SeeFlowerX/trace_smali.js

## trace_smali.js
// from https://bbs.pediy.com/thread-263210.htm
function hook_Impl() {
    var module_libart = Process.findModuleByName("libart.so");
    var symbols = module_libart.enumerateSymbols();
    var ArtMethod_ExecuteSwitchImpltt = null;
    var ArtMethod_ExecuteSwitchImpltf = null;
    var ArtMethod_ExecuteSwitchImplff = null;
    var ArtMethod_ExecuteMterpImpl = null;

    //_ZN3art11interpreter17ExecuteSwitchImplILb1ELb1EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b ; art::interpreter::ExecuteSwitchImpl<true,true>(art::Thread *,art::DexFile::CodeItem const*,art::ShadowFrame &,art::JValue,bool)
    //_ZN3art11interpreter17ExecuteSwitchImplILb1ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b ; art::interpreter::ExecuteSwitchImpl<true,false>(art::Thread *,art::DexFile::CodeItem const*,art::ShadowFrame &,art::JValue,bool)
    //_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b ; art::interpreter::ExecuteSwitchImpl<false,false>(art::Thread *,art::DexFile::CodeItem const*,art::ShadowFrame &,art::JValue,bool)

    for (var i = 0; i < symbols.length; i++) {
        var symbol = symbols[i];
        var address = symbol.address;
        var name = symbol.name;
        var indexinterpreter = name.indexOf("interpreter");
        var indexExecuteSwitchImpl = name.indexOf("ExecuteSwitchImpl");
        var indexExecuteMterpImpl = name.indexOf("ExecuteMterpImpl");
        var indexShadowFrame = name.indexOf("ShadowFrame");
        var indextt = name.indexOf("b1ELb1");
        var indextf = name.indexOf("b1ELb0");
        var indexff = name.indexOf("b0ELb0");
        var ArtMethod_PrettyMethod = null;
        if (name.indexOf("ArtMethod") >= 0 && name.indexOf("PrettyMethod") >= 0 && name.indexOf("Eb") >= 0 ) {
            console.log(name);
            ArtMethod_PrettyMethod = address;
        }
        if (indexinterpreter >= 0
            && indexExecuteSwitchImpl >= 0
            && indexShadowFrame >= 0
            && indextt >= 0) {
            console.log(name);
            ArtMethod_ExecuteSwitchImpltt = address;
        }
        if (indexinterpreter >= 0
            && indexExecuteSwitchImpl >= 0
            && indexShadowFrame >= 0
            && indextf >= 0) {
            console.log(name);
            ArtMethod_ExecuteSwitchImpltf = address;
        }
        if (indexinterpreter >= 0
            && indexExecuteSwitchImpl >= 0
            && indexShadowFrame >= 0
            && indexff >= 0) {
            console.log(name);
            ArtMethod_ExecuteSwitchImplff = address;
        }
        if(indexExecuteMterpImpl >= 0) {
            console.log(name);
            ArtMethod_ExecuteMterpImpl = address;
        }
    }

    var module_libext = null;
    if (Process.arch === "arm64") {
        module_libext = Module.load("/data/app/libext64.so");
    } else if (Process.arch === "arm") {
        module_libext = Module.load("/data/app/libext.so");
    }

    if (ArtMethod_ExecuteSwitchImpltt != null) {
        Interceptor.attach(ArtMethod_ExecuteSwitchImpltt, {
            onEnter: function (args) {
            }, onLeave: function (retval) {
            }
        });
    }

    if (ArtMethod_ExecuteSwitchImpltf != null) {
        Interceptor.attach(ArtMethod_ExecuteSwitchImpltf, {
            onEnter: function (args) {
            }, onLeave: function (retval) {
            }
        });
    }

    if (ArtMethod_ExecuteSwitchImplff != null) {
        Interceptor.attach(ArtMethod_ExecuteSwitchImplff, {
            onEnter: function (args) {
                var shadow_frame = args[2];
                var artMethodObj = ptr(shadow_frame).add(Process.pointerSize);

                if (module_libext != null) {
                    var addr_PrettyMethod = module_libext.findExportByName("PrettyMethod");
                    var PrettyMethod = new NativeFunction(addr_PrettyMethod, "void", ["pointer", "pointer", "pointer", "int"])

                    var result = Memory.alloc(0x100);
                    try {
                        PrettyMethod(ArtMethod_PrettyMethod, artMethodObj, result, 0x100);
                        //console.log(result.readCString());

                        console.log("ArtMethod_ExecuteSwitchImplff java_class:", result.readCString());

                    } catch (error) {
                        console.log("ArtMethod_ExecuteSwitchImplff" + error);
                    }
                }
            }, onLeave: function (retval) {
            }
        });
    }

    if (ArtMethod_ExecuteMterpImpl != null) {
        Interceptor.attach(ArtMethod_ExecuteMterpImpl, {
            onEnter: function (args) {
            }, onLeave: function (retval) {
            }
        });
    }
}
	// from https://bbs.pediy.com/thread-263210.htm
	function hook_Impl() {
	var module_libart = Process.findModuleByName("libart.so");
	var symbols = module_libart.enumerateSymbols();
	var ArtMethod_ExecuteSwitchImpltt = null;
	var ArtMethod_ExecuteSwitchImpltf = null;
	var ArtMethod_ExecuteSwitchImplff = null;
	var ArtMethod_ExecuteMterpImpl = null;

	//_ZN3art11interpreter17ExecuteSwitchImplILb1ELb1EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b ; art::interpreter::ExecuteSwitchImpl<true,true>(art::Thread ,art::DexFile::CodeItem const,art::ShadowFrame &,art::JValue,bool)
	//_ZN3art11interpreter17ExecuteSwitchImplILb1ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b ; art::interpreter::ExecuteSwitchImpl<true,false>(art::Thread ,art::DexFile::CodeItem const,art::ShadowFrame &,art::JValue,bool)
	//_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b ; art::interpreter::ExecuteSwitchImpl<false,false>(art::Thread ,art::DexFile::CodeItem const,art::ShadowFrame &,art::JValue,bool)

	for (var i = 0; i < symbols.length; i++) {
	var symbol = symbols[i];
	var address = symbol.address;
	var name = symbol.name;
	var indexinterpreter = name.indexOf("interpreter");
	var indexExecuteSwitchImpl = name.indexOf("ExecuteSwitchImpl");
	var indexExecuteMterpImpl = name.indexOf("ExecuteMterpImpl");
	var indexShadowFrame = name.indexOf("ShadowFrame");
	var indextt = name.indexOf("b1ELb1");
	var indextf = name.indexOf("b1ELb0");
	var indexff = name.indexOf("b0ELb0");
	var ArtMethod_PrettyMethod = null;
	if (name.indexOf("ArtMethod") >= 0 && name.indexOf("PrettyMethod") >= 0 && name.indexOf("Eb") >= 0 ) {
	console.log(name);
	ArtMethod_PrettyMethod = address;
	}
	if (indexinterpreter >= 0
	&& indexExecuteSwitchImpl >= 0
	&& indexShadowFrame >= 0
	&& indextt >= 0) {
	console.log(name);
	ArtMethod_ExecuteSwitchImpltt = address;
	}
	if (indexinterpreter >= 0
	&& indexExecuteSwitchImpl >= 0
	&& indexShadowFrame >= 0
	&& indextf >= 0) {
	console.log(name);
	ArtMethod_ExecuteSwitchImpltf = address;
	}
	if (indexinterpreter >= 0
	&& indexExecuteSwitchImpl >= 0
	&& indexShadowFrame >= 0
	&& indexff >= 0) {
	console.log(name);
	ArtMethod_ExecuteSwitchImplff = address;
	}
	if(indexExecuteMterpImpl >= 0) {
	console.log(name);
	ArtMethod_ExecuteMterpImpl = address;
	}
	}

	var module_libext = null;
	if (Process.arch === "arm64") {
	module_libext = Module.load("/data/app/libext64.so");
	} else if (Process.arch === "arm") {
	module_libext = Module.load("/data/app/libext.so");
	}

	if (ArtMethod_ExecuteSwitchImpltt != null) {
	Interceptor.attach(ArtMethod_ExecuteSwitchImpltt, {
	onEnter: function (args) {
	}, onLeave: function (retval) {
	}
	});
	}

	if (ArtMethod_ExecuteSwitchImpltf != null) {
	Interceptor.attach(ArtMethod_ExecuteSwitchImpltf, {
	onEnter: function (args) {
	}, onLeave: function (retval) {
	}
	});
	}

	if (ArtMethod_ExecuteSwitchImplff != null) {
	Interceptor.attach(ArtMethod_ExecuteSwitchImplff, {
	onEnter: function (args) {
	var shadow_frame = args[2];
	var artMethodObj = ptr(shadow_frame).add(Process.pointerSize);

	if (module_libext != null) {
	var addr_PrettyMethod = module_libext.findExportByName("PrettyMethod");
	var PrettyMethod = new NativeFunction(addr_PrettyMethod, "void", ["pointer", "pointer", "pointer", "int"])

	var result = Memory.alloc(0x100);
	try {
	PrettyMethod(ArtMethod_PrettyMethod, artMethodObj, result, 0x100);
	//console.log(result.readCString());

	console.log("ArtMethod_ExecuteSwitchImplff java_class:", result.readCString());

	} catch (error) {
	console.log("ArtMethod_ExecuteSwitchImplff" + error);
	}
	}
	}, onLeave: function (retval) {
	}
	});
	}

	if (ArtMethod_ExecuteMterpImpl != null) {
	Interceptor.attach(ArtMethod_ExecuteMterpImpl, {
	onEnter: function (args) {
	}, onLeave: function (retval) {
	}
	});
	}
	}