Endoscope - Unpacking Android Apps with VM-Based Obfuscation

Explore the challenges and solutions in reverse-engineering Android apps that use code virtualization for protection in this 29-minute Black Hat conference talk. Delve into the complexities of deciphering virtual machine mechanisms for fetching and executing instructions, and understand why common tools like jadx and IDA struggle with recognizing custom VM instructions. Learn from experts Fan Wu and Xuankai Zhang as they unpack the intricacies of VM-based obfuscation in mobile applications and discuss potential approaches to overcome these reverse-engineering hurdles.

Endoscope: Unpacking Android Apps with VM-Based Obfuscation