Reverse Engineering Asked on March 12, 2021
I’ve come across an SQLite database (gmm_storage.db) used by Google Maps on Android, and I’m unsure as to how the data it contains is serialised. For example:
I’m saying serialised, as from the header 0xACED it appears to be a Java serialised object. However, as I have no idea what the serialised class actually looks like, I’ve been unable to deserialise it.
I’m also not entirely sure it’s standard Java serialisation, as I’ve tried a number of different tools, and Java itself, and all of them report that the stream is corrupt.
You can see some references to standard Java classes, such as java/util/Set, but also a lot of smaller references to things like ‘fic’, or ‘vot’. I’m guessing these are either obfuscated class names, or they are part of some kind of lookup/offset table.
My other guess is that as it’s a Google product, it’s probably using a Google serialisation library, like GSON or protobuf, but the data doesn’t look like either of those.
Anyone come across this before, or can shine some light on it?
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP