Compare commits
2 Commits
7167780f0f
...
9ec56ced34
| Author | SHA1 | Date |
|---|---|---|
 wangsiyuan
|
9ec56ced34 | |
|
wangsiyuan
|
e949fdc3e5 |
|
|
@ -0,0 +1,40 @@
|
|||
log_info("Script loaded successfully");
|
||||
if (Java.available) {
|
||||
hook_json()
|
||||
Java.perform(function () {
|
||||
log_info("start hook java.net.URL");
|
||||
var URL = Java.use('java.net.URL');
|
||||
URL.$init.overload('java.lang.String').implementation = function (spec) {
|
||||
log_info("URL request: " + spec)
|
||||
return this.$init(spec);
|
||||
};
|
||||
});
|
||||
}
|
||||
|
||||
function log_info(messages) {
|
||||
const now = new Date();
|
||||
const year = now.getFullYear();
|
||||
const month = String(now.getMonth() + 1).padStart(2, '0'); // Months are 0-based
|
||||
const day = String(now.getDate()).padStart(2, '0');
|
||||
const hours = String(now.getHours()).padStart(2, '0');
|
||||
const minutes = String(now.getMinutes()).padStart(2, '0');
|
||||
const seconds = String(now.getSeconds()).padStart(2, '0');
|
||||
const milliseconds = String(now.getMilliseconds()).padStart(3, '0');
|
||||
|
||||
const timestamp = `${year}-${month}-${day} ${hours}:${minutes}:${seconds}:${milliseconds}`;
|
||||
|
||||
console.log(`${timestamp} - ${messages}`);
|
||||
send(`${timestamp} - ${messages}`);
|
||||
}
|
||||
|
||||
function hook_json() {
|
||||
Java.perform(function () {
|
||||
var JSONObject = Java.use('org.json.JSONObject');
|
||||
JSONObject.toString.overload().implementation = function () {
|
||||
var result = this.toString.call(this);
|
||||
// get_conversions(result)
|
||||
log_info("Serialized JSONObject: " + result)
|
||||
return result;
|
||||
};
|
||||
});
|
||||
}
|
||||
13
main.py
13
main.py
|
|
@ -30,7 +30,7 @@ def main(package_name,script_path,is_spawn):
|
|||
js_code = modules.files_utils.read_javascript(script_path)
|
||||
# print(js_code)
|
||||
modules.command.start_frida()
|
||||
modules.command.clearCache(package_name)
|
||||
# modules.command.clearCache(package_name)
|
||||
# 连接到USB设备
|
||||
device = frida.get_usb_device()
|
||||
print(device)
|
||||
|
|
@ -39,10 +39,10 @@ def main(package_name,script_path,is_spawn):
|
|||
print(f"进程pid: {pid}")
|
||||
process = device.attach(pid)
|
||||
script = process.create_script(js_code)
|
||||
script.on("message", on_message)
|
||||
# script.on("message", on_message)
|
||||
script.load()
|
||||
data_to_send = {'data': 'Hello from Python!'}
|
||||
script.post({'type': 'input_data', 'payload': data_to_send})
|
||||
# data_to_send = {'data': 'Hello from Python!'}
|
||||
# script.post({'type': 'input_data', 'payload': data_to_send})
|
||||
device.resume(pid) # 加载完脚本后, 恢复进程运行
|
||||
sys.stdin.read()
|
||||
else:
|
||||
|
|
@ -69,9 +69,10 @@ if __name__ == '__main__':
|
|||
# 目标进程名
|
||||
attach_process_name = "Navi"
|
||||
# 目标包名
|
||||
package_name = "com.msf.angelmobile"
|
||||
package_name = "com.tencent.qqmusic"
|
||||
# 注入的脚本路径
|
||||
script_path = "./hook_conversions.js"
|
||||
# script_path = "./hook_conversions.js"
|
||||
# script_path = "./r0capture/script.js"
|
||||
# script_path = "url_request.js"
|
||||
script_path = "hook_qqmusic.js"
|
||||
main(package_name,script_path, is_spawn)
|
||||
|
|
|
|||
Reference in New Issue