Jump to content

Recommended Posts

Posted (edited)

I found a value in Game located at  libgame.so + 0x8AE13.

But when I would open lib in IDA what should be base address to which I have to add this offset to find that value?

would it be 0000000 OR something else

Edited by Un_Known

Share this post


Link to post
Share on other sites

Base address + 8ae13.

Sometime base address is not a zero.

Share this post


Link to post
Share on other sites
Posted (edited)
1 hour ago, Un_Known said:

I found a value in Game located at  libgame.so + 0x8AE13.

But when I would open lib in IDA what should be base address to which I have to add this offset to find that value?

would it be 0000000 OR something else

 

1 hour ago, Enyby said:

Base address + 8ae13.

Sometime base address is not a zero.

So i loaded lib in IDA it start from 00000000 and ends at 00378A98.

Load segment 00000000-00064994

.plt segment 00064994-00065308

.text segment 00065308-002DCABC  and so on.

So here what should be my base address to which offset shouls be added!

I think it should be 00000000  but want any  further confirmation!

@Enyby

Edited by Un_Known

Share this post


Link to post
Share on other sites
50 minutes ago, Un_Known said:

 

So i loaded lib in IDA it start from 00000000 and ends at 00378A98.

Load segment 00000000-00064994

.plt segment 00064994-00065308

.text segment 00065308-002DCABC  and so on.

So here what should be my base address to which offset shouls be added!

I think it should be 00000000  but want any  further confirmation!

@Enyby

I got answers thnx  everyone.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By Un_Known
      While lib files on android can be analysed statically very easily but dynamic lib debugging is also another option to get to know what is happening during runtime.
      When static analysis may take up alot of time dynamic analysis is always a better option!
      So how to debug libs?
      lib files are not independent they need a running process to be debugged.
      Let's Start:
      Perquisites:
      IDA PRO
      ADB 
      Rooted Device
      USB cable
      Note: Enable usb debugging
      And don't select Filetransfer mode select PTP mode otherwise device won't be listed by ADB
      Google if you don't Know how to Connect  to PC using ADB
      Now
      Load lib in IDA PRO first which is to be analysed.
      Now connect your device to PC over ADB 
      Go to IDA PRO installation directory and from folder dbgsrv copy file android_server to adb folder
      And execute following commands:
      adb devices  [To make sure device is connected ]
      adb push android_server /local/data/tmp
      adb shell
      su
      cd /data/local/tmp
      ll [To Get list of files incurrent  directory]
      chmod 755 android_server 
      ./android_server
      Minimizethe windows where android_server is running and open a new command prompt window and run following command:
      adb forward tcp:23946 tcp:23946
       
      select the "Remote ARM Linux/Android debugger", go into "ProcessOptions" in the debugger menu, and set the hostname to localhost.And port : 23946
      Now Run the apk on your device from which this lib was extracted!
      And In IDA go to:
      Debugger menu Choose attach to process and from list of processes select the process of your apk.
      Thnx 
      Any correction and suggetion would be welcomed!
       
    • By Un_Known
      Can somebody explain following post indexing example from ARM 
      instruction set
      LDR  r0, [r1] ,r2,  lsl#3
    • By Un_Known
      Can anybody explain logic here 
      It's ARM instruction set:
      Here dword_36BD38 is uninitialized variable in .bss section
      LDR       R3, =(dword_36BD38 - 0x19D86C) 
      ADD      R3, PC, R3  ; dword_36BD38
      CMP      R0, #0
      STR       R0, [R3]
      MOVLT   R2, #0x7FFFFFFF
      STRLT     R2, [R3]
      I have a little idea what's happening here but couldn't understand whole logic!
    • By RevealedSoulEven
      how can i use ida pro to hack games like free fire and how to download hxd tools?
    • By RogerAngell2018
      Great job with your new feature `record script` devs. It would be awesome if you guys make it to recognize offset. It is great feature to auto because sometimes the value we need to chage is not a constant but nearby values is. @Enyby@d2dyno
×
×
  • Create New...