Created
April 28, 2023 19:21
-
-
Save miticollo/2ddaa6067090a5cc2d441ce798ae3d2e to your computer and use it in GitHub Desktop.
A gist to show an example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import threading | |
| from frida_tools.application import Reactor | |
| import frida | |
| class Application: | |
| def __init__(self): | |
| self._stop_requested = threading.Event() | |
| self._reactor = Reactor(run_until_return=lambda reactor: self._stop_requested.wait()) | |
| self._device = frida.get_usb_device() | |
| self._sessions = set() | |
| self._device.on("child-added", lambda child: self._reactor.schedule(lambda: self._on_child_added(child))) | |
| self._device.on("child-removed", lambda child: self._reactor.schedule(lambda: self._on_child_removed(child))) | |
| self._device.on("output", lambda pid, fd, data: self._reactor.schedule(lambda: self._on_output(pid, fd, data))) | |
| def run(self): | |
| self._reactor.schedule(lambda: self._start()) | |
| self._reactor.run() | |
| def _start(self): | |
| pid = 1 | |
| print(f"✔ attach(pid={pid})") | |
| session = self._device.attach(pid) | |
| session.on("detached", lambda reason: self._reactor.schedule(lambda: self._on_detached(pid, session, reason))) | |
| print("✔ enable_child_gating()") | |
| session.enable_child_gating() | |
| self._sessions.add(session) | |
| def _stop_if_idle(self): | |
| if len(self._sessions) == 0: | |
| self._stop_requested.set() | |
| def _instrument(self, pid): | |
| print(f"✔ attach(pid={pid})") | |
| session = self._device.attach(pid) | |
| session.on("detached", lambda reason: self._reactor.schedule(lambda: self._on_detached(pid, session, reason))) | |
| print("✔ create_script()") | |
| script = session.create_script( | |
| """\ | |
| Interceptor.attach(Module.getExportByName(null, 'open'), { | |
| onEnter: function (args) { | |
| send({ | |
| type: 'open', | |
| path: Memory.readUtf8String(args[0]) | |
| }); | |
| } | |
| }); | |
| """ | |
| ) | |
| script.on("message", lambda message, data: self._reactor.schedule(lambda: self._on_message(pid, message))) | |
| print("✔ load()") | |
| script.load() | |
| print(f"✔ resume(pid={pid})") | |
| self._device.resume(pid) | |
| self._sessions.add(session) | |
| def _on_child_added(self, child): | |
| self._device.resume(child.pid) | |
| def _on_child_removed(self, child): | |
| print(f"⚡ child_removed: {child}") | |
| def _on_output(self, pid, fd, data): | |
| print(f"⚡ output: pid={pid}, fd={fd}, data={repr(data)}") | |
| def _on_detached(self, pid, session, reason): | |
| print(f"⚡ detached: pid={pid}, reason='{reason}'") | |
| self._sessions.remove(session) | |
| self._reactor.schedule(self._stop_if_idle, delay=0.5) | |
| def _on_message(self, pid, message): | |
| print(f"⚡ message: pid={pid}, payload={message['payload']}") | |
| app = Application() | |
| app.run() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment