This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function monitorMemory(base, length, interceptedInstructions = new Set()) { | |
const baseAddress = ptr(base.toString()); | |
MemoryAccessMonitor.enable({base: baseAddress, size: length}, { | |
onAccess: function(details) { | |
let baseOffset = details.address.sub(baseAddress); | |
console.log(`${details.address} (offset in range ${baseAddress} = ${baseOffset}) accessed for ${details.operation} from address ${DebugSymbol.fromAddress(details.from)}. Page ${details.pageIndex + 1} of ${details.pagesTotal}`); | |
let instruction = Instruction.parse(details.from); | |
const nextInstr = ptr(instruction.next.toString()); | |
if (interceptedInstructions.has(nextInstr.toString())) { | |
return; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import argparse | |
import json | |
predefined_struct = { | |
"UnityEngine_Vector3_o" : [("float","x"),("float","y"),("float","z")] | |
} | |
def extract_class_methods(methods_informations, clazz): | |
""" | |
We check if the signature start with the class we want to hook, if so |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const THUMB_HOOK_REDIRECT_SIZE = 8; | |
const THUMB_BIT_REMOVAL_MASK = ptr(1).not(); | |
const trampolines: NativePointer[] = []; | |
const replacements: NativePointer[] = []; | |
export function makeTrampoline(target: NativePointer): NativePointer { | |
const targetAddress = target.and(THUMB_BIT_REMOVAL_MASK); | |
const trampoline = Memory.alloc(Process.pageSize); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
from subprocess import Popen | |
import frida | |
import time | |
import sys | |
dumped = False | |
def get_script(package_name): | |
jscode = """ |
System directories
Method | Result |
---|---|
Environment.getDataDirectory() | /data |
Environment.getDownloadCacheDirectory() | /cache |
Environment.getRootDirectory() | /system |
External storage directories