frida

java层部分是抄https://zyzling.gitee.io/2020/05/12/Frida%E5%AD%A6%E4%B9%A0%E7%AC%94%E8%AE%B0/

还是真机使用吧

配置就不讲了

我将frida-server放在

/data/local/tmp

所以

    adb shell
    cd /data/local/tmp
su
./frida-server

常用命令

命令行相关

获取所有进程名称

frida-ps -U

获取所有进程包名

adb shell ps

启动 hook 即输入后会强制重启该app

frida -U -l [js] -f [包名]

附加hook

frida -U -l js脚本位置 包名

emm 除非自动打?否则感觉还是用js和命令行写方便

java层hook

Java.perform

相当于main

Java.perform(function(){
    //在这里面写Hook的代码
})

Java.choose

用于查找堆中指定类的实例。

声明为 Java.choose(className,callbacks)

可以用来找到实例后调用函数 面对动态函数时使用

Java.choose("top.zyzling.User",{
    onMatch:function(){
        //onMatch回调会在找到类的实例后调用，也就是说内存中有多少实例，就会调用多少次
    },
    onComplete:function(){
        //onComplete回调会在所有onMatch完成后调用
    }
})

Java.available

常用脚本

java层hook一个静态方法来调用so的静态方法

描述不清捏

hook这个函数

来调用这个

Java.perform(function () {
    var ClassName = Java.use('com.crackme.bbbbutton.MainActivity');
    console.log("Find ClassName Successfully!");//定位类成功！
    var jniclass = Java.use('com.crackme.bbbbutton.JniCheck');
    ClassName.a.implementation = function () {
        console.log("111111")
        var test = Java.array('byte', [0, 0, 0, 0, 0, 0, 0, 0, 2, 3, 2, 1, 1, 0, 3, 2])
        var t
        t = jniclass.check1(test)
        console.log(t)
        return false
    }
});

直接调用即可

调用so中的动态方法

console.log("111");
var trueValue =[3878, 3951, 4024, 4097, 4097, 4243, 4390, 4682, 4682, 4682, 4829, 4975, 4975, 5121, 5195, 5268, 5341, 5414, 5487, 5560, 5560, 5853, 5853, 5999, 6146, 6146, 6292, 6365, 6439, 6439, 6585, 6731, 6731, 6731, 7024, 7024, 7170, 7317, 7317, 7463, 7536, 7609, 7609, 7682, 7756, 7829, 7902, 7902, 7975, 8048, 8121, 8195, 8341, 8487, 8634, 8780, 9073, 9073, 9073, 9219, 9365, 9365, 9512, 9658, 9658, 9804, 9878, 9951, 9951, 10097, 10243, 10243, 10243, 10390, 10463, 10536, 10536, 10682, 10829, 10829, 10975, 11121, 11121, 11268, 11414, 11414, 11560, 11707, 11707, 11853, 11999, 11999, 11999, 12146, 12292, 12292, 12439, 12439, 12585, 12585, 12585, 12731, 12878, 12951, 13024, 13097, 13170, 13170, 13317, 13463, 13463, 13463, 13609, 13756, 13756, 13756, 13902, 14048, 14048, 14195, 14341, 14487, 14634, 14634, 14926, 14926, 14926, 15219, 15219, 15219, 15365, 15365, 15512, 15512, 15658, 15804, 15804, 15951, 16024, 16097, 16097, 16170, 16243, 16317, 16390, 16390, 16536, 16682, 16682, 16829, 16902, 16975, 16975, 17121, 17268, 17268, 17268, 17414, 17560, 17634, 17707, 17780, 17853, 17926, 17999, 18073, 18146, 18146, 18292, 18439, 18439, 18731, 18731, 18731, 18878, 19024, 19024, 19024, 19170, 19243, 19317, 19463, 19609, 19609, 19609, 19756, 19829, 19902, 20048, 20195, 20195, 20341, 20487, 20487, 20634, 20780, 20780, 20926, 21073, 21073, 21219, 21365, 21365, 21365, 21512, 21585, 21658, 21658, 21804, 21951, 21951, 21951, 22097, 22243, 22317, 22390, 22463, 22536, 22536, 22609, 22682, 22756, 22829, 22829, 22975, 23121, 23121, 23268, 23414, 23560, 23707, 23780, 23853, 23926, 23999, 23999, 24073, 24146, 24219, 24292, 24365, 24439, 24512, 24585, 24585, 24731, 24731, 24878, 24878, 24878, 25024, 25170, 25170, 25317, 25390, 25463, 25463, 25609, 25756, 25756, 25756, 25902, 25902, 26048, 26048, 26195, 26195, 26341, 26341, 26414, 26487, 26487, 26560, 26634, 26634, 26780, 26780, 26926, 27219, 27512, 27585, 27658, 27731, 27804, 27804, 28097, 28097, 28390, 28682, 28682, 28975, 29268, 29268, 29560, 29560, 29853, 29853, 30146, 30439, 30439, 30731, 31024, 31024, 31317, 31609, 31609, 31902, 32195, 32195, 32487, 32780, 32780, 32780, 33365, 33365, 33365, 33951, 33951, 34243, 34536, 34536, 34829, 35121, 35121, 35414, 35707, 35707, 35707, 35999, 36292, 36585, 36878, 36878, 37024, 37024, 37170, 37170, 37463, 37463, 37463, 37609, 37756, 37756, 37902, 38048, 38048, 38195, 38341, 38341, 38487, 38634, 38634, 38780, 38926, 39073, 39219, 39365, 39512, 39658, 39804, 39804, 39951, 40097, 40097, 40243, 40390, 40390, 40536, 40682, 40829, 40975, 40975, 41121, 41268, 41414, 41560, 41707, 41853, 41999, 42146, 42146, 42292, 42292, 42439, 42585, 42731, 42731, 42878, 42878, 43024, 43170, 43317, 43317, 43463, 43463, 43609, 43609, 43682, 43756, 43756, 43829, 43902, 43902, 44048, 44048, 44195, 44195, 44341, 44341, 44487, 44560, 44634, 44707, 44780, 44853, 44926, 44999, 45073, 45146, 45219, 45292, 45365, 45439, 45512, 45585, 45658, 45658, 45804, 45951, 45951, 46097, 46243, 46243, 46536, 46536, 46536, 46829, 46829, 46902, 46975, 47121, 47121, 47268, 47414, 47414, 47560, 47634, 47707, 47707, 47853, 47926, 47999, 47999, 48146, 48292, 48292, 48439, 48585, 48585, 48731, 48878, 48878, 49024, 49170, 49170, 49243, 49317, 49463, 49463, 49609, 49756, 49756, 49902, 49975, 50048, 50048, 50121, 50195, 50268, 50341, 50341, 50487, 50487, 50707, 50707, 50926, 50926, 51073, 51219, 51365, 51512, 51512, 51585, 51658, 51804, 51804, 51951, 52097, 52097, 52170, 52243, 52317, 52390, 52390, 52536, 52609, 52682, 52682, 52829, 52975, 52975, 53121, 53268, 53268, 53414, 53560, 53560, 53707, 53853, 53853, 53926, 53999, 54073, 54146, 54146, 54219, 54292, 54365, 54439, 54439, 54512, 54585, 54658, 54731, 54731, 54878, 54878, 55024, 55024, 55024, 55317, 55317, 55317, 55609, 55609, 55609, 55902, 55902, 55902, 56195, 56268, 56341, 56487, 56487, 56634, 56780, 56780, 56926, 56999, 57073, 57073, 57219, 57292, 57365, 57365, 57512, 57658, 57658, 57804, 57951, 57951, 58097, 58243, 58243, 58390, 58536, 58536, 58609, 58682, 58829, 58829, 58975, 59121, 59121, 59268, 59341, 59414, 59414, 59560, 59634, 59707, 59707, 59853, 59926, 59999, 59999, 60073, 60292, 60292, 60439, 60585, 60585, 60731, 60878, 60878, 60951, 61024, 61024, 61170, 61170, 61317, 61317, 61463, 61463, 61463, 61536, 61609, 61609, 61756, 61756, 61902, 61902, 62048, 62048, 62048, 62121, 62195, 62195, 62341, 62341, 62414, 62487, 62560, 62634, 62634, 62780, 62780, 62926, 62926, 63073, 63073, 63219, 63219, 63292, 63365, 63439, 63512, 63512, 63585, 63658, 63731, 63804, 63804, 63878, 63951, 64024, 64097, 64097, 64170, 64243, 64317, 64390, 64390, 64536, 64536, 64609, 64682, 64829, 64975, 65121, 65268, 65414, 65560, 65560, 65707, 65853, 65999, 66146, 66146, 66439, 66585, 66878, 67170, 67317, 67317, 67609, 67902, 68048, 68195, 68341, 68487, 68487, 68780, 68926, 69073, 69219, 69365, 69512, 69658, 69658, 69804, 69951, 70243, 70390, 70536, 70682, 70829, 70829, 71121, 71268, 71560, 71853, 71999, 71999, 72292, 72585, 72731, 72878, 73024, 73170, 73317, 73463, 73609, 73609, 73756, 73975, 74195, 74341, 74341, 74634, 74707, 74780, 74926, 74926, 75073, 75073, 75219, 75219, 75219, 75365, 75512, 75512, 75658, 75658, 75804, 75804, 75804, 75951, 76097, 76097, 76390, 76390, 76390, 76536, 76682, 76682, 76829, 76829, 76975, 76975, 76975, 77268, 77268, 77414, 77560, 77560, 77561, 77707, 77853, 77853, 77999, 77999, 78146, 78146, 78146, 78292, 78439, 78439, 78731, 78732, 78732, 78878, 79024, 79024, 79170, 79171, 79317, 79317, 79463, 79609, 79609, 79756, 79902, 79902, 80048, 80195, 80341, 80341, 80487, 80487, 80634, 80780, 80780, 80926, 80926, 81073, 81073, 81073, 81219, 81365, 81512, 81512, 81658, 81658, 81658, 81951, 81951, 81951, 82097, 82243, 82243, 82390, 82536, 82682, 82682, 82829, 82829, 82829, 82975, 83121, 83121, 83268, 83414, 83414, 83560, 83707, 83853, 83853, 83999, 83999, 83999, 84292, 84292, 84365, 84439, 84512, 84585, 84585, 84731, 84804, 84878, 84878, 84951, 85024, 85097, 85170, 85170, 85317, 85390, 85463, 85463, 85536, 85609, 85682, 85756, 85756, 85829, 85902, 85975, 86048, 86048, 86121, 86195, 86268, 86341, 86341, 86487, 86634, 86634, 86707, 86780, 86853, 86926, 86926, 87073, 87146, 87219, 87219, 87292, 87365, 87439, 87512, 87512, 87658, 87804, 87804, 87878, 87951, 88024, 88097, 88097, 88170, 88243, 88317, 88390, 88390, 88536, 88609, 88682, 88682, 88829, 88975, 88975, 89121, 89121, 89268, 89268, 89414, 89414, 89560, 89560, 89707, 89707, 89853, 89853, 89999, 89999, 90146, 90146, 90292, 90292, 90439, 90439, 90585, 90585, 90731, 90731, 90878, 90878, 91024, 91024, 91170, 91170, 91317, 91317, 91390, 91463, 91536, 91609, 91682, 91756, 91829, 91902, 91975, 92048, 92121, 92195, 92268, 92341, 92634, 92780, 92926, 93219, 93365, 93365, 93365, 93365, 93658, 93658, 93804, 93878, 93951, 93951, 94097, 94243, 94317, 94390, 94463, 94536, 94536, 94682, 94829, 94829, 94975, 95121, 95121, 95268, 95414, 95487, 95560, 95634, 95707, 95707, 95853, 95853, 95999, 95999, 96146, 96292, 96292, 96292, 96439, 96585, 96585, 96658, 96731, 96804, 96878, 96878, 97024, 97170, 97170, 97317, 97390, 97463, 97463, 97609, 97756, 97756, 97829, 97902, 98048, 98048, 98048, 98195, 98341, 98341, 98487, 98560, 98634, 98634, 98780, 98926, 98926, 99073, 99219, 99219, 99365, 99512, 99512, 99658, 99804, 99804, 99951, 100097, 100170, 100243, 100317, 100390, 100390, 100536, 100682, 100682, 100829, 100975, 100975, 100975, 101121, 101268, 101268, 101341, 101414, 101487, 101560, 101560, 101707, 101853, 101853, 101926, 101999, 102073, 102146, 102146, 102292, 102439, 102439, 102439, 102585, 102658, 102731, 102731, 102878, 103024, 103024, 103024, 103170, 103243, 103317, 103317, 103317, 103463, 103609, 103682, 103756, 103829, 103902, 103902, 104048, 104195, 104195, 104341, 104487, 104487, 104487, 104634, 104780, 104853, 104926, 104999, 105073, 105073, 105219, 105365, 105365, 105512, 105658, 105658, 105658, 105804, 105951, 105951, 106097, 106170, 106243, 106243, 106317, 106390, 106536, 106536, 106682, 106756, 106829, 106829, 106829, 106975, 107121, 107121, 107268, 107268, 107414, 107414, 107414, 107560, 107707, 107707, 107707, 107853, 107999, 107999, 107999, 108146, 108292, 108292, 108439, 108585, 108585, 108731, 108878, 108878, 108878, 109024, 109170, 109170, 109317, 109463, 109463, 109536, 109609, 109682, 109756, 109756, 109902, 110048, 110048, 110048, 110195, 110195, 110341, 110341, 110341, 110487, 110487, 110634, 110634, 110634, 110780, 110780, 110926, 110926, 110926, 111073, 111073, 111219, 111219, 111219, 111365, 111512, 111658, 111731, 111804, 111878, 111951, 112024, 112097, 112097, 112097, 112390, 112390, 112536, 112682, 112682, 112682, 112829, 112975, 112975, 113121, 113268, 113268, 113414, 113560, 113560, 113707, 113853, 113853, 113999, 114146, 114219, 114292, 114365, 114439, 114439, 114585, 114731, 114731, 114878, 115024, 115024, 115024, 115170, 115317, 115317, 115463, 115536, 115609, 115609, 115756, 115902, 115902, 115975, 116048, 116121, 116195, 116195, 116268, 116341, 116414, 116487, 116487, 116560, 116634, 116707, 116780, 116780, 116926, 117073, 117073, 117219, 117365, 117365, 117512, 117658, 117658, 117804, 117878, 117951, 117951, 118097, 118243, 118243, 118390, 118536, 118536, 118682, 118829, 118902, 118975, 119048, 119121, 119121, 119268, 119414, 119414, 119560, 119707, 119707, 119853, 119999, 119999, 120146, 120292, 120292, 120439, 120439, 120731, 121024, 121170, 121463, 121536, 121609, 121682, 121756, 121756, 121756, 121902, 122048, 122048, 122048, 122195, 122341, 122341, 122341, 122487, 122560, 122634, 122634, 122634, 122780, 122926, 122926, 122926, 123073, 123219, 123219, 123219, 123365, 123512, 123512, 123512, 123585, 123658, 123731, 123804, 123804, 123804, 123951, 124097, 124097, 124097, 124243, 124390, 124390, 124390, 124536, 124682, 124682, 124682, 124829, 124975, 124975, 124975, 125121, 125268, 125268, 125268, 125414, 125487, 125560, 125560, 125560, 125707, 125853, 125853, 125853, 125999, 126146, 126146, 126146, 126292, 126439, 126439, 126439, 126585, 126585, 126731, 126731, 126878, 126878, 127024, 127024, 127024, 127170, 127170, 127317, 127317, 127463, 127463, 127609, 127609, 127609, 127756, 127756, 127902, 127902, 128048, 128048, 128195, 128195, 128268, 128341, 128341, 128414, 128487, 128487, 128560, 128634, 128707, 128780, 128780, 128853, 128926, 128999, 129073, 129146, 129219, 129292, 129365, 129365, 129439, 129512, 129585, 129658, 129731, 129804, 129878, 129951, 129951, 130024, 130097, 130170, 130243, 130243, 130317, 130390, 130463, 130536, 130536, 130682, 130756, 130829, 130829, 130829, 130975, 130975, 131121, 131195, 131268, 131341, 131560, 131707, 131707, 131780, 131853, 131926, 132146, 132292, 132365, 132439, 132512, 132731, 132878, 132878, 132951, 133024, 133097, 133463, 133463, 133756, 134048, 134048, 134048, 134341, 134634, 134634, 134926, 134926, 135219, 135219, 135219, 135512, 135512, 135658, 135658, 135804, 135804, 135951, 135951, 136097, 136097, 136243, 136243, 136390, 136390, 136536, 136536, 136609, 136682, 136682, 136829, 136829, 136902, 136975, 136975, 137121, 137121, 137268, 137268, 137414, 137414, 137560, 137560, 137707, 137707, 137780, 137853, 137926, 137999, 137999, 138073, 138146, 138146, 138219, 138292, 138365, 138439, 138439, 138512, 138585, 138658, 138731, 138731, 138804, 138878, 138951, 139024, 139024, 139097, 139170, 139243, 139317, 139317, 139463, 139463, 139609, 139609, 139756, 139756, 139902, 139902, 140195, 140195, 140195, 140195]
var UpdatePtr = new NativeFunction(Module.findExportByName("libd3mug.so", "update"), 'void',  ['int']) 
for (var i = 0; i < trueValue.length; i++)
{     UpdatePtr(trueValue[i]) } 
var GetFlag = new NativeFunction(Module.findExportByName("libd3mug.so", "get"), 'pointer', []);
var result = GetFlag();
console.log(ptr(result));
console.log(hexdump(result, { length: 32 }));

本栏目推荐文章
• 个人职业生涯规划
• [Python学习记]个人感受(持续更新）
• 个人博客详细设计说明书
• 【APP逆向04】Frida的下载与安装
• 个人的vscode配置调优
• PowerDotNet平台化软件架构设计与实现系列（17）：PCRM个人用户管理平台
• 个人是否可以建立自己的网站？
• ubuntu frame 个人开发心得
• 【转】chrome-调试技巧个人总结
• 教育，是点亮一个人，点亮每一个人

frida 个人frida个人 frida frida-net 基础frida frida app frida-inject frida-ios-dump 原理frida 反调frida 模拟器frida