- zh_CN 简体中文
A Open HarmonyOS app/hap package analyze and REverse tool, compatible with HarmonyOS NEXT. Maybe pronounced like "ōli".
With ohre, you can (or will can) perform the following operations on a HarmonyOS app package (.app or .hap): file operations, information analysis, resource analysis, sensitive information detection, vulnerability detection, reverse analysis, etc.
tag: HarmonyOS, Open HarmonyOS, HarmonyOS NEXT, 鸿蒙 OS, hap, app
OHRE is a full python3 tool to play with HarmonyOS .app, .hap,.abc files. You can conduct a detailed investigation of a ArkTS runtime file which always ends with .abc (except logical code).
- .app
- .hap
- pack.json
- module.json
- resources analysis: resources.index, resources\base\*, etc
- Code file leakage detection: pattern of file names in a specific path, either in white or black
- Built-in and self-defined vulnerability and sensitive information detection rules based on yara
- xxx.abc (ArkTS reverse almost done except logical code)
- xxx.so (in progress)
Because it is still under testing, the debug log will be placed in
pwdby default, which is one of the requirements for creating a new issue.
As far as we know ohre is platform-independent, which means it can be used under Windows, Linux, and macOS with any CPU architecture.
pip install yara-python
pip install ohre # install from pip release version # for all users
# install as a python package locally # for debug and developers
pip install -e . # in the same folder as setup.py and .gitohre_demo.py is a demo that shows almost all usages. Check it and then maybe check the wiki(TBD).
python ohre_demo.py xxx.hap # run demo with HarmonyOS hap
python ohre_demo.py xxx.app # run demo with HarmonyOS app
python ohre_demo.py xxx.hap --resource_analysis # run demo with HarmonyOS hap and resource analysispython examples\abc_decompile.py name.abcpython examples\dis_demo.py xxx.abc.dis # put isa.yaml from arkcompiler_ets_runtime to ./ohre/abcre/dis/enum/isa.yamlPlease new an issue, participate in the discussion or make a PR.