A common recommendation for reverse engineering Android apps is to start with a decompiler to Java (like JADX or JD-GUI) and look at Smali generated by baksmali for methods where they fail. In an obfuscated or just weird application, many methods can fail decompilation, forcing us back into the dark ages of reading text disassembly.
This presentation will release Banjo, a plugin for Binary Ninja that brings interactive disassembly features like references, graph mode, and a Python 3 API to Smali. Banjo also includes a standalone Smali disassembler that attempts to produce the same output format as baksmali. The presentation will also cover how to make Binary Ninja do things it wasn’t designed to do while disassembling a complex VM language. This includes details of why Android apps in particular posed a challenge, what workarounds were employed, and some undocumented features of Binary Ninja that can help you write your own plugins for other languages.
Austin Ralls is a pentester at Carve Systems, where he hacks things like IoT devices, Linux systems, binary protocols, networks, and Android apps. Outside of work he competes in CTFs with RPISEC.