🤖 A modular and extendable Python tool for emulating simple SMALI code. 📱
PocketSmali is a Python tool designed to emulate small chunks of SMALI code.
Instructions covered:
const-string: Emulates the declaration of a string constant in SMALI code.const: Emulates the declaration of a numeric constant in SMALI code..local: Emulates the declaration of a local variable in SMALI code.invoke*: Emulates the invocation of a method in SMALI code, including different variants such asinvoke-virtual,invoke-direct,invoke-static, and others.move-result*: Emulates the handling of the result from a method invocation in SMALI code, including different variants such asmove-result,move-result-object,move-result-wide, and others.
Download and use as a Python package:
pip install git+https://github.com/user1342/PocketSmali.gitPocketSmali has been tested on Windows 11 and Ubuntu 22.04.2 LTS.
Simple, one instruction emulation:
from PocketSmali.Emulator import Emulator
emulator = Emulator()
emulator.emulate_smali_instruction('const-string v0, "TAG"')
print(str(emulator))SMALI code emulation:
from PocketSmali.Emulator import Emulator
code = '''
.method public printVar()Ljava/lang/String;
.locals 2
.line 28
const-string v0, "TAG"
const-string v1, "Hello World"
invoke-static {v0, v1}, Landroid/util/Log;->v(Ljava/lang/String;Ljava/lang/String;)I
.line 29
return-object v1
.end method'''
emulator = Emulator(is_verbose=True)
emulator.emulate_smali_code(code)Emulating from a SMALI file:
from PocketSmali.Emulator import Emulator
emulator = Emulator(is_verbose=True, smali_files_root_dir=r"MyApplication3\app\build\outputs\apk\debug\app-debug")
emulator.emulate_smali_method(r"MyApplication3\app\build\outputs\apk\debug\app-debug\smali_classes3\com\example\myapplication\MainActivity.smali","onCreate") Using breakpoints and stubs:
from PocketSmali.Emulator import Emulator
code = '''
.method public printVar()Ljava/lang/String;
.locals 2
.line 28
const-string v0, "TAG"
const-string v1, "Hello World"
invoke-static {v0, v1}, Landroid/util/Log;->v(Ljava/lang/String;Ljava/lang/String;)I
.line 29
return-object v1
.end method'''
def update_reg_v0(emulator):
emulator.runtime_env.set_register("v0","string-pool-2")
emulator = Emulator()
emulator.breakpoints[29] = update_reg_v0
emulator.add_stub("android/util/Log")
emulator.emulate_smali_code(code)
print(str(emulator))PocketSmali is both extendable and modular. To add handlers for other SMALI instructions, create a Python file in the opcode_handlers subfolder. Inside of this file, create a method that handles a specific instruction type - this method should take the parameters (opcode, operands, runtime_env, emulator). Then add to the dict_of_opcode_handlers dictionary in the Emulator class with the key being the name of the instruction and the value being a reference to your created method for handling it.
PocketSmali follows the Contributor Covenant Code of Conduct. Please make sure to review and adhere to this code of conduct when contributing to Obfu[DE]scate.
If you encounter a bug or have a suggestion for a new feature, please open an issue in the GitHub repository. Please provide as much detail as possible, including steps to reproduce the issue or a clear description of the proposed feature. Your feedback is valuable and will help improve PocketSmali for everyone.