frida native层写文件

frida_native_write.js

// https://www.cnblogs.com/c-x-a/p/15192821.html
function main(){
    write_file1()
    write_File2()
}
function write_file1(){
    //使用firda的自带api
    var file = new File("/data/local/tmp/mytest.dat")
    file.write("1234");
    file.flush();
    file.close();
}

function write_File2(){
    var addr_fopen = Module.findExportByName("libc.so","fopen")
    var addr_fputs = Module.findExportByName("libc.so","fputs")
    var addr_fclose= Module.findExportByName("libc.so","fclose")
    //NativeFunction 将地址创建为可调用的函数,第一个参数是函数地址，第二个参数是返回值类型，所有指针类型，包括string(char*),都是pointer
    //第三个参数就是原函数的参数列表

    var fopen = new NativeFunction(addr_fopen,"pointer",["pointer","pointer"])
    var fputs = new NativeFunction(addr_fputs,"int",["pointer","pointer"]);
    var fclose = new NativeFunction(addr_fclose,"int",["pointer"]);

    var filename = Memory.allocUtf8String("/data/local/tmp/mytest.dat"); //native层需要这样创建字符串，在java层就可以直接写字符串
    var open_mode = Memory.allocUtf8String("w+");
    var file = fopen(filename,open_mode);

    var buffer_str = Memory.allocUtf8String("1234")
    var ret = fputs(buffer_str,file);
    console.log("fputs ret:",ret);
    fclose(file);
}
setImmediate(main)