Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/usr/bin/env python3
from __future__ import print_function
import frida
import sys
import json
import time
def on_message(message, payload):
if(message['type'] == 'send'):
rec_data = json.loads(message['payload'])
if rec_data['my_type'] == 'IV':
print("[$] IvParameterSpec :: {}".format(payload.decode('utf-8')))
elif rec_data['my_type'] == 'KEY':
print("[$] SecretSpecKey :: {}".format(payload.decode('utf-8')))
else:
print(message)
else:
print(message)
js_code = """
console.log("Script loaded");
Java.perform(function x() {
//hooking SecretKeySpec's constructor to get the SecretKeySpec
var secret_key_spec = Java.use("javax.crypto.spec.SecretKeySpec");
secret_key_spec.$init.overload("[B", "java.lang.String").implementation = function (x, y) {
send('{"my_type" : "KEY"}', new Uint8Array(x));
return this.$init(x, y);
}
//hooking IvParameterSpec's constructor to get the IV
var iv_parameter_spec = Java.use("javax.crypto.spec.IvParameterSpec");
iv_parameter_spec.$init.overload("[B").implementation = function (x) {
send('{"my_type" : "IV"}', new Uint8Array(x));
return this.$init(x);
}
});
"""
# device = frida.get_usb_device()
# pid = device.spawn(["com.example.a11x256.frida_test"])
# device.resume(pid)
# time.sleep(1)
# session = device.attach(pid)
session = frida.get_usb_device().attach('com.example.a11x256.frida_test')
script = session.create_script(js_code)
script.on("message", on_message)
script.load()
sys.stdin.read()
@gurtej741

This comment has been minimized.

Copy link

@gurtej741 gurtej741 commented Oct 10, 2019

i am facing the issues:

File ".\frida-get-AES-keys.py", line 13, in on_message
print("[$] IvParameterSpec :: {}".format(payload.decode('utf-8')))
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf8 in position 7: invalid start byte
Traceback (most recent call last):
File "C:\Program Files (x86)\Python37-32\lib\site-packages\frida\core.py", line 298, in _on_message
callback(message, data)
File ".\frida-get-AES-keys.py", line 15, in on_message
print("[$] SecretSpecKey :: {}".format(payload.decode('utf-8')))
UnicodeDecodeError: 'utf-8' codec can't decode bytes in position 1-2: invalid continuation byte

@d3vilbug

This comment has been minimized.

Copy link
Owner Author

@d3vilbug d3vilbug commented Oct 10, 2019

@gurtej741

This comment has been minimized.

Copy link

@gurtej741 gurtej741 commented Oct 10, 2019

@gurtej741

This comment has been minimized.

Copy link

@gurtej741 gurtej741 commented Oct 10, 2019

The python code at link: https://11x256.github.io/Frida-hooking-android-part-5/

shows below error:
\\\\\\frida-AES-KEY-Script> .\frida-get-AES-keys_1.py
File "D:\Android Testing Stuff\frida-AES-KEY-Script\frida-get-AES-keys_1.py", line 16
print "Key sent to SecretKeySpec()", payload.encode("hex")

@d3vilbug

This comment has been minimized.

Copy link
Owner Author

@d3vilbug d3vilbug commented Oct 10, 2019

and did you also used the .js file from the same link?

@gurtej741

This comment has been minimized.

Copy link

@gurtej741 gurtej741 commented Oct 10, 2019

@d3vilbug

This comment has been minimized.

Copy link
Owner Author

@d3vilbug d3vilbug commented Oct 10, 2019

Can you share your .js and .py files ??

@gurtej741

This comment has been minimized.

Copy link

@gurtej741 gurtej741 commented Oct 10, 2019

@gurtej741

This comment has been minimized.

Copy link

@gurtej741 gurtej741 commented Oct 17, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.