heibai2006/frida-snippets
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

refactoring #1

Browse Source
This commit is contained in:
iddoeldor 2018-06-08 16:19:09 +03:00 committed by GitHub
parent 910c0ce140
commit 8a42ffcfd3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
ObjC_Unppining_Helper.js
View File

@ -1,11 +1,8 @@
/* /*
========================= * By LotemBY *
ObjC Unppining Helper
By Lotem
=========================
This is a frida script for unpinning and reversing of ObjC applications. This is a frida script for unpinning and reversing of ObjC applications.
It is used to list and intercept methods in moudles by regexs. Intercept method's which match regex.
You may change the following regex arrays to match your needs: You may change the following regex arrays to match your needs:
*/ */
@ -28,8 +25,7 @@ To run this script with frida on iPhone, follow these steps:
5. Type in console "frida -U <APP PROCCESS NAME> -l <PATH TO THIS SCRIPT>" to run this script 5. Type in console "frida -U <APP PROCCESS NAME> -l <PATH TO THIS SCRIPT>" to run this script
6. Now you should use the app to trigger some of the intercepted methods 6. Now you should use the app to trigger some of the intercepted methods
*/ */
var onCompleteCallback = function (retval) {};
// The "main" method. Going over all the moudles and all the methods, and trying to intercept each one which matches the regexs.
setImmediate(function () { setImmediate(function () {
if (!ObjC.available) { if (!ObjC.available) {
console.log("[-] Objective-C Runtime is not available!"); console.log("[-] Objective-C Runtime is not available!");
@ -65,25 +61,22 @@ setImmediate(function () {
} }
} }
}, },
onComplete: function (retval) {} onComplete: onCompleteCallback
}); });
}, },
onComplete: function (retval) {} onComplete: onCompleteCallback
}); });
console.log("[*] Completed!"); console.log("[*] Completed!");
console.log("=======================================================\n\n"); console.log("=======================================================\n\n");
}); });
// Return if 'str' match any of the regexs in the array 'regexList' // Return if 'str' match any of the regexs in the array 'regexList'
function matchesRegex(regexList, str) { function matchesRegex(regexList, str) {
for (var i = 0; i < regexList.length; i++) { regexList.forEach(function(el) {
if (str.search(regexList[i]) != -1) { if (str.search(el) != -1)
return true; return true;
} });
}
return false; return false;
} }
@ -94,7 +87,7 @@ function intercept(module, func) {
Interceptor.attach(Module.findExportByName(module, func), { Interceptor.attach(Module.findExportByName(module, func), {
onEnter: function(args) { onEnter: function(args) {
console.log("[*] Method CALL:\t\"" + func + "\" called!"); console.log("[*] Method CALL:\t\"" + func + "\" called!");
}, },
onLeave: function (retval) { onLeave: function (retval) {
console.log("[*] Method RETURN:\t\"" + func + "\" (return value: " + retval + ")"); console.log("[*] Method RETURN:\t\"" + func + "\" (return value: " + retval + ")");
@ -106,7 +99,7 @@ function intercept(module, func) {
}); });
return true; return true;
} catch(err) { } catch (err) {
return false; return false;
} }
} }