MANIAC is a modern dynamic binary instrumentation engine for Android and Fuchsia.
See maniac_demo. The demo module hijacks the target application's rand() function and makes it return a fixed value of 1337.
maniac_manager: A Flutter-based frontend for managing modules.maniacd: Process-detection watchdog that monitorszygote.maniacj: The library injector module.maniacli: Set of command line tools for developing MANIAC modules.maniacrun: The IPC/bootstrap program.
The aims are similar, but implementation details greatly differ.
- MANIAC modules work further down the stack, as the engine primarily instruments native code as opposed to ART/Dalvik. Without the constraints of the process VM, MANIAC modules are far more capable.
- MANIAC requires no permanent modification of the host system, as it only needs a single root-privileged process to bootstrap the runtime environment.
The project is currently in a pre-alpha stage and no official modules repository exist as of yet. Refer to the maniac_demo project for building your own modules.
Users may install pre-programmed modules via MANIAC manager. maniacrun bootstraps the DBI environment by communicating with various sub-modules of MANIAC.
+----------+ +----------+
| manager | | maniacd |
+----------+ +----------+
| |
| on user command | on zygote fork
| |
V V
+-----------------------------------+
| maniacrun |
+-----------------------------------+
| with contol.json
+-------------------------+
| | |
V V V
+----------+ +----------+
| maniacj | ... | maniacx |
+----------+ +----------+
- initial public release
- libmaniac_gui
- initial Fuchsia support
- libmaniac_art
- libmaniac_mono
All of the components are free software released under the GNU General Public License (GPLv3) unless otherwise stated. Refer to the individual repository for more information.
- CydiaSubstrate (@saurik)
- Liberation (@Razzilient)
- Frida (frida.re)