Android/Linux vmlinux loader

vmlinux.py is a python script which can load vmlinux image in both IDA Pro and radare2.

vmlinux

vmlinux is a decompressed kernel image, personally I prefer to extract it from boot.img by binwalk. However, imgtool is another good choice.

./imgtool pixel_boot.img extract
lz4 -d extracted/kernel ./pixel_vmlinux

usage

IDA Pro

vmlinux.py		->		C:\Program Files\IDA x.x\loaders\

radare2

r2 -i ./vmlinux.py ./test/pixel_vmlinux

Binary Ninja

ln -s /path/to/droidimg ~/.binaryninja/plugins/

Command Line

python ./vmlinux.py ./test/pixel_vmlinux

KASLR

In some cases, kernel image with KASLR enabled will populate relocation entries upon boot and leave them as 0 in image. fix_kaslr_4_4.c and fix_kaslr_samsung.c can fix these images by re-populating relocation entries with their original addresses.

Name		Name	Last commit message	Last commit date
Latest commit History 18 Commits
test		test
README.md		README.md
__init__.py		__init__.py
fix_kaslr_4_4.c		fix_kaslr_4_4.c
fix_kaslr_samsung.c		fix_kaslr_samsung.c
plugin.json		plugin.json
vmlinux.py		vmlinux.py
vmlinux_binaryview.py		vmlinux_binaryview.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

test

test

README.md

README.md

init.py

init.py

fix_kaslr_4_4.c

fix_kaslr_4_4.c

fix_kaslr_samsung.c

fix_kaslr_samsung.c

plugin.json

plugin.json

vmlinux.py

vmlinux.py

vmlinux_binaryview.py

vmlinux_binaryview.py

Repository files navigation

Android/Linux vmlinux loader

vmlinux

usage

IDA Pro

radare2

Binary Ninja

Command Line

KASLR

About

Releases

Packages

Languages

NWMonster/binja_droidimg

Folders and files

Latest commit

History

Repository files navigation

Android/Linux vmlinux loader

vmlinux

usage

IDA Pro

radare2

Binary Ninja

Command Line

KASLR

About

Topics

Resources

Stars

Watchers

Forks

Languages