Skip to content

Instantly share code, notes, and snippets.

@adon90

adon90/Frida

Created October 29, 2018 13:11
Show Gist options
  • Save adon90/cf945a989cc90d0e3f3a3f68c900667a to your computer and use it in GitHub Desktop.
Save adon90/cf945a989cc90d0e3f3a3f68c900667a to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Frida
import sys
import pefile
import frida
def on_message(message, data):
print "[%s] -> %s" % (message, data)
def main(target_process):
session = frida.attach(11688)
script = session.create_script("""
var sendPtr = Module.findExportByName("ws2_32.dll", "send");
console.log('send address: ' + sendPtr.toString());
console.log('>> Hooking ws2_32!send <<');
Interceptor.attach(sendPtr, {
onEnter: function (args) {
console.log("buf : " + Memory.readCString(args[1]));
Memory.writeAnsiString(args[1],"HTTP/1.1 200 OK\\nServer: simple web server\\nContent-Type: text/html\\n\\nWelcome To My testServer");
Memory.writeInt(args[2], 96);
console.log("replaced buf : " + Memory.readCString(args[1]));
},
onLeave: function (retval) {
}
});
""")
script.on('message', on_message)
script.load()
raw_input('\n\n')
session.detach()
if __name__ == '__main__':
#target_process = 7100
#foo = unicode(target_process)
main(0)
@duolaaa
Copy link

duolaaa commented Apr 23, 2019

你好,想请教下,Memory.writeAnsiString可以针对window程序的入参进行修改,那So文件的入参修改是怎么样的?谢谢你。我尝试了一些方法都没有成功

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment