Areizen/JNI-Frida-Hook: Script to quickly hook natives call to JNI in Android
2022-2-13 13:57:35 Author: github.com(查看原文) 阅读量:127 收藏

JNI Frida Hook

Here is a quick script to easily have an overview of JNI called by a function. It also provide a way to easily hook them

Requirements

pip install frida-tools --user
npm install frida-compile -g
npm install frida-compile

Usage

Fill library name and function name in agent.js

library_name = "" // ex: libsqlite.so
function_name = "" // ex: JNI_OnLoad

Add the functions you want to hook or simply hook all in the hook_jni function

 /*
    Here you can choose which function to hook
    Either you hook all to have an overview of the function called
*/
    
jni.hook_all(jnienv_addr)

/*
Either you hook the one you want by precising what to do with it
*/

Interceptor.attach(jni.getJNIFunctionAdress(jnienv_addr,"FindClass"),{
    onEnter: function(args){
        console.log("env->FindClass(\"" + Memory.readCString(args[1]) + "\")")
    }
})

Once you've filled all the previous informations, compile it with :

frida-compile agent.js -o _agent.js

And launch it :

frida -U -l _agent.js --no-pause -f <your package_name>

https://www.aperikube.fr/docs/aperictf_2019/my_backdoored_gallery/

Feel free to contact me on Twitter : Areizen

or by email at : [email protected]


文章来源: https://github.com/Areizen/JNI-Frida-Hook
如有侵权请联系:admin#unsafe.sh