Created
July 12, 2016 22:57
-
-
Save liskin/57074ad4f314adbb2e779748e2a65f94 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import frida | |
| import sys | |
| package_name = "com.strava" | |
| def get_messages_from_js(message, data): | |
| print(message) | |
| print (message['payload']) | |
| def instrument_load_url(): | |
| hook_code = """ | |
| setTimeout(function(){ | |
| Java.perform(function(){ | |
| var okhttpReq = Java.use("com.squareup.okhttp.Request"); | |
| var okhttpBody = Java.use("com.squareup.okhttp.RequestBody"); | |
| okhttpReq.urlString.implementation = function () { | |
| var ret = this.urlString(); | |
| send("url: " + ret); | |
| send("method: " + this.method()); | |
| send("content-type: " + this.body().contentType().toString()); | |
| return ret; | |
| } | |
| okhttpReq.uri.implementation = function () { | |
| send(this.toString()); | |
| send(this.headers().toString()); | |
| return this.uri(); | |
| } | |
| okhttpReq.url.implementation = function () { | |
| send(this.headers().toString()); | |
| return this.url(); | |
| } | |
| okhttpBody.create.overload("com.squareup.okhttp.MediaType","java.lang.String").implementation = function (t, b) { | |
| send("create content-type: " + t.toString()); | |
| send("create body: " + b.toString()); | |
| return this.create(t, b); | |
| } | |
| }); | |
| },0); | |
| """ | |
| return hook_code | |
| process = frida.get_device_manager().enumerate_devices()[-1].attach(package_name) | |
| script = process.create_script(instrument_load_url()) | |
| script.on('message',get_messages_from_js) | |
| script.load() | |
| sys.stdin.read() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment