From 4b4f3cf1f6c7111c6e1a31efb03481293f0741f8 Mon Sep 17 00:00:00 2001 From: Iddo Date: Sun, 29 Apr 2018 15:23:25 +0300 Subject: [PATCH] Update README.md --- README.md | 37 ++++++++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index e96ad87..661693f 100644 --- a/README.md +++ b/README.md @@ -2,16 +2,39 @@ TODOs: - Add GIFs & docs + +- Extract modules from APK + + $ frida -Uq com.android. -e "Process.enumerateModules({onMatch: function(m){console.log('-' + m.name)},onComplete:function(){}})" + .... + -libsqlite.so + +- get methods from .so file + $ adb pull /system/lib/libsqlite.so + /system/lib/libsqlite.so: 1 file pulled. 19.7 MB/s (975019 bytes in 0.047s) + $ nm -D libsqlite.so | cut -d' ' -f3 | grep sqlite3 + sqlite3_aggregate_context + sqlite3_aggregate_count + .... + + $ frida-trace -U -i "sqlite*" com.android. + ... + 24878 ms sqlite3_changes() + 24878 ms sqlite3_reset() + 24878 ms | sqlite3_free() + 24878 ms | sqlite3_free() + 24878 ms sqlite3_clear_bindings() + 24878 ms sqlite3_prepare16_v2() <<< this is the one that holds the SQL queries + 24878 ms | sqlite3_free() + - SQLite hook example (+Native) + Interceptor.attach(Module.findExportByName('libsqlite.so', 'sqlite3_prepare16_v2'), { + onEnter: function(args) { + console.log('DB: ' + Memory.readUtf16String(args[0]) + '\tSQL: ' + Memory.readUtf16String(args[1])); + } + }); -` -Interceptor.attach(Module.findExportByName('libsqlite.so', 'sqlite3_prepare16_v2'), { - onEnter: function(args) { - console.log('DB: ' + Memory.readUtf16String(args[0]) + '\tSQL: ' + Memory.readUtf16String(args[1])); - } -}); -`