Last active
May 2, 2024 13:53
-
-
Save dneprDroid/7d394490cffe2720ebf161b053168932 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const libname = "libSystem.B.dylib"; | |
function CC_SHA1_Update(){ | |
//CC_SHA1_Update(CC_SHA1_CTX *c, const void *data, CC_LONG len); | |
Interceptor.attach(Module.findExportByName(libname, "CC_SHA1_Update"), | |
{ | |
onEnter: function(args) { | |
var ccsha1update = { | |
'operation': 'CC_SHA1_Update', | |
'contextAddress': args[0], | |
} | |
if(ptr(args[1]) != 0) { | |
ccsha1update['data'] = (Memory.readByteArray(ptr(args[1]),parseInt(args[2]))); | |
} else { | |
ccsha1update['data'] = null; | |
} | |
send(JSON.stringify({'[MBSFDUMP] crypto': ccsha1update})); | |
} | |
}); | |
} | |
function CC_SHA1_Final(){ | |
//CC_SHA1_Final(unsigned char *md, CC_SHA1_CTX *c); | |
Interceptor.attach(Module.findExportByName(libname, "CC_SHA1_Final"), | |
{ | |
onEnter: function(args) { | |
this.mdSha = args[0]; | |
this.ctxSha = args[1]; | |
}, | |
onLeave: function(retval) { | |
var ccsha1final_ret = { | |
'operation': 'CC_SHA1_Final', | |
'contextAddress': this.ctxSha, | |
} | |
if(ptr(this.mdSha) != 0) { | |
ccsha1final_ret['hash'] = (Memory.readByteArray(ptr(this.mdSha),20)); | |
} else { | |
ccsha1final_ret['hash'] = null; | |
} | |
send(JSON.stringify({'[MBSFDUMP] crypto': ccsha1final_ret})); | |
} | |
}); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import frida | |
import time | |
def message_handler(message, payload): | |
print(message) | |
print(payload) | |
def hook(): | |
cmd = [ | |
'./test', | |
] | |
print("running `%s` ...." % cmd) | |
pid = frida.spawn(cmd) | |
frida.resume(pid) | |
session = frida.attach(pid) | |
print("pid:", pid) | |
with open("frida.js") as f: | |
script = session.create_script(f.read()) | |
script.on("message", message_handler) | |
script.load() | |
while True: | |
time.sleep(1) | |
hook() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment