binja_droidimg

Project Url: NWMonster/binja_droidimg
Introduction: Android/Linux vmlinux loader
More: Author   ReportBugs   
Tags:

vmlinux.py is a python script which can load vmlinux image in both IDA Pro and radare2.

vmlinux

vmlinux is a decompressed kernel image, personally I prefer to extract it from boot.img by binwalk. However, imgtool is another good choice.

./imgtool pixel_boot.img extract
lz4 -d extracted/kernel ./pixel_vmlinux

usage

IDA Pro

vmlinux.py        ->        C:\Program Files\IDA x.x\loaders\

radare2

r2 -i ./vmlinux.py ./test/pixel_vmlinux

Binary Ninja

ln -s /path/to/droidimg ~/.binaryninja/plugins/

Command Line

python ./vmlinux.py ./test/pixel_vmlinux

KASLR

In some cases, kernel image with KASLR enabled will populate relocation entries upon boot and leave them as 0 in image. fix_kaslr_4_4.c and fix_kaslr_samsung.c can fix these images by re-populating relocation entries with their original addresses.

Highly Recommended:Google Play 4.7 Star Android Developer Tools, Decompile, View Manifest, Open Debug Options Quickly

Apps
Android Developer Tools
Android Developer Tools Pro
About Me
Tools: TimeShining
GitHub: Trinea
Facebook: Dev Tools