andreafioraldi/a.js

## a.js

var STALKER_QUEUE_CAP = 100000000;
var STALKER_QUEUE_DRAIN_INT = 1000*1000;

Stalker.trustThreshold = 0;
Stalker.queueCapacity = STALKER_QUEUE_CAP;
Stalker.queueDrainInterval = STALKER_QUEUE_DRAIN_INT;

var TARGET_MODULE = "libnative-lib.so";
var TARGET_FUNCTION = Module.findExportByName(TARGET_MODULE, "target_func");
var RET_TYPE = "void";
var ARGS_TYPES = ['pointer', 'int'];

rpc.exports.loop = function () {

  var generic_transform = function (iterator) {

      var i = iterator.next();

      var cur_loc = i.address;

      do iterator.keep()
      while ((i = iterator.next()) !== null);

    }

  Stalker.follow(Process.getCurrentThreadId(), {
        events: {
            call: false,
            ret: false,
            exec: false,
            block: false,
            compile: true
        },

      transform: generic_transform,
    });


    var func_handle = new NativeFunction(TARGET_FUNCTION, RET_TYPE, ARGS_TYPES, { traps: 'all' });

    var m = Memory.alloc(100);
    func_handle(m, 100);


}

	var STALKER_QUEUE_CAP = 100000000;
	var STALKER_QUEUE_DRAIN_INT = 1000*1000;

	Stalker.trustThreshold = 0;
	Stalker.queueCapacity = STALKER_QUEUE_CAP;
	Stalker.queueDrainInterval = STALKER_QUEUE_DRAIN_INT;

	var TARGET_MODULE = "libnative-lib.so";
	var TARGET_FUNCTION = Module.findExportByName(TARGET_MODULE, "target_func");
	var RET_TYPE = "void";
	var ARGS_TYPES = ['pointer', 'int'];

	rpc.exports.loop = function () {

	var generic_transform = function (iterator) {

	var i = iterator.next();

	var cur_loc = i.address;

	do iterator.keep()
	while ((i = iterator.next()) !== null);

	}

	Stalker.follow(Process.getCurrentThreadId(), {
	events: {
	call: false,
	ret: false,
	exec: false,
	block: false,
	compile: true
	},

	transform: generic_transform,
	});


	var func_handle = new NativeFunction(TARGET_FUNCTION, RET_TYPE, ARGS_TYPES, { traps: 'all' });

	var m = Memory.alloc(100);
	func_handle(m, 100);


	}