更新 frida抓包.md
parent
c8b014e457
commit
27631b814a
20
frida抓包.md
20
frida抓包.md
|
|
@ -37,3 +37,23 @@ pip install frida-tools
|
||||||
frida-ps -U | grep "包名"
|
frida-ps -U | grep "包名"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## 运行 r0capture.py
|
||||||
|
|
||||||
|
```bash
|
||||||
|
python r0capture.py -U 前面记录的目标应用包名 -p xxx.pcap
|
||||||
|
```
|
||||||
|
|
||||||
|
```
|
||||||
|
python3 r0capture/r0capture.py -U com.vmall.client -p com.vmall.client.pcap
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
其中 -p 参数用来保存抓包结果,.pcap 是数据报存储格式,包括 Wireshark 在内的很多主流抓包软件都可以生成或者导入 pcap 数据包并分析
|
||||||
|
|
||||||
|
如果中途提示 hexdump 名称错误,pip 安装一下即可
|
||||||
|
|
||||||
|
```bash
|
||||||
|
pip install hexdump
|
||||||
|
```
|
||||||
|
|
||||||
|
|
|
||||||
Reference in New Issue