增强现实AR>> hbctool>> 返回
项目作者: bongtrop

项目描述 :
Hermes Bytecode Reverse Engineering Tool (Assemble/Disassemble Hermes Bytecode)
高级语言: Python
项目地址: git://github.com/bongtrop/hbctool.git
创建时间: 2021-01-10T05:15:31Z
项目社区:https://github.com/bongtrop/hbctool
开源协议:MIT License
下载


hbctool

Python 3.x PyPI version Software License

A command-line interface for disassembling and assembling the Hermes Bytecode.

Since the React Native team created their own JavaScript engine (named Hermes) for running the React Native application, the JavaScript source code is often compiled to the Hermes bytecode. In the penetration test project, I found that some React Native applications have already been migrated to the Hermes engine. It is really head for me to analyze or patch those applications. Therefore, I created hbctool for helping any pentester to test the Hermes bytecode.

Hermes is an open-source JavaScript engine optimized for running React Native apps on Android. For many apps, enabling Hermes will result in improved start-up time, decreased memory usage, and smaller app size. At this time Hermes is an opt-in React Native feature, and this guide explains how to enable it.

Special thanks to ErbaZZ and Jusmistic for helping me research and develop this tool.

For more information, please visit:

https://suam.wtf/posts/react-native-application-static-analysis-en/

Screenshot

hbctool Example

This video with MP4 format can be found at /image/hbctool_example.mp4.

Installation

To install hbctool, simply use pip:

  1. pip install hbctool

Usage

Please run hbctool --help to show the usage.

  1. hbctool --help   
  2. A command-line interface for disassembling and assembling
  3. the Hermes Bytecode.
  5. Usage:
  6.     hbctool disasm <HBC_FILE> <HASM_PATH>
  7.     hbctool asm <HASM_PATH> <HBC_FILE>
  8.     hbctool --help
  9.     hbctool --version
  11. Operation:
  12.     disasm              Disassemble Hermes Bytecode
  13.     asm                 Assemble Hermes Bytecode
  15. Args:
  16.     HBC_FILE            Target HBC file
  17.     HASM_PATH           Target HASM directory path
  19. Options:
  20.     --version           Show hbctool version
  21.     --help              Show hbctool help manual
  23. Examples:
  24.     hbctool disasm index.android.bundle test_hasm
  25.     hbctool asm test_hasm index.android.bundle

For Android, the HBC file normally locates at assets directory with index.android.bundle filename.

Support

hbctool currently supports the following Hermes Bytecode version:

Contribution

Feel free to create an issue or submit the merge request. Anyway you want to contribute this project. I’m very happy about it.

However, please run the unit test before submiting the pull request.

  1. cd hbctool
  2. python test.py

I use poetry to build this tool. To build it yourself, simply execute:

  1. poetry install
  2. poetry build
  3. pip install --force-reinstall dist/hbctool-<VERSION>-py3-none-any.whl

Next Step

  • Add the other Hermes bytecode versions
  • Create a class abstraction
  • Support overflow patching
  • Do all TODO, NOTE, FIXME in source code