heibai2006/frida-snippets
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Reveal JNI methods update #2

Browse Source
This commit is contained in:
iddoeldor 2019-04-29 23:27:56 +03:00 committed by GitHub
parent 4f8595d90a
commit 39d3f75251
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@ -335,13 +335,13 @@ Java.perform(function() {
// search "215" @ https://docs.oracle.com/javase/8/docs/technotes/guides/jni/spec/functions.html // search "215" @ https://docs.oracle.com/javase/8/docs/technotes/guides/jni/spec/functions.html
var RegisterNatives = 215, FindClassIndex = 6; var RegisterNatives = 215, FindClassIndex = 6;
var getNativeAddress = function(idx) { var getNativeAddress = function(idx) {
return Memory.readPointer(handlePointer.add(idx * pSize)); return handlePointer.add(idx * pSize).readPointer();
} }
var jclassAddress2NameMap = {}; var jclassAddress2NameMap = {};
Interceptor.attach(getNativeAddress(FindClassIndex), { Interceptor.attach(getNativeAddress(FindClassIndex), {
onEnter: function(args) { onEnter: function(args) {
jclassAddress2NameMap[args[0]] = Memory.readCString(args[1]); jclassAddress2NameMap[args[0]] = args[1].readCString();
} }
}); });
@ -360,12 +360,13 @@ Java.perform(function() {
* } JNINativeMethod; * } JNINativeMethod;
*/ */
var structSize = pSize * 3; // JNINativeMethod contains 3 pointers var structSize = pSize * 3; // JNINativeMethod contains 3 pointers
var sigPtr = Memory.readPointer(methodsPtr.add(i * structSize + pSize)); var sigPtr = methodsPtr.add(i * structSize + pSize).readPointer();
var fnPtrPtr = Memory.readPointer(methodsPtr.add(i * structSize + (pSize * 2))); var fnPtrPtr = methodsPtr.add(i * structSize + (pSize * 2)).readPointer();
console.log(JSON.stringify({ console.log(JSON.stringify({
class: jclassAddress2NameMap[args[0]], class: jclassAddress2NameMap[args[0]],
method: Memory.readCString(Memory.readPointer(methodsPtr)), // const char* name method: methodsPtr.readPointer().readCString(), // const char* name
signature: Memory.readCString(sigPtr), signature: sigPtr.readCString(),
// TODO Java bytecode signature parser { Z: 'boolean', B: 'byte', C: 'char', S: 'short', I: 'int', J: 'long', F: 'float', D: 'double', L: 'fully-qualified-class;', '[': 'array' } // TODO Java bytecode signature parser { Z: 'boolean', B: 'byte', C: 'char', S: 'short', I: 'int', J: 'long', F: 'float', D: 'double', L: 'fully-qualified-class;', '[': 'array' }
address: fnPtrPtr address: fnPtrPtr
})); }));