Created
August 2, 2025 22:29
-
-
Save marcostolosa/3489619c536c315b5f000410e973f151 to your computer and use it in GitHub Desktop.
Script Python usando a API do Frida p/ Hookar Funções
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import frida | |
| import sys | |
| import threading | |
| from frida_tools.application import Reactor | |
| # ---- Carregar configuração ---- | |
| with open("config.json") as f: | |
| config = json.load(f) | |
| hooks = set(config.get("functions", [])) | |
| payload = config.get("payload", None) | |
| trace_children = config.get("trace_children", True) | |
| target = config.get("target") | |
| args = config.get("args", []) | |
| # ---- Função para gerar script JS ---- | |
| def generate_js(): | |
| js = "" | |
| for func in hooks: | |
| js += f""" | |
| Interceptor.attach(Module.getExportByName(null, '{func}'), {{ | |
| onEnter: function (args) {{ | |
| var original = args[0].readUtf8String(); | |
| send({{"function": "{func}", "original": original}}); | |
| {"args[0].writeUtf8String(original + '{payload}') ; send({ 'modified': original + payload });" if payload else ""} | |
| }}, | |
| onLeave: function (retval) {{ | |
| send({{"function": "{func}", "returned": retval.toInt32()}}); | |
| }} | |
| }}); | |
| """ | |
| return js | |
| # ---- Classe principal ---- | |
| class Application: | |
| def __init__(self, argv): | |
| self._argv = argv | |
| self._stop_requested = threading.Event() | |
| self._reactor = Reactor(run_until_return=lambda reactor: self._stop_requested.wait()) | |
| self.session = None | |
| self.script = None | |
| def run(self): | |
| self._reactor.schedule(lambda: self._start()) | |
| threading.Thread(target=self._interactive_console, daemon=True).start() | |
| self._reactor.run() | |
| def _start(self): | |
| pid = frida.spawn(self._argv) | |
| self.session = frida.attach(pid) | |
| if trace_children: | |
| self.session.enable_child_gating() | |
| self.session.on("child-added", self._on_child) | |
| self._load_hooks() | |
| frida.resume(pid) | |
| def _load_hooks(self): | |
| if self.script: | |
| self.script.unload() | |
| self.script = self.session.create_script(generate_js()) | |
| self.script.on("message", self._on_message) | |
| self.script.load() | |
| print(f"[+] Hooks carregados: {', '.join(hooks) if hooks else 'nenhum'}") | |
| def _on_child(self, child): | |
| print(f"[+] Novo processo filho: {child.pid}") | |
| session = frida.attach(child.pid) | |
| script = session.create_script(generate_js()) | |
| script.on("message", self._on_message) | |
| script.load() | |
| frida.resume(child.pid) | |
| def _on_message(self, message, data): | |
| print(message) | |
| def _interactive_console(self): | |
| global payload | |
| while True: | |
| cmd = input("frida> ").strip() | |
| if cmd.startswith("add_hook "): | |
| func = cmd.split(" ", 1)[1] | |
| hooks.add(func) | |
| self._load_hooks() | |
| elif cmd.startswith("remove_hook "): | |
| func = cmd.split(" ", 1)[1] | |
| hooks.discard(func) | |
| self._load_hooks() | |
| elif cmd == "list_hooks": | |
| print(f"Hooks ativos: {', '.join(hooks) if hooks else 'nenhum'}") | |
| elif cmd.startswith("set_payload "): | |
| payload = cmd.split(" ", 1)[1] | |
| print(f"[+] Payload atualizado para: {payload}") | |
| self._load_hooks() | |
| elif cmd == "exit": | |
| self._stop_requested.set() | |
| break | |
| else: | |
| print("Comandos: add_hook <função>, remove_hook <função>, list_hooks, set_payload <cmd>, exit") | |
| if __name__ == "__main__": | |
| app = Application([target] + args) | |
| app.run() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment