Any LSPosed module hook method leaking tool done ✅
😂👍 We can dump Any Encrypted Xposed module all hook method haha
😂👍 We can dump Any Encrypted Xposed module all hook method haha
❤12❤🔥3🙈3
Everyone, drop your Xposed modules here so we can capture all hooked methods and leech everything in the comment box 🎁
Please open Telegram to view this post
VIEW IN TELEGRAM
🤓11❤1
Forwarded from MemTool
LibMem 2.1 Release.zip
23.6 MB
Version Code: 201
Changelog:
- Pointer Scanning
- Address Resolver
- Memory R/W
- Hex Calculator Mem
- BackTrace
- Symbols Explore + call
- Unity Lib-Tools ( Only For Unity Game This function automatic visible after you add this tool in any Unity game)
Changelog:
- Pointer Scanning
- Address Resolver
- Memory R/W
- Hex Calculator Mem
- BackTrace
- Symbols Explore + call
- Unity Lib-Tools ( Only For Unity Game This function automatic visible after you add this tool in any Unity game)
1❤17🥰3
Media is too big
VIEW IN TELEGRAM
MT Manager & NP Manager Bug
If tools like MT Manager or NP Manager load a DEX file into memory using a ClassLoader and then invoke its methods via reflection for tasks like string decryption there is a potential security risk A malicious actor could embed harmful code inside a DEX file. When this DEX is loaded at runtime especially using the application context it can execute hidden operations without the user’s awareness. This means a crafted virus DEX could run in memory, perform unauthorized actions, and possibly access file manager features of the app, behaving similar to a RAT Remote Access Tool. Therefore, users should be cautious and avoid using untrusted DEX files for string decoding or method execution as it may lead to device compromise
If tools like MT Manager or NP Manager load a DEX file into memory using a ClassLoader and then invoke its methods via reflection for tasks like string decryption there is a potential security risk A malicious actor could embed harmful code inside a DEX file. When this DEX is loaded at runtime especially using the application context it can execute hidden operations without the user’s awareness. This means a crafted virus DEX could run in memory, perform unauthorized actions, and possibly access file manager features of the app, behaving similar to a RAT Remote Access Tool. Therefore, users should be cautious and avoid using untrusted DEX files for string decoding or method execution as it may lead to device compromise
❤18😍4😁1
libso_controlflow(Assembly) Source Code.zip
21.2 MB
libso_controlflow (Assembly) Source Code.zip
Writer – @ispointer
This project encrypts your original assembly code inside a lib.so file. It then packs all symbols into a casting register. After the lib.so is loaded, all symbols are dynamically resolved and loaded.
Writer – @ispointer
This project encrypts your original assembly code inside a lib.so file. It then packs all symbols into a casting register. After the lib.so is loaded, all symbols are dynamically resolved and loaded.
❤17🥰3👌2
Aide NDK Builder Source Code.zip
2.2 MB
AIDE NDK Builder Source Code.zip
You can set any JNI folder path to directly build JNI projects. First, you need to install AIDE NDK. After that, you can configure any path and easily build any C++ JNI project.
Grabbed by @aantik_mods
You can set any JNI folder path to directly build JNI projects. First, you need to install AIDE NDK. After that, you can configure any path and easily build any C++ JNI project.
jni/*.cppGrabbed by @aantik_mods
❤9👌2🙈1
aob_pattern_generator(HEXSignature).zip
17.3 MB
Create a pattern for any assembly (hex signature)
#source_code
This project automatically ignores dynamically allocated instruction memory structures in assembly, processing them byte by byte (snapshot of EDL structure for x64)
#source_code
This project automatically ignores dynamically allocated instruction memory structures in assembly, processing them byte by byte (snapshot of EDL structure for x64)
❤4
wanted image generator ( Ai ).rar
2.6 MB
My old PHP project 😃
You can use this project to generate any image. It is part of my PHP learning journey
generate image - https://t.me/RevDexChat/2295
You can use this project to generate any image. It is part of my PHP learning journey
generate image - https://t.me/RevDexChat/2295
❤6
ZeroArt can hook directly (full mobile framework).
Thanks to Arjun bro he is the best contributor 😉
ZeroArt is a powerful low-level hooking framework. It is not like LSPosed; it works at a much lower level and hooks directly into ART pointers. This means ZeroArt can even hide ART pointer hooks 🤣. LSPosed is more limited compared to this because it cannot hide ART pointer trampoline hooks.
We are now adding a scripting language. Can anyone suggest which language would be best for scripting, so users can easily create hooks using ZeroArt, similar to LSPosed? What language do you think is best? Please comment
Thanks to Arjun bro he is the best contributor 😉
ZeroArt is a powerful low-level hooking framework. It is not like LSPosed; it works at a much lower level and hooks directly into ART pointers. This means ZeroArt can even hide ART pointer hooks 🤣. LSPosed is more limited compared to this because it cannot hide ART pointer trampoline hooks.
We are now adding a scripting language. Can anyone suggest which language would be best for scripting, so users can easily create hooks using ZeroArt, similar to LSPosed? What language do you think is best? Please comment
❤20😁5🤯4
Anyone can guess what is this 😁
I found a way to read Emulator VM Physical Memory externally. It seems most VMs share this same structure. Analyzing the PGM (Physical Memory) functions in the hypervisor DLL reveals exactly how the memory is mapped!
Credits @aantik_mods
I found a way to read Emulator VM Physical Memory externally. It seems most VMs share this same structure. Analyzing the PGM (Physical Memory) functions in the hypervisor DLL reveals exactly how the memory is mapped!
Credits @aantik_mods
❤17❤🔥4😁1
libffi.zip
120.9 KB
What is libffi?
Let me explain with an example
Imagine you are building an external injector system You have a C++ memory executable and a JNI-based menu. In this setup, you use a socket to connect the JNI menu and send memory read/write commands through it
But the question is why are you using sockets?
Sockets can introduce overhead and in some cases, they may cause latency. On low end devices, this can lead to lag or even increased CPU usage and heating.
However, instead of using sockets, you can use libffi in certain cases. With libffi, you can create a bridge between your executable and a shared library .so using FFI Foreign Function Interface. Since everything runs in the same process space, communication becomes faster and more efficient compared to inter process communication like sockets
In this case libffi allows direct function calls inside the same process, which can reduce overhead and improve performance compared to external socket based communication
FFI works like a wrapper inside the same process
It allows communication between different programming languages by acting as a bridge just like glue
FIFO ( Pipe )
In some cases if you want to communicate between a running .so library and an external executable another process, you can use FIFO.
What is FIFO?
FIFO First In, First Out is a type of pipe. It is used for inter-process communication IPC, allowing one process to send data to another.
In simple terms a FIFO pipe lets two different processes communicate with each other by reading and writing data through a shared channel
Let me explain with an example
Imagine you are building an external injector system You have a C++ memory executable and a JNI-based menu. In this setup, you use a socket to connect the JNI menu and send memory read/write commands through it
But the question is why are you using sockets?
Sockets can introduce overhead and in some cases, they may cause latency. On low end devices, this can lead to lag or even increased CPU usage and heating.
However, instead of using sockets, you can use libffi in certain cases. With libffi, you can create a bridge between your executable and a shared library .so using FFI Foreign Function Interface. Since everything runs in the same process space, communication becomes faster and more efficient compared to inter process communication like sockets
In this case libffi allows direct function calls inside the same process, which can reduce overhead and improve performance compared to external socket based communication
FFI works like a wrapper inside the same process
It allows communication between different programming languages by acting as a bridge just like glue
FIFO ( Pipe )
In some cases if you want to communicate between a running .so library and an external executable another process, you can use FIFO.
What is FIFO?
FIFO First In, First Out is a type of pipe. It is used for inter-process communication IPC, allowing one process to send data to another.
In simple terms a FIFO pipe lets two different processes communicate with each other by reading and writing data through a shared channel
❤18❤🔥4