Skip to content

Instantly share code, notes, and snippets.

@dneprDroid
Last active May 2, 2024 13:53
Show Gist options
  • Save dneprDroid/7d394490cffe2720ebf161b053168932 to your computer and use it in GitHub Desktop.
Save dneprDroid/7d394490cffe2720ebf161b053168932 to your computer and use it in GitHub Desktop.
const libname = "libSystem.B.dylib";
function CC_SHA1_Update(){
//CC_SHA1_Update(CC_SHA1_CTX *c, const void *data, CC_LONG len);
Interceptor.attach(Module.findExportByName(libname, "CC_SHA1_Update"),
{
onEnter: function(args) {
var ccsha1update = {
'operation': 'CC_SHA1_Update',
'contextAddress': args[0],
}
if(ptr(args[1]) != 0) {
ccsha1update['data'] = (Memory.readByteArray(ptr(args[1]),parseInt(args[2])));
} else {
ccsha1update['data'] = null;
}
send(JSON.stringify({'[MBSFDUMP] crypto': ccsha1update}));
}
});
}
function CC_SHA1_Final(){
//CC_SHA1_Final(unsigned char *md, CC_SHA1_CTX *c);
Interceptor.attach(Module.findExportByName(libname, "CC_SHA1_Final"),
{
onEnter: function(args) {
this.mdSha = args[0];
this.ctxSha = args[1];
},
onLeave: function(retval) {
var ccsha1final_ret = {
'operation': 'CC_SHA1_Final',
'contextAddress': this.ctxSha,
}
if(ptr(this.mdSha) != 0) {
ccsha1final_ret['hash'] = (Memory.readByteArray(ptr(this.mdSha),20));
} else {
ccsha1final_ret['hash'] = null;
}
send(JSON.stringify({'[MBSFDUMP] crypto': ccsha1final_ret}));
}
});
}
import frida
import time
def message_handler(message, payload):
print(message)
print(payload)
def hook():
cmd = [
'./test',
]
print("running `%s` ...." % cmd)
pid = frida.spawn(cmd)
frida.resume(pid)
session = frida.attach(pid)
print("pid:", pid)
with open("frida.js") as f:
script = session.create_script(f.read())
script.on("message", message_handler)
script.load()
while True:
time.sleep(1)
hook()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment