-
Notifications
You must be signed in to change notification settings - Fork 257
Expand file tree
/
Copy pathraptor_frida_android_debug.js
More file actions
71 lines (61 loc) · 2.67 KB
/
Copy pathraptor_frida_android_debug.js
File metadata and controls
71 lines (61 loc) · 2.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
/*
* raptor_frida_android_*.js - Frida snippets for Android
* Copyright (c) 2017 Marco Ivaldi <raptor@0xdeadbeef.info>
*
* Frida.re JS script snippets for Android instrumentation.
* See https://www.frida.re/ and https://codeshare.frida.re/
* for further information on this powerful tool.
*
* "We want to help others achieve interop through reverse
* engineering" -- @oleavr
*
* Many thanks to Maurizio Agazzini <inode@wayreth.eu.org>
* and Federico Dotta <federico.dotta@mediaservice.net>.
*
* Example usage:
* # frida -U -f com.xxx.yyy -l raptor_frida_android.js --no-pause
*/
setTimeout(function() { // avoid java.lang.ClassNotFoundException
Java.perform(function() {
// Debug some methods
var CryptoUtils = Java.use("com.target.app.CryptoUtils");
console.log("info: hooking class CryptoUtils");
var PrefUtils = Java.use("com.target.app.PrefUtils");
console.log("info: hooking class PrefUtils");
CryptoUtils.decrypt.overload("java.lang.String").implementation = function(arg0) {
console.warn("\n*** entered CryptoUtils.decrypt(java.lang.String arg0)");
var retval = this.decrypt.overload("java.lang.String").call(this, arg0);
console.log("\narg0: " + arg0);
console.log("\nretval: " + retval);
console.warn("\n*** exiting CryptoUtils.decrypt(java.lang.String arg0)");
return retval;
}
CryptoUtils.decrypt.overload("java.lang.String", "java.lang.String").implementation = function(arg0, arg1) {
console.warn("\n*** entered CryptoUtils.decrypt(java.lang.String arg0, java.lang.String arg1)");
var retval = this.decrypt.overload("java.lang.String", "java.lang.String").call(this, arg0, arg1);
console.log("\narg0: " + arg0);
console.log("arg1: " + arg1);
console.log("\nretval: " + retval);
console.warn("\n*** exiting CryptoUtils.decrypt(java.lang.String arg0, java.lang.String arg1)");
return retval;
}
// overload not really necessary here
CryptoUtils.genIv.overload().implementation = function() {
console.warn("\n*** entered CryptoUtils.genIv()");
var retval = this.genIv.overload().call(this);
console.log("\nretval: " + retval);
console.warn("\n*** exiting CryptoUtils.genIv()");
// XXX print IvParameterSpec | javax.crypto.spec.IvParameterSpec
return retval;
}
// overload not really necessary here
PrefUtils.saveUser.overload("java.util.List").implementation = function(arg0) {
console.warn("\n*** entered PrefUtils.saveUser(java.util.List arg0)");
var retval = this.saveUser.overload("java.util.List").call(this, arg0);
console.log("\narg0: " + arg0);
console.log("\nretval: " + retval);
console.warn("\n*** exiting PrefUtils.saveUser(java.util.List arg0)");
return retval;
}
});
}, 0);