Publications[Nullcon Berlin 2024] The complexity of reversing Flutter applications
Flutter is a cross-platform application development platform. With the same codebase, developers w
rite and compile native applications for Android, iOS, Windows, Linux...
For reverse engineers, it is a totally different story. Reversing Flutter applications is a nightm
are, because tools are not adapted yet. Flutter is natively obfuscated and Dart, its underlying pr
ogramming language, has several unique concepts which confuse disassemblers: presence of an Object
Pool, custom registers and calling convention, specific representation of small and medium intege
rs.
In this presentation, we explain how to make sense of the assembly code. We illustrate the talk b
y walking the audience towards the solution of a Dart challenge which was part of GreHack CTF 2023
. We run the program, parse the Dart AOT snapshot, and use Radare2 to disassemble it. We locate ac
cess to the Object Pool, which uses a custom register, and compute the reference to the accessed o
bjects. Finally, we uncover the creation of the flag and solve the challenge :)