A powerful emulator for Samsung devices that supports both full-system emulation (QEMU) and CPU-level emulation (Unicorn Engine).
SamsEmung is an advanced emulation platform designed specifically for Samsung devices. It provides a flexible architecture that can switch between full-system emulation using QEMU and CPU-level emulation using Unicorn Engine, depending on your needs and available resources.
- Dual Emulation Paths: Automatically selects between QEMU (full-system) and Unicorn Engine (CPU-level)
- Samsung-Specific Components: Emulates Exynos SoCs, TouchWiz/One UI, Knox security features
- Device Support: Covers multiple Samsung Galaxy models (S6 through S10, Note series)
- Firmware Analysis: Extract and analyze boot.img, system dumps, and DTB files
- VirtualBox-Style UI: Intuitive interface for managing virtual devices
- Peripheral Emulation: Supports touchscreen, buttons, sensors, and other device-specific hardware
SamsEmung implements two distinct emulation paths:
┌──────────────────────────────┐ ┌──────────────────────────────┐
│ Host Machine │ │ Emulated Samsung Device │
├──────────────────────────────┤ ├──────────────────────────────┤
│ 1. Подготовка образов: │ │ │
│ - boot.img │ │ │
│ - system.dump │ │ │
│ - vendor.img │ │───mount─────► │
│ 2. Конфигурация QEMU: │ │ 3. Инициализация виртуального│
│ - Выбор машины: virt │ │ железа: │
│ - CPU: cortex-a78 │ │ - Загрузчик (U-Boot) │
│ - Память: 8G │ │ - Инициализация ядра │
│ - Устройства: │ │ - Монтирование разделов │
│ * virtio-gpu │ │ │
│ * virtio-blk │ │ │
│ │◄──IRQ/MMIO──┤ │
│ 4. Запуск эмуляции: │ │ 5. Загрузка Android: │
│ qemu-system-aarch64 ... │ │ - Init Process │
│ │◄─ADB/USB────┤ - Запуск Zygote│
│ 6. Взаимодействие: │ │ - Запуск TouchWiz │
│ - ADB подключение │ │ │
│ - Графический интерфейс │ │ │
└──────────────────────────────┘ └──────────────────────────────┘
┌──────────────────────────────┐ ┌──────────────────────────────┐
│ Host Application │ │ Emulated CPU (ARM64) │
├──────────────────────────────┤ ├──────────────────────────────┤
│ 1. Инициализация Unicorn: │ │ │
│ - Архитектура: ARM64 │ │ │
│ - Режим: ARM │ │ │
│ │───mem_map───► │
│ 2. Настройка памяти: │ │ 3. Загрузка кода: │
│ - Код: 0x80000000 │ │ - Чтение бинарника │
│ - Стек: 0x90000000 │ │ (например, из boot.img) │
│ - Данные: 0xA0000000 │ │ │
│ │◄──hook──────┤ │
│ 4. Регистрация хуков: │ │ 5. Выполнение инструкций: │
│ - Трассировка кода │ │ - Пошагово или блоками │
│ - Перехват SVC/SMC │ │ │
│ │◄──callback──┤ │
│ 6. Обработка исключений: │ │ 7. Эмуляция периферии: │
│ - Ручная эмуляция │ │ - Системные вызовы │
│ MMIO/регистров │ │ - Память/таймеры │
└──────────────────────────────┘ └──────────────────────────────┘
- Python 3.8+
- PyQt6
- QEMU 6.0+ (for full-system emulation)
- Unicorn Engine 2.0+ (for CPU-level emulation)
- Clone the repository:
git clone https://github.com/MrHacker117/SamsEmung.git
cd SamsEmung
- Install dependencies:
pip install -r requirements.txt
-
Install QEMU (optional, for full-system emulation):
-
Linux:
sudo apt install qemu-system-arm -
macOS:
brew install qemu -
Windows: Download from QEMU website
python main.py
- Click "New" in the toolbar
- Select a device model (e.g., Galaxy S10)
- Configure settings (memory, storage, etc.)
- Click "OK" to create the device
- Select a device from the list
- Click "Start" in the toolbar
- The emulator will launch using the appropriate emulation path
from dump_analyzer import analyze_dump
# Analyze a Samsung firmware dump
ui_version, device_model = analyze_dump("/path/to/dump")
print(f"Detected device: {device_model} running {ui_version}")The emulator can be configured through the UI or by editing the config.json file:
{
"qemu_path": "/usr/bin",
"dump_folder": "/path/to/dumps",
"virtual_memory": 2048,
"samsung_models": {
"SM-G900F": {
"name": "Galaxy S5",
"arch": "arm64",
"cpu": "cortex-a57",
"memory": 2048,
"display": {
"width": 1080,
"height": 1920,
"density": 480
}
}
}
}Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- QEMU project for the full-system emulation capabilities
- Unicorn Engine for the CPU emulation framework
- Samsung for creating the devices we're emulating
This project is not affiliated with, authorized by, endorsed by, or in any way officially connected with Samsung Electronics Co., Ltd., or any of its subsidiaries or affiliates. The official Samsung website can be found at www.samsung.com.