B(l)utter - Reversing Flutter Applications - HITB2023HKT COMMSEC Day 2

Explore advanced techniques for reverse engineering Flutter applications in this comprehensive conference talk. Delve into the challenges of reading Dart snapshots and learn about a new methodology that leverages Dart runtime source code directly. Discover how this approach reduces compiling time and enables metadata extraction without launching Flutter applications. Gain insights into the types of information obtainable and their applications in the reverse engineering process. Get introduced to B(l)utter, an open-source tool that demonstrates this new approach, capable of automatically extracting metadata from Dart snapshots, analyzing compiled code, and generating Frida functions for hooking and data dumping in running Flutter applications. Presented by Worawit Wangwarunyoo, a security researcher specializing in Windows and Linux exploitation, this talk offers valuable knowledge for those interested in vulnerability research, exploit development, and reverse engineering.