blutter: Flutter Mobile Application Reverse Engineering Tool

by ddos · Published · Updated

B(l)utter

Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime

Currently, the application supports only Android libapp.so. Also, the application currently works only against recent Dart versions.

Install

This application uses the C++20 Formatting library. It requires a very recent C++ compiler such as g++>=13, Clang>=15.

Debian Unstable (gcc 13)

  • Install build tools and dependencies: apt install python3-pyelftools python3-requests git cmake ninja-build \
    build-essential pkg-config libicu-dev libcapstone-dev

Windows

  • Install latest Microsoft C/C++ Compiler with CMake tools
  • Install required libraries (libcapstone and libicu4c): python scripts\init_env_win.py
  • Start x64 Developer Command Prompt

macOS Ventura (clang 15)

  • Install XCode
  • Install clang 15 and the required tools: brew install llvm@15 cmake ninja pkg-config icu4c capstone
    pip3 install pyelftools requests

Clone the repo:

git clone https://github.com/worawit/blutter.git

Use

The blutter.py will automatically detect the Dart version from the flutter engine and call executable of blutter to get the information from libapp.so.

If the blutter executable for required Dart version does not exists, the script will automatically checkout Dart source code and compiling it.

Output files

  • asm/* libapp assemblies with symbols
  • blutter_frida.js the frida script template for the target application
  • objs.txt complete (nested) dump of Object from Object Pool
  • pp.txt all Dart objects in Object Pool

Directories

  • bin contains blutter executables for each Dart version in “blutter_dartvm<ver><os><arch>” format
  • blutter contains source code. need building against Dart VM library
  • build contains building projects which can be deleted after finishing the build process
  • dartsdk contains checkout of Dart Runtime which can be deleted after finishing the build process
  • external contains 3rd party libraries for Windows only
  • packages contains the static libraries of Dart Runtime
  • scripts contains python scripts for getting/building Dart

Copyright (c) 2023 Worawit Wangwarunyoo

Source: https://github.com/worawit/

Tags: blutterFlutter Mobile Application Reverse Engineering