uriellberdeja · June 11, 2024 05:49
diff --git a/frida.js b/frida.js
 Java.perform(()=> {
    function getFridaTypeName(javaTypeName) {
        const typeMap = {
            'void': 'void',
            'boolean': 'boolean',
            'byte': 'byte',
            'char': 'char',
            'short': 'short',
            'int': 'int',
            'long': 'long',
            'float': 'float',
            'double': 'double',
            'java.lang.Object': 'java.lang.Object',
            '[Ljava.lang.Object;': '[Ljava.lang.Object;',
            'java.lang.String': 'java.lang.String',
            '[Ljava.lang.String;': '[Ljava.lang.String;',
            'java.lang.Void': 'java.lang.Void',
            '[Ljava.lang.Void;': '[Ljava.lang.Void;',
            'java.lang.Integer': 'java.lang.Integer',
            'android.content.Intent': 'android.content.Intent',
            'android.os.Bundle': 'android.os.Bundle'
        };
        
        return typeMap[javaTypeName] || javaTypeName.replace(/\./g, '/'); // Handle other types
    }

    const targetList = [
        "com.example.Activity",
        "com.example.Activity$aux"
    ]
    for(let actualTarget of targetList) {
        let targetClass = Java.use(actualTarget);
        
        const classObject = targetClass.class;
        const declaredMethods = classObject.getDeclaredMethods();
        console.log(declaredMethods)
        declaredMethods.forEach(method => {
            try {
                // Get method name and parameter types
                const methodName = method.getName();
                const parameterTypes = method.getParameterTypes();
                
                // Construct the method overload signature

                const fridaParamTypes = parameterTypes.map(paramType => {
                    return getFridaTypeName(paramType.getName());
                });
                console.log("[SETUP] Hooking " + methodName + " ( " + fridaParamTypes + ")" )

                // Hook into the method using Frida
                const methodOverload = targetClass[methodName].overload(...fridaParamTypes);
                methodOverload.implementation = function (...args) {
                    console.log(`\n[HOOK] ${methodName} called with arguments:`);
                    
                    for (let i = 0; i < args.length; i++) {
                        console.log(`arg[${i}]: ${args[i]}`);
                    }
                    
                    const result = methodOverload.apply(this, args);
                    
                    console.log(`[RESULT] ${result}`);
                    
                    return result;
                };
                
            } catch (err) {
                console.error(`[ERROR] hooking method: ${method.getName()} - ${err.message}`);
            }
        });
    }
 })
	Java.perform(()=> {
	function getFridaTypeName(javaTypeName) {
	const typeMap = {
	'void': 'void',
	'boolean': 'boolean',
	'byte': 'byte',
	'char': 'char',
	'short': 'short',
	'int': 'int',
	'long': 'long',
	'float': 'float',
	'double': 'double',
	'java.lang.Object': 'java.lang.Object',
	'[Ljava.lang.Object;': '[Ljava.lang.Object;',
	'java.lang.String': 'java.lang.String',
	'[Ljava.lang.String;': '[Ljava.lang.String;',
	'java.lang.Void': 'java.lang.Void',
	'[Ljava.lang.Void;': '[Ljava.lang.Void;',
	'java.lang.Integer': 'java.lang.Integer',
	'android.content.Intent': 'android.content.Intent',
	'android.os.Bundle': 'android.os.Bundle'
	};

	return typeMap[javaTypeName] \|\| javaTypeName.replace(/\./g, '/'); // Handle other types
	}

	const targetList = [
	"com.example.Activity",
	"com.example.Activity$aux"
	]
	for(let actualTarget of targetList) {
	let targetClass = Java.use(actualTarget);

	const classObject = targetClass.class;
	const declaredMethods = classObject.getDeclaredMethods();
	console.log(declaredMethods)
	declaredMethods.forEach(method => {
	try {
	// Get method name and parameter types
	const methodName = method.getName();
	const parameterTypes = method.getParameterTypes();

	// Construct the method overload signature

	const fridaParamTypes = parameterTypes.map(paramType => {
	return getFridaTypeName(paramType.getName());
	});
	console.log("[SETUP] Hooking " + methodName + " ( " + fridaParamTypes + ")" )

	// Hook into the method using Frida
	const methodOverload = targetClass[methodName].overload(...fridaParamTypes);
	methodOverload.implementation = function (...args) {
	console.log(`\n[HOOK] ${methodName} called with arguments:`);

	for (let i = 0; i < args.length; i++) {
	console.log(`arg[${i}]: ${args[i]}`);
	}

	const result = methodOverload.apply(this, args);

	console.log(`[RESULT] ${result}`);

	return result;
	};

	} catch (err) {
	console.error(`[ERROR] hooking method: ${method.getName()} - ${err.message}`);
	}
	});
	}
	})