凡墙总是门

感谢 frida envhttps://github.com/frida/frida-java-bridge/blob/master/lib/env.js IDA 判断 Thumb 指令集和 Arm 指令集 IDA - Options - General - number of opcode bytes - 设置为 4 此时查看 IDA VIew 中 opcode 的长度, 如果出现 2 个字节和 4 个字节的, 说明为 thumb 指令集 如果都是 4 个字节的, 说明是 arm 指令集; 在 Thumb 指令集下, inline hook 的偏移地址需要进行 +1 操作; 获取所有 JNI 函数函数地址通过 hook ArtMethod 的 RegisterNative 函数, 可以监控所有的静态注册和动态注册的 JNI 函数的地址; 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 ...

frida hook java Frida 启动attach 启动直接附加到指定包名的应用中 1frida -U com.kevin.android -l hook.js 直接附加到当前应用中 1frida -UF -l hook.js 1234567891011121314151617import sysimport timeimport fridadef on_message(message,data): print("message",message) print("data",data)device = frida.get_usb_device()session = device.attach("com.kevin.demo1")with open("./demo1.js","r") as f: script = session.create_script(f.read())script.on("message",on_message ...

d0de0a81ceb1a8638618f8ee50d5f654d83c71a5d095642c4c7bbc4ed99ea5a8daa8c55daa4af60548f8ba063d732767a8e1831285a62f02706eab7a8c5823440fa6cf0277077f200d5c391277ffd06354853d73111ab052f119bb2bb56bac2a70defcfc78ad364a691d298387e6085931a7c7a171144036233d10a29b425dc798b7d23d582b791a56a3734560ffd1de1678bfd0aea05b1514e1b04b9ab591367d86b74ce3a91bed93651d765e4211789de57d07d3a0e50abdb2d9fed4b750b0ae2bf14a4aa897e6d9202425528785f2043e85e97bc8a6b13213cbc5fdec690c4e016f8139978e82764d748392ec2d620b4b7917b8b75bc16 ...

d0de0a81ceb1a8638618f8ee50d5f654d83c71a5d095642c4c7bbc4ed99ea5a8daa8c55daa4af60548f8ba063d732767a8e1831285a62f02706eab7a8c5823440fa6cf0277077f200d5c391277ffd06354853d73111ab052f119bb2bb56bac2a70defcfc78ad364a691d298387e6085982db5da00b8e23c10a07339118589c1018277cc75c96f59047e531fe09752aed0ddc0d09227ba1a0eb2b0555f750b12f620bc6d45d1df435c3eb84192eae214b9af037bf321ef36ad49e9b71e7ba126297da5343642a7f36d52445386b004d1a2a140c8ed4fc741c96d40ff92346c9cc3610a2122f55613f5f9546cc413a5276a7d499055f75161b3 ...

d0de0a81ceb1a8638618f8ee50d5f654d83c71a5d095642c4c7bbc4ed99ea5a8e648934cfc0c5b2e0fbffdfcb92570622594d4c2601258a40723eec4cefcc8d8d2ca4f26054209ba44ff85bb57b378092cfb107f43734f1fe6e8f8f137c49706de3ab7b0896fb2e23da4cb71802703691e59da172aa9419d414cf5cde12f0eccddc296e03093c372163a7bb84a65ae384ceb8ac1ded338766211a7cc6d60543f527b943693518bff3a3a7f7d7c490d7f16832660ad1615a5e28203f7bd97c592596aae1a8d282c554d3182a0e10f533dfab49fc3d41f6ef6ac4e36b7f62bda7351d172dcad41132092745ed12c9f29801e8b59be1aaa516c0 ...

d0de0a81ceb1a8638618f8ee50d5f654d83c71a5d095642c4c7bbc4ed99ea5a81a26121cfbd09b3f787896e1d56da9248abdcf9c8f96d3d043fdcca7dfeceb45f4d53f4bef9452eb0dc58119daf22d3e0b1c8c153b4302d82d0090543059853c5be83072e34732df62f0106eab75d69e4589a35526378e20fa015606afd3503fa8b145441f68859c9f10ed545e4e6f0b65c689cd61cd87acec866e1e9860610c79de9fbad149ed155738c1dfe004fe6e5044ef1b44c86405f6821a191f6d047c96fe32f14917f63a7f74efe0bdd8389e75aadfff59a35440d13556a1aea8c5ff9d2c0c348dfabef4a589a7254560b5132ec05851303be0284 ...