forked from CrackerCat/frida_app_hook
-
Notifications
You must be signed in to change notification settings - Fork 0
/
jingdong2.js
51 lines (46 loc) · 1.49 KB
/
jingdong2.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
Interceptor.attach(Module.findExportByName(null, "fopen"), {
onEnter: function(args) {
// console.log("fopen Interceptor attached onEnter...");
// console.log("fopen param0>>>>>>>" + args[0].readCString());
},
onLeave: function(args) {
// console.log("fopen Interceptor attached onLeave...");
}
})
var is_find_frida = false
Interceptor.attach(Module.findExportByName(null, "strstr"), {
onEnter: function(args) {
// console.log("strstr Interceptor attached onEnter...");
// console.log("strstr param0>>>>>>>" + args[0].readCString());
// console.log("strstr param1>>>>>>>" + args[1].readCString());
if (args[1].readCString().indexOf("frida")){
is_find_frida = true
}else{
is_find_frida = false
}
},
onLeave: function(retval) {
// console.log("strstr Interceptor attached onLeave..." + retval);
if (is_find_frida){
retval.replace(ptr("0x0"))
}
}
})
function abc(){
var base_address=Module.findBaseAddress('libjdbitmapkit.so')
if (base_address!=null){
console.log("param:ok");
var str;
Java.perform(function () {
str = Java.use("java.lang.String");
});
Interceptor.attach(new NativePointer(base_address.add(0x2598-1)), {
onEnter: function (args) {
console.log("param1>>>>>>>");
},
onLeave: function (retval) {
}
});
}
}
abc();