Hook重载方法和构造方法
1.1 hook重载方法
/*
adb shell
su
cd /data/local/tmp/
./frida-server-16.0.19-android-arm64
端口转发
adb forward tcp:27042 tcp:27042
adb forward tcp:27043 tcp:27043
*/
// 搜索 setPwd(Md5
import frida
import sys
# 连接手机设备
rdev = frida.get_remote_device()
session = rdev.attach("油联合伙人")
scr = """
Java.perform(function () {
// 包.类
var MessageDigest = Java.use("java.security.MessageDigest");
MessageDigest.update.overload('[B').implementation = function(data){
var res = this.update(data);
return res;
}
MessageDigest.update.overload('java.nio.ByteBuffer').implementation = function(data){
var res = this.update(data);
return res;
}
});
"""
script = session.create_script(scr)
def on_message(message, data):
print(message, data)
script.on("message", on_message)
script.load()
sys.stdin.read()
1.2 hook构造方法
import frida
import sys
# 连接手机设备
rdev = frida.get_remote_device()
session = rdev.attach("油联合伙人")
scr = """
Java.perform(function () {
// 包.类
var StringBuilder = Java.use("java.lang.StringBuilder");
StringBuilder.$init.overload('int').implementation = function(num){
console.log(num);
if(num==32){
var res = this.$init(num);
}
return res;
}
});
"""
script = session.create_script(scr)
def on_message(message, data):
print(message, data)
script.on("message", on_message)
script.load()
sys.stdin.read()