apk-medit: memory search and patch tool on debuggable apk
Apk-medit is a memory search and patch tool for debuggable apk without root & ndk. It was created for mobile game security testing.
Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can be used casually like GameGuardian. However, there were no tools available for non-root devices and CUI. So I made it as a security testing tool.
Use the run-as command to read files used by the target app, so apk-medit can only be used with apps that have the debuggable attribute enabled. To enable the debuggable attribute, open AndroidManifest.xml, add the following xml attribute in application xml node:
After running the run-as command, the directory is automatically changed. So copy medit from /data/local/tmp/. Running medit launches an interactive prompt.
Here are the commands available in an interactive prompt.
Search the specified integer on memory.
You can also specify datatype such as string, word, dword, qword.
Filter previous search results that match the current search results.
Write the specified value on the address found by the search.
Find the target process and if there is only one, specify it as the target. ps runs automatically on startup.
If target pid set by ps, attach to the target process, stop all processes in the app by ptrace.
If the target pid is not set, it can be specified on the command line.
Detach from the attached process.
Display memory dump like hexdump.
To exit medit, use the exit command or Ctrl-D.
Copyright (C) 2020 Akatsuki Inc.