Frida59

置顶傻瓜化协议分析之获取Android证书密码(方法加实战大全)
因为 APP 在向服务端发请求时, APP 肯定会操作证书,所以如果能找到 APP 操作证书的代码地方, Hook 这部分代码,对参数做些输出打印,证书和证书密码就都有了。 大部分情况下,都是 ...
从Java层到Native层hook,frida是啥?
frida为什么这么火? 前言 前阵子受《Xposed模块编写的那些事》这篇文章的帮助很大,感觉有必要写一篇文章来回馈freebuf社区。现在最火爆的又是frida,该框架从Java ...
Frida脚本iOS Log SSH Commands
Interceptor.attach(ObjC.classes.NMSSHChannel['- execute:error:timeout:'].implementation, { ...
Frida脚本iOS take screenshot截屏
function screenshot() { ObjC.schedule(ObjC.mainQueue, function() { var getNativeFunction = fu ...
Frida脚本iOS Device properties
Device properties Example of quick&dirty iOS device properties extraction\ var UIDevice = ...
Frida脚本iOS Early hook
Early hook Set hooks before DT_INIT_ARRAY ( source ) let base; let do_dlopen = null ...
Frida脚本iOS Stalker内存跟踪
var _module = Process.findModuleByName('myModule'); var base = ptr(_module.base); var startTr ...
Frida脚本iOS Memory scan内存扫描
function memscan(str) { Process.enumerateModulesSync().filter(m => m.path.startsWith('/data')). ...
Frida脚本iOS Dump memory segments
Dump memory segments Process.enumerateRanges('rw-', { onMatch: function (range) { var fname = ...
Frida脚本iOS Intercept Entire Module
To reduce UI related functions I ues the following steps: Output log to a file using -o /t ...