Hamz-a / Jeb2frida
Licence: mit
Automated Frida hook generation with JEB
Stars: ✭ 95
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Jeb2frida
Frida Gum
Cross-platform instrumentation and introspection library written in C
Stars: ✭ 357 (+275.79%)
Mutual labels: frida
Frida Scripts
A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
Stars: ✭ 665 (+600%)
Mutual labels: frida
Frida Fuzzer
This experimetal fuzzer is meant to be used for API in-memory fuzzing.
Stars: ✭ 415 (+336.84%)
Mutual labels: frida
Dwarf
Full featured multi arch/os debugger built on top of PyQt5 and frida
Stars: ✭ 916 (+864.21%)
Mutual labels: frida
Dbi Stuff
Resources About Dynamic Binary Instrumentation and Dynamic Binary Analysis
Stars: ✭ 80 (-15.79%)
Mutual labels: frida
Ios debugger challenge
A playground for run-time iOS app inspection
Stars: ✭ 39 (-58.95%)
Mutual labels: frida
Extracttvpasswords
tool to extract passwords from TeamViewer memory using Frida
Stars: ✭ 444 (+367.37%)
Mutual labels: frida
Jnitrace
A Frida based tool that traces usage of the JNI API in Android apps.
Stars: ✭ 534 (+462.11%)
Mutual labels: frida
Frida Core
Frida core library intended for static linking into bindings
Stars: ✭ 398 (+318.95%)
Mutual labels: frida
Qbdi
A Dynamic Binary Instrumentation framework based on LLVM.
Stars: ✭ 801 (+743.16%)
Mutual labels: frida
Rms Runtime Mobile Security
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
Stars: ✭ 1,194 (+1156.84%)
Mutual labels: frida
House
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Stars: ✭ 910 (+857.89%)
Mutual labels: frida
jeb2frida
Generate Frida hooks automatically using JEB. This is done using a naïve signature based algorithm:
- Search for a unique magic string such as "Certificate pinning failure!" in OkHttp's case;
- Get the class where the string resides and extract the class path;
- Loop through each method of the above class, and check if the parameters matches our signature;
- Optionally check the return value.
For more information, see: Automated Frida hook generation with JEB
Usage
- Put the GenerateFridaHooks.py script in the JEB scripts folder;
- Edit the script accordingly;
- Run it from JEB GUI or use the following command:
./jeb_macos.sh -c --srv2 --script=GenerateFridaHooks.py -- "/path/to/apk/file.apk"
Sample output
➜ jeb-pro ./jeb_macos.sh -c --srv2 --script=GenerateFridaHooks.py -- "/path/to/apk/file.apk"
<JEB startup header omitted>
🔥 JEB scripting
{JebFridaHookArtifact > JebFridaHookArtifact}: 4956 resource files were adjusted
Attempting to merge the multiple DEX files into a single DEX file...
<JEB processing omitted>
{JebFridaHookArtifact > JebFridaHookArtifact}: DEX merger was successful and produced a virtual DEX unit
🔥 Fresh Frida Hooks
----------------------------------------------------------------------------------------------------
'use strict';
// Usage: frida -U -f com.example.app -l generated_hook.js --no-pause
Java.perform(function() {
var okhttp3_CertificatePinner0 = Java.use('<omitted>');
var findMatchingPins0 = okhttp3_CertificatePinner0.a.overload('java.lang.String');
findMatchingPins0.implementation = function(hostname) {
console.log('[+] okhttp3.CertificatePinner.findMatchingPins(' + hostname + ') # <omitted>()');
return findMatchingPins0.call(this, ''); // replace hostname with empty string
};
var okhttp3_CertificatePinner1 = Java.use('com.squareup.okhttp.CertificatePinner');
var findMatchingPins1 = okhttp3_CertificatePinner1.findMatchingPins.overload('java.lang.String');
findMatchingPins1.implementation = function(hostname) {
console.log('[+] okhttp3.CertificatePinner.findMatchingPins(' + hostname + ') # com.squareup.okhttp.CertificatePinner.findMatchingPins()');
return findMatchingPins1.call(this, ''); // replace hostname with empty string
};
});
----------------------------------------------------------------------------------------------------
Done.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].