Android Cheat Engine - LinEngine Introduction
<Android Cheat Engine - LinEngine Introduction >
LinEngine is a powerful analysis tool used for Android application analysis purposes.
It can be used for malware analysis, app protection solution analysis, mod app analysis, hacking of game/generic applications of our company (Penetration testing).
The Program is designed for this purpose and is the user's own responsibility.
The memory viewer can be used for various crash causes analysis and debugging purposes, and various plug-in functions are used for troublesome and difficult analysis.
It works the same way as frida and can bypass anti-debugging.
Feature
- Memory scan function
This function searches the internal memory of the application. (Similar to Windows cheat engine.)
- Memory Viewer
The memory value can be checked through the memory viewer. (Similar to Windows cheat engine.)
ARM, Thumb disassembly is provided.
- Cheat table function
It is a cheat table function that can modify the memory like a cheat engine and can be saved and loaded as a CT file.
- Memory dump
You can dump the memory by entering the memory address and size.
- Thread Viewer
The ability to search for and stop threads within a process. (Similar to Windows process hacker)
Plugin
- Routing bypass
This feature disables the ability to detect routing.
- Unity dump
Automatically dump and extract DLLs from Unity MONO games.
If it is an encrypted DLL, it can automatically extract the decrypted DLL.
-Debugger attach support
It helps to attach IDA by stopping the process for about 10 seconds before the SO loads. (For dynamic analysis)
- Dynamic DEX Extraction
Automatically extract hidden DEX files when loading.
Useful for extracting encrypted or hidden DEX without dynamic analysis.
- Unity DLL replacement
In Unity MONO games, you don't have to modify your DLL and sign it in your APK file,
Dynamically replacing DLLs reduces analysis time.
- Unity MTrace
This function traces the location of methods called from Unity MONO and IL2CPP.
- Speed Hack, Unity Speed Hack
The ability to manipulate the time function of the app.
Adjustable from 0.1 to 20.0 magnification.
- Hooking detector
This function automatically finds the location of the hooked function of a specific SO file.
It is easy to analyze the mod app.
- Frida linkage
This feature allows you to use the Lean Engine and the Frida framework at the same time.
One-click scripts can be applied directly on your PC without the hassle of setting up Python, installing Frida, and setting versions.
Linked with lean engine server, lean engine users can share and download Frida scripts with each other.
It can be easily hacked using the representative scripts such as SSL pinning and Rooting Byapss.
Example
- http://linforum.kr/bbs/board.php?bo_table=android&wr_id=193
- http://linforum.kr/bbs/board.php?bo_table=android&wr_id=205