deathmemory / Fridaregstntv
利用 frida 获取 Jni RegisterNatives 动态注册的函数
Stars: ✭ 136
Programming Languages
typescript
32286 projects
Labels
Projects that are alternatives of or similar to Fridaregstntv
Qbdi
A Dynamic Binary Instrumentation framework based on LLVM.
Stars: ✭ 801 (+488.97%)
Mutual labels: frida
Dbi Stuff
Resources About Dynamic Binary Instrumentation and Dynamic Binary Analysis
Stars: ✭ 80 (-41.18%)
Mutual labels: frida
Corellium Android Unpacking
Android Unpacking Automation using Corellium Devices
Stars: ✭ 107 (-21.32%)
Mutual labels: frida
Rms Runtime Mobile Security
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
Stars: ✭ 1,194 (+777.94%)
Mutual labels: frida
Fridahooker
由于工作原因接触纯App安全比较少了所以项目处于咕咕咕状态 // Android Frida GUI Manager; Android 图形化Frida管理器
Stars: ✭ 101 (-25.74%)
Mutual labels: frida
House
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Stars: ✭ 910 (+569.12%)
Mutual labels: frida
Jnitrace Engine
Engine used by jnitrace to intercept JNI API calls.
Stars: ✭ 94 (-30.88%)
Mutual labels: frida
Dwarf
Full featured multi arch/os debugger built on top of PyQt5 and frida
Stars: ✭ 916 (+573.53%)
Mutual labels: frida
Fridaandroidtracer
A runnable jar that generate Javascript hook script to hook Android classes.
Stars: ✭ 114 (-16.18%)
Mutual labels: frida
Frida Scripts
A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
Stars: ✭ 665 (+388.97%)
Mutual labels: frida
Airspy
AirSpy - Frida-based tool for exploring and tracking the evolution of Apple's AirDrop protocol implementation on i/macOS, from the server's perspective. Released during BH USA 2019 Training https://www.nowsecure.com/event/advanced-frida-and-radare-a-hackers-delight/
Stars: ✭ 116 (-14.71%)
Mutual labels: frida
Xpcspy
Bidirectional XPC message interception and more. Powered by Frida
Stars: ✭ 101 (-25.74%)
Mutual labels: frida
fridaRegstNtv
本项目是利用 frida 获取 Jni RegisterNatives 动态注册的函数,并将其函数地址和对应的 so 打印出来 由于此功能使用频率较高,所以单独拉出一个库,方便使用。
npm build 后,用 Pycharm 打开编辑,可以看到 frida api 代码补全提示。
效果
[INFO][fridaRegstNtv]: hello, i am loaded
handle: 0xefb71cbc
register: 0xef9ba4f1
==== class: com.xxxx.class.name ====
==== methods: 0xcd52d428 nMethods: 41 ====
[INFO][fridaRegstNtv]: name: initialize, signature: ()V, fnPtr: 0xcd50b6bd, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x66bd
[INFO][fridaRegstNtv]: name: onExit, signature: ()V, fnPtr: 0xcd50b6c7, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x66c7
[INFO][fridaRegstNtv]: name: getMMKVWithID, signature: (Ljava/lang/String;ILjava/lang/String;)J, fnPtr: 0xcd50b6d1, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x66d1
[INFO][fridaRegstNtv]: name: encodeBool, signature: (JLjava/lang/String;Z)Z, fnPtr: 0xcd50b76d, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x676d
[INFO][fridaRegstNtv]: name: decodeBool, signature: (JLjava/lang/String;Z)Z, fnPtr: 0xcd50b7bf, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x67bf
[INFO][fridaRegstNtv]: name: encodeInt, signature: (JLjava/lang/String;I)Z, fnPtr: 0xcd50b80f, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x680f
[INFO][fridaRegstNtv]: name: decodeInt, signature: (JLjava/lang/String;I)I, fnPtr: 0xcd50b85b, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x685b
[INFO][fridaRegstNtv]: name: encodeLong, signature: (JLjava/lang/String;J)Z, fnPtr: 0xcd50b8a5, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x68a5
[INFO][fridaRegstNtv]: name: decodeLong, signature: (JLjava/lang/String;J)J, fnPtr: 0xcd50b8f7, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x68f7
[INFO][fridaRegstNtv]: name: encodeFloat, signature: (JLjava/lang/String;F)Z, fnPtr: 0xcd50b953, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x6953
......
安装
git clone https://github.com/deathmemory/fridaRegstNtv.git
cd fridaRegstNtv
sudo npm install
npm run build
使用
工程里已经生成了 _fridaRegstNtv.js
可以不用 build 直接使用。
frida -U -l _fridaRegstNtv.js -f com.package.name --no-pause
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].