GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → deathmemory → Fridaregstntv

deathmemory / Fridaregstntv

利用 frida 获取 Jni RegisterNatives 动态注册的函数

Programming Languages

typescript
32286 projects

Labels

frida

Projects that are alternatives of or similar to Fridaregstntv

Qbdi
A Dynamic Binary Instrumentation framework based on LLVM.
Stars: ✭ 801 (+488.97%)
Mutual labels:  frida
Dbi Stuff
Resources About Dynamic Binary Instrumentation and Dynamic Binary Analysis
Stars: ✭ 80 (-41.18%)
Mutual labels:  frida
Corellium Android Unpacking
Android Unpacking Automation using Corellium Devices
Stars: ✭ 107 (-21.32%)
Mutual labels:  frida
Mjolner
Cycript backend powered by Frida.
Stars: ✭ 11 (-91.91%)
Mutual labels:  frida
Appmon
Documentation:
Stars: ✭ 1,157 (+750.74%)
Mutual labels:  frida
Jeb2frida
Automated Frida hook generation with JEB
Stars: ✭ 95 (-30.15%)
Mutual labels:  frida
R2frida
Radare2 and Frida better together.
Stars: ✭ 610 (+348.53%)
Mutual labels:  frida
Frida Trace
Trace APIs declaratively through Frida.
Stars: ✭ 120 (-11.76%)
Mutual labels:  frida
Rms Runtime Mobile Security
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
Stars: ✭ 1,194 (+777.94%)
Mutual labels:  frida
Fridahooker
由于工作原因接触纯App安全比较少了所以项目处于咕咕咕状态 // Android Frida GUI Manager; Android 图形化Frida管理器
Stars: ✭ 101 (-25.74%)
Mutual labels:  frida
House
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Stars: ✭ 910 (+569.12%)
Mutual labels:  frida
Frida Snippets
Hand-crafted Frida examples
Stars: ✭ 1,081 (+694.85%)
Mutual labels:  frida
Jnitrace Engine
Engine used by jnitrace to intercept JNI API calls.
Stars: ✭ 94 (-30.88%)
Mutual labels:  frida
Dwarf
Full featured multi arch/os debugger built on top of PyQt5 and frida
Stars: ✭ 916 (+573.53%)
Mutual labels:  frida
Fridaandroidtracer
A runnable jar that generate Javascript hook script to hook Android classes.
Stars: ✭ 114 (-16.18%)
Mutual labels:  frida
Frida Scripts
A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
Stars: ✭ 665 (+388.97%)
Mutual labels:  frida
Iostrace
alternative strace for iOS device(64bit) on frida
Stars: ✭ 84 (-38.24%)
Mutual labels:  frida
Frida Android Scripts
Some frida scripts
Stars: ✭ 124 (-8.82%)
Mutual labels:  frida
Airspy
AirSpy - Frida-based tool for exploring and tracking the evolution of Apple's AirDrop protocol implementation on i/macOS, from the server's perspective. Released during BH USA 2019 Training https://www.nowsecure.com/event/advanced-frida-and-radare-a-hackers-delight/
Stars: ✭ 116 (-14.71%)
Mutual labels:  frida
Xpcspy
Bidirectional XPC message interception and more. Powered by Frida
Stars: ✭ 101 (-25.74%)
Mutual labels:  frida
View All Similar Projects ➔

fridaRegstNtv

本项目是利用 frida 获取 Jni RegisterNatives 动态注册的函数,并将其函数地址和对应的 so 打印出来 由于此功能使用频率较高,所以单独拉出一个库,方便使用。

npm build 后,用 Pycharm 打开编辑,可以看到 frida api 代码补全提示。

效果

[INFO][fridaRegstNtv]: hello, i am loaded
handle: 0xefb71cbc
register: 0xef9ba4f1
==== class: com.xxxx.class.name ====
==== methods: 0xcd52d428 nMethods: 41 ====
[INFO][fridaRegstNtv]: name: initialize, signature: ()V, fnPtr: 0xcd50b6bd, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x66bd
[INFO][fridaRegstNtv]: name: onExit, signature: ()V, fnPtr: 0xcd50b6c7, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x66c7
[INFO][fridaRegstNtv]: name: getMMKVWithID, signature: (Ljava/lang/String;ILjava/lang/String;)J, fnPtr: 0xcd50b6d1, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x66d1                   
[INFO][fridaRegstNtv]: name: encodeBool, signature: (JLjava/lang/String;Z)Z, fnPtr: 0xcd50b76d, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x676d
[INFO][fridaRegstNtv]: name: decodeBool, signature: (JLjava/lang/String;Z)Z, fnPtr: 0xcd50b7bf, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x67bf
[INFO][fridaRegstNtv]: name: encodeInt, signature: (JLjava/lang/String;I)Z, fnPtr: 0xcd50b80f, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x680f
[INFO][fridaRegstNtv]: name: decodeInt, signature: (JLjava/lang/String;I)I, fnPtr: 0xcd50b85b, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x685b
[INFO][fridaRegstNtv]: name: encodeLong, signature: (JLjava/lang/String;J)Z, fnPtr: 0xcd50b8a5, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x68a5
[INFO][fridaRegstNtv]: name: decodeLong, signature: (JLjava/lang/String;J)J, fnPtr: 0xcd50b8f7, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x68f7
[INFO][fridaRegstNtv]: name: encodeFloat, signature: (JLjava/lang/String;F)Z, fnPtr: 0xcd50b953, modulename: libxxxx.so -> base: 0xcd505000, offset: 0x6953
......

安装

git clone https://github.com/deathmemory/fridaRegstNtv.git
cd fridaRegstNtv
sudo npm install
npm run build

使用

工程里已经生成了 _fridaRegstNtv.js 可以不用 build 直接使用。

frida -U -l _fridaRegstNtv.js -f com.package.name --no-pause
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].