heibai2006/frida-snippets
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

android intercept libc#open example

Browse Source
This commit is contained in:
iddoeldor 2019-03-20 14:52:45 +02:00 committed by GitHub
parent 7208fc7793
commit 8658889847
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -68,10 +68,10 @@ An example for intercepting `libc#open` & logging backtrace if specific file was
```js ```js
Interceptor.attach(Module.findExportByName("/system/lib/libc.so", "open"), { Interceptor.attach(Module.findExportByName("/system/lib/libc.so", "open"), {
onEnter: function(args) { onEnter: function(args) {
// debug only the intended calls
this.flag = false; this.flag = false;
var filename = Memory.readCString(ptr(args[0])); var filename = Memory.readCString(ptr(args[0]));
if (filename.indexOf("something") != -1) { console.log('filename =', filename)
if (filename.endsWith(".xml")) {
this.flag = true; this.flag = true;
var backtrace = Thread.backtrace(this.context, Backtracer.ACCURATE).map(DebugSymbol.fromAddress).join("\n\t"); var backtrace = Thread.backtrace(this.context, Backtracer.ACCURATE).map(DebugSymbol.fromAddress).join("\n\t");
console.log("file name [ " + Memory.readCString(ptr(args[0])) + " ]\nBacktrace:" + backtrace); console.log("file name [ " + Memory.readCString(ptr(args[0])) + " ]\nBacktrace:" + backtrace);
@ -86,8 +86,9 @@ Interceptor.attach(Module.findExportByName("/system/lib/libc.so", "open"), {
<details> <details>
<summary>Output example</summary> <summary>Output example</summary>
Intecepting `com.android.chrome`
![](gif/intercept_open_chrome_android.gif)
TODO
</details> </details>