Areizen
Areizen
/ jni_ida_definitions.h
Last active
September 13, 2019 16:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| typedef void **va_list; | |
| typedef uint8_t jboolean; | |
| typedef int8_t jbyte; | |
| typedef uint16_t jchar; | |
| typedef int16_t jshort; | |
| typedef int32_t jint; | |
| typedef int64_t jlong; | |
| typedef float jfloat; | |
| typedef double jdouble; |
Areizen
/ change_build_information.js
Last active
July 11, 2019 10:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function replaceFinaleField(object, fieldName, value){ | |
| var field = object.class.getDeclaredField(fieldName) | |
| field.setAccessible(true) | |
| field.set(null, value) | |
| } | |
| Java.perform(function(){ | |
| // Class containing const that we want to modify | |
| const Build = Java.use("android.os.Build") |
Areizen
/ bypass_anti_emulator_props.js
Created
July 11, 2019 05:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function bypassCheckProperties() { | |
| /* | |
| * Function used to bypass common checks to | |
| * Android OS properties | |
| * Bypass the props checking from this git : https://github.com/strazzere/anti-emulator | |
| * | |
| */ | |
| const SystemProperties = Java.use('android.os.SystemProperties') | |
| const String = Java.use('java.lang.String') | |
| const Properties = { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| from subprocess import Popen | |
| import frida | |
| import time | |
| import sys | |
| dumped = False | |
| def get_script(package_name): | |
| jscode = """ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2.7 | |
| # coding: utf8 | |
| import subprocess | |
| import time | |
| import itertools as it | |
| import commands | |
| import sys | |
| base_command = "adb shell " |
Areizen
/ hook_location_frida.js
Last active
December 22, 2023 11:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const simulated_latitude = 48.8534 | |
| const simulated_longitude = 2.3488 | |
| Java.perform(function(){ | |
| const Location = Java.use('android.location.Location') | |
| var location = Location.$new("gps") | |
| location.setLatitude(simulated_latitude) | |
| location.setLongitude(simulated_longitude) |
Areizen
/ ACBJsonParser.py
Created
March 31, 2020 12:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import zlib | |
| import json | |
| from Crypto.Cipher import AES | |
| from Crypto.Util.Padding import pad, unpad | |
| magic_number = b"ACBJA\x01\x00" | |
| def uncipherAES(data : bytes): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from binascii import hexlify | |
| import sys | |
| import re | |
| # PDF TEMPLATE, index number should be shifted enough to avoid collision with number of the object | |
| # we want to exfiltrate | |
| PDF_TEMPLATE = """%PDF-2.0 | |
| 100 0 obj |
Areizen
/ PianoTile3_Hook.js
Last active
February 15, 2022 09:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var library_name = "libil2cpp.so"; | |
| var library_loaded = 0; | |
| var base_address = 0; | |
| // frida -U -l script.js -f com.youmusic.magictiles --no-pause | |
| var parse_tile_base_o = function(tile_base_o) { | |
| return { | |
| tileSizeX : tile_base_o.add(0x6c).readFloat(), |
Areizen
/ Il2CPP_frida_hooks_generator.py
Last active
October 28, 2022 17:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import json | |
| predefined_struct = { | |
| "UnityEngine_Vector3_o" : [("float","x"),("float","y"),("float","z")] | |
| } | |
| def extract_class_methods(methods_informations, clazz): | |
| """ | |
| We check if the signature start with the class we want to hook, if so |
OlderNewer