directory to the cloned repository -WORKDIR /blutter - -# Entry point for running the specific command -ENTRYPOINT ["python3", "blutter.py"] - -# Default command arguments (can be overridden when running the container) -CMD ["/app/arm64-v8a", "/app/blutter_output"] -``` - Reference: [B(l)utter – Reversing Flutter Applications](https://www.youtube.com/watch?v=EU3KOzNkCdI) From 3cc76391ab2f02525c7138858be750e515fd7a01 Mon Sep 17 00:00:00 2001 From: Jeroen Beckers Date: Mon, 4 Nov 2024 13:28:15 +0000 Subject: [PATCH 08/12] Remove docker file, process suggestion from Carlos --- tools/android/MASTG-TOOL-0116.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/tools/android/MASTG-TOOL-0116.md b/tools/android/MASTG-TOOL-0116.md index 3784c937ab..97d49e3b2f 100644 --- a/tools/android/MASTG-TOOL-0116.md +++ b/tools/android/MASTG-TOOL-0116.md @@ -1,12 +1,20 @@ --- title: Blutter platform: android +hosts: +- linux +- windows +- macos source: https://github.com/worawit/blutter --- -[Blutter](https://github.com/worawit/blutter) is an open-source tool created to support the reverse engineering of Flutter applications. Unlike other Flutter tools, Blutter parses the libapp.so file locally, without requiring you to run the app on a device. The tool is compatible Linux, Windows, and macOS, but can only analyse Android ARM64 apps. Blutter is capable of extracting and analyzing Dart objects, it provides annotations for instructions, including function names or pool objects when applicable, and it can generate Frida scripts for further analysis. +[Blutter](https://github.com/worawit/blutter) is an open-source tool created to support the reverse engineering of Flutter applications. Unlike other Flutter tools, Blutter parses the libapp.so file statically, without requiring you to run the app on a device. Blutter can: -This tool requires a specific environment to function. You can find the environment setup instructions [here](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, if you prefer not to set up the environment manually, you can use the Docker file provided below. +- Extracte and analyze Dart objects +- Provides annotations for instructions, including function names or pool objects where applicable +- Generate Frida scripts for further analysis + +This tool requires a specific environment to function, which is explained in the [setup instructions](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, a [convenient Docker file can be found a PR](https://github.com/worawit/blutter/pull/50). Reference: [B(l)utter – Reversing Flutter Applications](https://www.youtube.com/watch?v=EU3KOzNkCdI) From 78467bd9cf33d6a7b3646cb595389126dfb012fd Mon Sep 17 00:00:00 2001 From: Jeroen Beckers Date: Mon, 4 Nov 2024 13:28:55 +0000 Subject: [PATCH 09/12] Typo --- tools/android/MASTG-TOOL-0116.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/android/MASTG-TOOL-0116.md b/tools/android/MASTG-TOOL-0116.md index 97d49e3b2f..70ca92e716 100644 --- a/tools/android/MASTG-TOOL-0116.md +++ b/tools/android/MASTG-TOOL-0116.md @@ -11,7 +11,7 @@ source: https://github.com/worawit/blutter [Blutter](https://github.com/worawit/blutter) is an open-source tool created to support the reverse engineering of Flutter applications. Unlike other Flutter tools, Blutter parses the libapp.so file statically, without requiring you to run the app on a device. Blutter can: - Extracte and analyze Dart objects -- Provides annotations for instructions, including function names or pool objects where applicable +- Provide annotations for instructions, including function names or pool objects where applicable - Generate Frida scripts for further analysis This tool requires a specific environment to function, which is explained in the [setup instructions](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, a [convenient Docker file can be found a PR](https://github.com/worawit/blutter/pull/50). From fe0dab0f4705bb85bf61fa4cf4f9d41a8d6d9acb Mon Sep 17 00:00:00 2001 From: Jeroen Beckers Date: Mon, 4 Nov 2024 13:29:34 +0000 Subject: [PATCH 10/12] Grammar --- tools/android/MASTG-TOOL-0116.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/android/MASTG-TOOL-0116.md b/tools/android/MASTG-TOOL-0116.md index 70ca92e716..8f1622dafa 100644 --- a/tools/android/MASTG-TOOL-0116.md +++ b/tools/android/MASTG-TOOL-0116.md @@ -14,7 +14,7 @@ source: https://github.com/worawit/blutter - Provide annotations for instructions, including function names or pool objects where applicable - Generate Frida scripts for further analysis -This tool requires a specific environment to function, which is explained in the [setup instructions](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, a [convenient Docker file can be found a PR](https://github.com/worawit/blutter/pull/50). +This tool requires a specific environment to function, which is explained in the [setup instructions](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, a [convenient Docker file can be found in a PR](https://github.com/worawit/blutter/pull/50). Reference: [B(l)utter – Reversing Flutter Applications](https://www.youtube.com/watch?v=EU3KOzNkCdI) From dee0e72ca1dd78735f119c4764b2703579b62bd7 Mon Sep 17 00:00:00 2001 From: Jeroen Beckers Date: Mon, 4 Nov 2024 15:45:57 +0100 Subject: [PATCH 11/12] typo and fix --- tools/android/MASTG-TOOL-0116.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tools/android/MASTG-TOOL-0116.md b/tools/android/MASTG-TOOL-0116.md index 8f1622dafa..0c7c11f9a5 100644 --- a/tools/android/MASTG-TOOL-0116.md +++ b/tools/android/MASTG-TOOL-0116.md @@ -10,11 +10,10 @@ source: https://github.com/worawit/blutter [Blutter](https://github.com/worawit/blutter) is an open-source tool created to support the reverse engineering of Flutter applications. Unlike other Flutter tools, Blutter parses the libapp.so file statically, without requiring you to run the app on a device. Blutter can: -- Extracte and analyze Dart objects +- Extract and analyze Dart objects - Provide annotations for instructions, including function names or pool objects where applicable - Generate Frida scripts for further analysis This tool requires a specific environment to function, which is explained in the [setup instructions](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, a [convenient Docker file can be found in a PR](https://github.com/worawit/blutter/pull/50). -Reference: -[B(l)utter – Reversing Flutter Applications](https://www.youtube.com/watch?v=EU3KOzNkCdI) +More information is available in the [B(l)utter – Reversing Flutter Applications presentation](https://www.youtube.com/watch?v=EU3KOzNkCdI). \ No newline at end of file From b7899cb5585a0ae2e074f155422809c821add339 Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Mon, 4 Nov 2024 18:50:50 +0100 Subject: [PATCH 12/12] Update tools/android/MASTG-TOOL-0116.md --- tools/android/MASTG-TOOL-0116.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/android/MASTG-TOOL-0116.md b/tools/android/MASTG-TOOL-0116.md index 0c7c11f9a5..52ee64e874 100644 --- a/tools/android/MASTG-TOOL-0116.md +++ b/tools/android/MASTG-TOOL-0116.md @@ -16,4 +16,4 @@ source: https://github.com/worawit/blutter This tool requires a specific environment to function, which is explained in the [setup instructions](https://github.com/worawit/blutter?tab=readme-ov-file#environment-setup). Alternatively, a [convenient Docker file can be found in a PR](https://github.com/worawit/blutter/pull/50). -More information is available in the [B(l)utter – Reversing Flutter Applications presentation](https://www.youtube.com/watch?v=EU3KOzNkCdI). \ No newline at end of file +More information is available in the [B(l)utter – Reversing Flutter Applications presentation](https://www.youtube.com/watch?v=EU3KOzNkCdI).