hi, there.
.so is binary used in android application compiled from c or c++
I launched this in Ida I discovered it's using ollvm, there are deobfusctor available but I don't hava ida7.1 or ida7.2 (this .so is from armeabi-v7a)
also another script using Binary Ninja required full version else we can't access the api.
Anyway here's a function call from
base64 decrypt this, don't post the function name:
as you can see the function is hidden in .so and you need to find the decryptor.
If you able to deobfuscate it please show me how you do it.
Is there anyway to dump the memory instead of reading the .so binary?
or
Edited by ginmay, 10 October 2019 - 04:39 AM.