wsy182
/
hook-frida
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

创建 hook_conversions.js

master
wangsiyuan 2023-11-06 17:02:12 +08:00
parent 1e80a8067b
commit 8aa5351ccc
1 changed files with 197 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

197
scripts/hook_conversions.js Normal file
View File

@ -0,0 +1,197 @@
log_info("Script loaded successfully");
// hook_okhttp_client()
if (Java.available) {
hook_json()
let class_name = "okhttp3.OkHttpClient"
if (check_class(class_name)){
hook_okhttp_client()
}
Java.perform(function () {
log_info("start hook java.net.URL");
var URL = Java.use('java.net.URL');
URL.$init.overload('java.lang.String').implementation = function (spec) {
// console.log("URL request:" + spec)
log_info("URL request: " + spec)
if (spec.includes("appsflyer")) {
// console.log("URL request: " + spec);
if (spec.includes("conversions")) {
var stackTrace = Java.use('java.lang.Exception').$new().getStackTrace().toString();
// console.log(stackTrace);
}
}
return this.$init(spec);
};
});
}
function printMethods(className) {
log_info("start print methods.")
var jclass = Java.use(className);
var methods = jclass.class.getDeclaredMethods();
console.log("Printing methods of " + className + ":\n");
methods.forEach(function (method) {
// console.log(method);
log_info("The methods under the class" + className + " are: " + method);
});
}
function hook_okhttp_client() {
if (Java.available) {
Java.perform(function () {
log_info("start hook_okhttp_client.")
try {
var OkHttpClient = Java.use("okhttp3.OkHttpClient");
OkHttpClient.newCall.overload('okhttp3.Request').implementation = function (request) {
var requestUrl = request.url();
if (requestUrl) {
console.log("OkHttp Request URL: " + requestUrl.toString());
} else {
console.log("OkHttp Request URL is not available");
}
console.log("OkHttp Request Headers: " + request.headers().toString());
if (request.method() == "POST") {
console.log("OkHttp Request Body: " + request.body().contentType().toString());
}
var call = this.newCall(request);
var response = call.execute();
console.log("OkHttp Response: " + response.body().string());
return call;
};
} catch (e) {
console.log("Error hooking OkHttp: " + e);
}
});
}
}
function hook_HttpURLConnection_stream() {
console.log("start hook_HttpURLConnection_stream")
if (Java.available) {
Java.perform(function () {
var HttpURLConnection = Java.use("java.net.HttpURLConnection");
HttpURLConnection.getOutputStream.implementation = function () {
var outputStream = this.getOutputStream();
var OutputStreamWrapper = Java.use("java.io.OutputStream");
var newOutputStream = Java.registerClass({
name: "CustomOutputStream",
superClass: OutputStreamWrapper,
methods: {
write: function (buffer, byteOffset, byteCount) {
var data = Array.prototype.slice.call(buffer.slice(byteOffset, byteOffset + byteCount));
console.log("Request data: " + String.fromCharCode.apply(null, data));
outputStream.write(buffer, byteOffset, byteCount);
}
}
});
return newOutputStream.$new(outputStream);
};
HttpURLConnection.getInputStream.implementation = function () {
var inputStream = this.getInputStream();
var InputStreamWrapper = Java.use("java.io.InputStream");
var newInputStream = Java.registerClass({
name: "CustomInputStream",
superClass: InputStreamWrapper,
methods: {
read: function (buffer, byteOffset, byteCount) {
var bytesRead = inputStream.read(buffer, byteOffset, byteCount);
if (bytesRead != -1) {
var data = Array.prototype.slice.call(buffer.slice(byteOffset, byteOffset + bytesRead));
console.log("Response data: " + String.fromCharCode.apply(null, data));
}
return bytesRead;
}
}
});
return newInputStream.$new(inputStream);
};
});
}
}
function hook_retrofit() {
Java.perform(function () {
var retrofitBuilder = Java.use("retrofit2.Retrofit$Builder");
retrofitBuilder.build.implementation = function () {
var retrofit = this.build();
var httpClient = retrofit.callFactory().clone();
httpClient.interceptors().add(new Java.use('okhttp3.Interceptor')({
intercept: function (chain) {
console.log("HTTP Request -> " + chain.request().toString())
var response = chain.proceed(chain.request());
console.log("HTTP Response -> " + response.toString());
return response;
}
}))
return retrofit.newBuilder()
.callFactory(httpClient)
.build();
}
});
}
function hook_json() {
Java.perform(function () {
var JSONObject = Java.use('org.json.JSONObject');
JSONObject.toString.overload().implementation = function () {
var result = this.toString.call(this);
// get_conversions(result)
// log_info("Serialized JSONObject: " + result)
return result;
};
});
}
function log_info(messages) {
const now = new Date();
const year = now.getFullYear();
const month = String(now.getMonth() + 1).padStart(2, '0'); // Months are 0-based
const day = String(now.getDate()).padStart(2, '0');
const hours = String(now.getHours()).padStart(2, '0');
const minutes = String(now.getMinutes()).padStart(2, '0');
const seconds = String(now.getSeconds()).padStart(2, '0');
const milliseconds = String(now.getMilliseconds()).padStart(3, '0');
const timestamp = `${year}-${month}-${day} ${hours}:${minutes}:${seconds}:${milliseconds}`;
console.log(`${timestamp} - ${messages}`);
send(`${timestamp} - ${messages}`);
}
function check_class(class_name) {
var classFound = false; // 默认为未找到
Java.enumerateLoadedClasses({
onMatch: function(currentClassName) {
if (currentClassName === class_name) {
classFound = true; // 如果找到了类则设置为true
}
},
onComplete: function() {
if (classFound) {
log_info(class_name + " has been loaded!");
} else {
log_info(class_name + " has not been loaded yet.");
}
}
});
return classFound;
}
recv('input_data', function(payload) {
console.log(typeof(payload))
console.log(JSON.stringify(payload))
console.log('Received data from Python: ' + payload.payload.data);
});