VM

VM

Class managing minimalist smali VM and performing partial smali execution.

Constructor

new VM()

Source:

Members

__instance

Source:

Instance of the VM

Methods

(static) getInstance() → {VM}

Source:

To get an instance of the VM

Returns:

Returns an instance of the VM

Type
VM

changeContextLabel(pLabel)

Source:
Parameters:
Name Type Default Description
pLabel String root

cleanVisitedBlock()

Source:

To remove "visited" flags from basic blocks. It should be applied only to analyzed method, because it is involved into process making the pseudocode

defineHook(pMethodName, pHook)

Source:

To define a function called instead of specified method. It allows to hook internal Android method

Parameters:
Name Type Description
pMethodName String

The name of the method to hook
pHook function

The callback function

execHook(pMethod, pThis, pObj) → {Boolean}

Source:

To execute the hook associate to pMethod

Parameters:
Name Type Description
pMethod *
pThis *
pObj *
Returns:

TRUE if hook have been executed, else FALSE

Type
Boolean

execute(pInstrStack, pInstrOffset)

Source:

To execute an instruction into current context.

Context contains :

  • Heap Memory
  • Stack Memory
  • Class Loaders
  • Method Area
Parameters:
Name Type Description
pInstrStack Array.<Instruction>
pInstrOffset Integer

getMethodFromClass(pClass, pName, pArgs) → {Method}

Source:
Parameters:
Name Type Description
pClass Class
pName String
pArgs Array.<Symbol>
Returns:

The method with the corresponding signature, else NULL

Type
Method

getRegisterName(pReg)

Source:

To convert operand anonymous object from Instruction into register name

Parameters:
Name Type Description
pReg Object

importGlobalSymbols(pSymTab)

Source:
Deprecated:
  • Yes
Parameters:
Name Type Description
pSymTab *

initRegisters(pMethod, pLocalSize, pParamSize)

Source:
Deprecated:
  • Yes
Parameters:
Name Type Description
pMethod *
pLocalSize *
pParamSize *

invoke(pMethod, pObj, pArgs)

Source:
Parameters:
Name Type Description
pMethod Method
pObj VM_ClassInstance
pArgs Array.<Symbol>

Array of symbols containing arguments value or expr

isHooked(pMethod) → {Boolean}

Source:

To check if a hook exist into the VM for given method

Parameters:
Name Type Description
pMethod Method

An instance of Method
Returns:

Return TRUE if an hook is set, else FALSE

Type
Boolean

isImm(pSymbol) → {Boolean}

Source:

To check if the Symbol/register has concrete value

Parameters:
Name Type Description
pSymbol Symbol

The symbol to check
Returns:

TRUE if the symbol has concrete value, else FALSE

Type
Boolean

performBinaryOp(pOpCode, pType, pDest, pSrc)

Source:
Parameters:
Name Type Description
pOpCode *
pType *
pDest *
pSrc *

prepareLong(pRegister)

Source:
Parameters:
Name Type Description
pRegister *

readLog() → {Array.<String>}

Source:

To read all logs from the VM

Returns:

An array containing all log messages

Type
Array.<String>

reset()

Source:

To reset VM components related to context.

run(pStack, pDepth)

Source:
Parameters:
Name Type Default Description
pStack Array.<Object>
pDepth Integer 0

setConfig(pConfig)

Source:

To configure VM

Parameters:
Name Type Description
pConfig Object

Configuration of the VM

setSimplifyingLevel(pLevel)

Source:
Deprecated:
  • Yes
Parameters:
Name Type Description
pLevel *

softReset()

Source:

To reset context component related to code inside a method (soft reset) Warning: this function not remove static field modified during previous runtime or instances created previously.

It can help to improve performane

start(pMethod, pLevel)

Source:

To execute a method and to perform static analysis

Parameters:
Name Type Description
pMethod *
pLevel *

writeLog(pMessage)

Source:

To write a message into VM logs.

Parameters:
Name Type Description
pMessage String

The message to log