heibai2006/frida-snippets
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

JNI hook example

Browse Source
This commit is contained in:
Iddo 2018-05-30 17:59:44 +03:00 committed by GitHub
parent 29ec3b9e3f
commit fd64827ccc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
README.md
View File

@ -58,6 +58,31 @@ TODOs:
return this(stringArgument); return this(stringArgument);
}; };
* Hook Native (JNI)
```
Interceptor.attach(Module.findExportByName(null, "dlopen"), {
onEnter: function (args) {
var lib = Memory.readUtf8String(args[0]);
console.log("dlopen called with: " + lib);
this.lib = lib; // pass argument to onLeave
},
onLeave: function (retval) {
console.log("dlopen called exit with: " + this.lib);
if (this.lib.endsWith("libfoo.so")) {
console.log("ret: " + retval);
var libtmessages_base = Process.findModuleByName("libfoo.so").base; // Module.findBaseAddress(foo.so).add(0x1234)
console.log("libtmessages_base: " + libtmessages_base);
// find function address with $ nm -CD libfoo.so | grep "SomeClass::someFunction"
var i = Interceptor.attach(libtmessages_base.add(0x0021e5b4), {
onEnter: function(args) {
console.log('initttt ');
}
});
console.log("i: " + i);
}
}
});
```
References overview: References overview: