sci - Reverse engineering framework working at the assembly (SMALI) level.

sci – Reverse engineering framework working at the assembly (SMALI) level.

Legal Disclamer:
Usage of SCI for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Smali Code Injector (SCI)is an Automate assembly code (smali) injection within Android applications.

The initial ambition of this project was to automate stack trace injections within Android applications in order to facilitate my master thesis work. Being able to log and display applications’ runtime method calls along with their returned value greatly helps in reverse engineering complex applications by providing an insight into their logic and workflow.

Then, new features and payloads were progressively added in an attempt to create a framework fully capable of injecting any type of assembly code. Users familiar with Android development can easily implement compatible payloads. SCI is in charge of automating low level operation such as registers allocation, dependencie, type, etc.

Smali Code Injector (SCI)

Automation for a simpler world.
1. Code injections are performed at the assembly level (smali files) making the differenciation process between legit and modified applications complicated and time consuming – it would require considerable forensic work such as network, permissions, signature and code analysis -.
2. A high level overview of the steps involved during code injection is:
+++ Disassembling the application.
+++ Collecting relevant information about the application.
++++ Classes name.
++++ Methods name.
++++ Registers number and type.
++++ etc.
3. Editing the AndroidManifest.xml to add permissions, services and broadcastReceivers (depending on the payload requirements).
4. Injecting and tweaking up the selected payload within the targeted method(s). Some Android libraries are also injected in order to defeat obfuscation.
5. Reassembling and signing the app with a valid self-signed certificate.

+ Python 2.7.x
+ ApkTools and ADB