IDA
搜索
查找引用
Jadx
文本搜索
frida
新版用法
frida -H 10.0.0.253:8080 -l jd.js 京东
import frida, sys
def on_message(message, data):
if message["type"] == "send":
print("[*] {0}".format(message['payload']))
else:
print(message)
if __name__ == '__main__':
with open("../jd.js", "r", encoding="utf-8") as f:
jscode = f.read()
process = frida.get_device_manager().add_remote_device("10.0.0.253:8080")
print(process)
process = process.attach("京东")
script = process.create_script(jscode)
script.on('message', on_message)
print('[*] Running CTF')
script.load()
sys.stdin.read()
- hook不再使用包名,用进程中文名或者PID
- 查询PID
frida-ps -Uai
frida钩子 js脚本
Java.perform(() => {
var OkHttpClient = Java.use("okhttp3.OkHttpClient");
OkHttpClient.newCall.implementation = function (request) {
var result = this.newCall(request);
console.log("request >>> " + request.toString());
return result;
};
}
评论区