hacktricks/mobile-pentesting/xamarin-apps.md

# Programu za Xamarin

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako inayotangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PR kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>

Hii ni muhtasari wa chapisho la blogu [https://www.appknox.com/security/xamarin-reverse-engineering-a-guide-for-penetration-testers](https://www.appknox.com/security/xamarin-reverse-engineering-a-guide-for-penetration-testers)

## **Taarifa Msingi**

Xamarin ni **jukwaa huria** lililoundwa kwa watengenezaji kuunda programu za iOS, Android, na Windows kwa kutumia fremu za .NET na C#. Jukwaa hili linafikia zana nyingi na nyongeza za kuunda programu za kisasa kwa ufanisi.

### Usanifu wa Xamarin

- Kwa **Android**, Xamarin inaunganisha na majina ya Android na Java kupitia vifurushi vya .NET, ikifanya kazi ndani ya mazingira ya utekelezaji ya Mono pamoja na Android Runtime (ART). Vifurushi vya Kuita vilivyosimamiwa (MCW) na Vifurushi vya Kuita vya Android (ACW) hufanikisha mawasiliano kati ya Mono na ART, ambayo yote yamejengwa kwenye kernel ya Linux.
- Kwa **iOS**, programu zinaendeshwa chini ya utekelezaji wa Mono, ikichanganya uongofu kamili wa Mbele ya Wakati (AOT) kuwa lugha ya usanifu ya ARM kutoka kwa nambari ya C# .NET. Mchakato huu unaendesha pamoja na Utekelezaji wa Objective-C kwenye kernel kama ya UNIX.

### .NET Runtime na Mono Framework

**Fremu ya .NET** inajumuisha vifurushi, darasa, na majina ya nafasi za maendeleo ya programu, na .NET Runtime inasimamia utekelezaji wa nambari. Inatoa uhuru wa jukwaa na utangamano wa nyuma. **Mono Framework** ni toleo huria la fremu ya .NET, ilianzishwa mwaka 2005 kuongeza .NET kwa Linux, sasa inayoungwa mkono na Microsoft na inayoongozwa na Xamarin.

### Kudukua Programu za Xamarin

#### Kudondoa Kificho cha Kukusanywa cha Xamarin

Kudondoa kificho cha kukusanywa hubadilisha kificho kilichokusanywa kuwa kificho cha chanzo. Katika Windows, dirisha la Moduli katika Visual Studio linaweza kutambua moduli za kudondoa, kuruhusu upatikanaji wa moja kwa moja wa nambari ya chanzo ya mtu wa tatu na uchimbaji wa kificho cha chanzo kwa uchambuzi.

#### Kompilisheni ya JIT vs AOT

- **Android** inasaidia Kompilisheni ya Mara tu-Inapo (JIT) na Kompilisheni ya Mbele ya Wakati (AOT), na hali ya Hybrid AOT kwa kasi bora ya utekelezaji. AOT kamili inapatikana tu kwa leseni za Enterprise.
- **iOS** inatumia tu Kompilisheni ya AOT kutokana na vizuizi vya Apple kwenye utekelezaji wa nambari ya kudumu.

### Kuchimbua Faili za dll kutoka APK/IPA

Ili kupata vifurushi katika APK/IPA, fungua faili na tafuta saraka za vifurushi. Kwa Android, zana kama [XamAsmUnZ](https://github.com/cihansol/XamAsmUnZ) na [xamarin-decompress](https://github.com/NickstaDB/xamarin-decompress) zinaweza kufungua faili za dll.
```bash
python3 xamarin-decompress.py -o /path/to/decompressed/apk
```
Kwa blobs za mkutano katika Android, [pyxamstore](https://github.com/jakev/pyxamstore) inaweza kuzifungua.
```bash
pyxamstore unpack -d /path/to/decompressed/apk/assemblies/
```
Faili za dll za iOS zinapatikana kwa urahisi kwa decompilation, zikifunua sehemu kubwa ya nambari ya programu, ambayo mara nyingi inashiriki msingi wa kawaida kati ya jukwaa tofauti.

### Uchambuzi wa Kudumu

Uchambuzi wa kudumu unahusisha ukaguzi wa SSL pinning na matumizi ya zana kama [Fridax](https://github.com/NorthwaveSecurity/fridax) kwa marekebisho ya wakati wa kukimbia ya .NET binary katika programu za Xamarin. Skrini za Frida zinapatikana kwa kuzidisha ugunduzi wa root au SSL pinning, kuongeza uwezo wa uchambuzi.

Skrini nyingine za Frida za kuvutia:

* [**xamarin-antiroot**](https://codeshare.frida.re/@Gand3lf/xamarin-antiroot/)
* [**xamarin-root-detect-bypass**](https://codeshare.frida.re/@nuschpl/xamarin-root-detect-bypass/)
* [**Frida-xamarin-unpin**](https://github.com/GoSecure/frida-xamarin-unpin)


## Taarifa Zaidi
* [https://www.appknox.com/security/xamarin-reverse-engineering-a-guide-for-penetration-testers](https://www.appknox.com/security/xamarin-reverse-engineering-a-guide-for-penetration-testers)
* [https://thecobraden.com/posts/unpacking\_xamarin\_assembly\_stores/](https://thecobraden.com/posts/unpacking\_xamarin\_assembly\_stores/)

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako inatangazwa katika HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi wa PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**The PEASS Family**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PR kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
Translated to Swahili 2024-02-11 02:13:58 +00:00			`# Programu za Xamarin`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
			`<details>`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
arte 2024-01-05 11:02:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`* Ikiwa unataka kuona kampuni yako inayotangazwa kwenye HackTricks au kupakua HackTricks kwa muundo wa PDF Angalia [MPANGO WA KUJIUNGA](https://github.com/sponsors/carlospolop)!`
			`* Pata [swag rasmi ya PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Gundua [Familia ya PEASS](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [NFTs](https://opensea.io/collection/the-peass-family) ya kipekee`
			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au [kikundi cha telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks_live).`
			`* Shiriki mbinu zako za kudukua kwa kuwasilisha PR kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repos za github.`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
			`</details>`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`Hii ni muhtasari wa chapisho la blogu [https://www.appknox.com/security/xamarin-reverse-engineering-a-guide-for-penetration-testers](https://www.appknox.com/security/xamarin-reverse-engineering-a-guide-for-penetration-testers)`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Taarifa Msingi`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Xamarin ni jukwaa huria lililoundwa kwa watengenezaji kuunda programu za iOS, Android, na Windows kwa kutumia fremu za .NET na C#. Jukwaa hili linafikia zana nyingi na nyongeza za kuunda programu za kisasa kwa ufanisi.`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Usanifu wa Xamarin`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`- Kwa Android, Xamarin inaunganisha na majina ya Android na Java kupitia vifurushi vya .NET, ikifanya kazi ndani ya mazingira ya utekelezaji ya Mono pamoja na Android Runtime (ART). Vifurushi vya Kuita vilivyosimamiwa (MCW) na Vifurushi vya Kuita vya Android (ACW) hufanikisha mawasiliano kati ya Mono na ART, ambayo yote yamejengwa kwenye kernel ya Linux.`
			`- Kwa iOS, programu zinaendeshwa chini ya utekelezaji wa Mono, ikichanganya uongofu kamili wa Mbele ya Wakati (AOT) kuwa lugha ya usanifu ya ARM kutoka kwa nambari ya C# .NET. Mchakato huu unaendesha pamoja na Utekelezaji wa Objective-C kwenye kernel kama ya UNIX.`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### .NET Runtime na Mono Framework`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Fremu ya .NET inajumuisha vifurushi, darasa, na majina ya nafasi za maendeleo ya programu, na .NET Runtime inasimamia utekelezaji wa nambari. Inatoa uhuru wa jukwaa na utangamano wa nyuma. Mono Framework ni toleo huria la fremu ya .NET, ilianzishwa mwaka 2005 kuongeza .NET kwa Linux, sasa inayoungwa mkono na Microsoft na inayoongozwa na Xamarin.`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Kudukua Programu za Xamarin`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`#### Kudondoa Kificho cha Kukusanywa cha Xamarin`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Kudondoa kificho cha kukusanywa hubadilisha kificho kilichokusanywa kuwa kificho cha chanzo. Katika Windows, dirisha la Moduli katika Visual Studio linaweza kutambua moduli za kudondoa, kuruhusu upatikanaji wa moja kwa moja wa nambari ya chanzo ya mtu wa tatu na uchimbaji wa kificho cha chanzo kwa uchambuzi.`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`#### Kompilisheni ya JIT vs AOT`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`- Android inasaidia Kompilisheni ya Mara tu-Inapo (JIT) na Kompilisheni ya Mbele ya Wakati (AOT), na hali ya Hybrid AOT kwa kasi bora ya utekelezaji. AOT kamili inapatikana tu kwa leseni za Enterprise.`
			`- iOS inatumia tu Kompilisheni ya AOT kutokana na vizuizi vya Apple kwenye utekelezaji wa nambari ya kudumu.`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Kuchimbua Faili za dll kutoka APK/IPA`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Ili kupata vifurushi katika APK/IPA, fungua faili na tafuta saraka za vifurushi. Kwa Android, zana kama [XamAsmUnZ](https://github.com/cihansol/XamAsmUnZ) na [xamarin-decompress](https://github.com/NickstaDB/xamarin-decompress) zinaweza kufungua faili za dll.`
a 2024-02-08 03:06:37 +00:00			```bash
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00			`python3 xamarin-decompress.py -o /path/to/decompressed/apk`
			```
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Kwa blobs za mkutano katika Android, [pyxamstore](https://github.com/jakev/pyxamstore) inaweza kuzifungua.`
a 2024-02-08 03:06:37 +00:00			```bash
Add information relevant to the Xamarin AssemblyStore The Xamarin AssemblyStore is the currently recommended way of packing Xamarin DLLs in Android applications. pyxstore will unpack the DLLs found in the assemblies.blob to perform further analysis. This commit describes that process in some detail. 2023-09-01 22:55:22 +00:00			`pyxamstore unpack -d /path/to/decompressed/apk/assemblies/`
			```
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Faili za dll za iOS zinapatikana kwa urahisi kwa decompilation, zikifunua sehemu kubwa ya nambari ya programu, ambayo mara nyingi inashiriki msingi wa kawaida kati ya jukwaa tofauti.`
Add information relevant to the Xamarin AssemblyStore The Xamarin AssemblyStore is the currently recommended way of packing Xamarin DLLs in Android applications. pyxstore will unpack the DLLs found in the assemblies.blob to perform further analysis. This commit describes that process in some detail. 2023-09-01 22:55:22 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Uchambuzi wa Kudumu`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Uchambuzi wa kudumu unahusisha ukaguzi wa SSL pinning na matumizi ya zana kama [Fridax](https://github.com/NorthwaveSecurity/fridax) kwa marekebisho ya wakati wa kukimbia ya .NET binary katika programu za Xamarin. Skrini za Frida zinapatikana kwa kuzidisha ugunduzi wa root au SSL pinning, kuongeza uwezo wa uchambuzi.`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Skrini nyingine za Frida za kuvutia:`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
			`* [xamarin-antiroot](https://codeshare.frida.re/@Gand3lf/xamarin-antiroot/)`
			`* [xamarin-root-detect-bypass](https://codeshare.frida.re/@nuschpl/xamarin-root-detect-bypass/)`
			`* [Frida-xamarin-unpin](https://github.com/GoSecure/frida-xamarin-unpin)`


Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Taarifa Zaidi`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00			`* [https://www.appknox.com/security/xamarin-reverse-engineering-a-guide-for-penetration-testers](https://www.appknox.com/security/xamarin-reverse-engineering-a-guide-for-penetration-testers)`
GITBOOK-4092: change request with no subject merged in GitBook 2023-09-24 09:51:34 +00:00			`* [https://thecobraden.com/posts/unpacking\_xamarin\_assembly\_stores/](https://thecobraden.com/posts/unpacking\_xamarin\_assembly\_stores/)`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
			`<details>`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
arte 2024-01-05 11:02:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`* Ikiwa unataka kuona kampuni yako inatangazwa katika HackTricks au kupakua HackTricks kwa muundo wa PDF Angalia [MPANGO WA KUJIUNGA](https://github.com/sponsors/carlospolop)!`
			`* Pata [swag rasmi wa PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Gundua [The PEASS Family](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [NFTs](https://opensea.io/collection/the-peass-family) za kipekee`
			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au [kikundi cha telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks_live).`
			`* Shiriki mbinu zako za kudukua kwa kuwasilisha PR kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
GITBOOK-4021: change request with no subject merged in GitBook 2023-07-31 15:59:11 +00:00
			`</details>`