frida script to find imposter (amongus 2020.9.9 arm64-v8a)

index.ts

import { log } from "./logger";
import { AssertionError } from "assert";

const libil2cpp = Process.getModuleByName("libil2cpp.so");
const libil2cppb = libil2cpp.base;
const playerinfo_serialize = libil2cppb.add(0x6c2e30);
const playerinfo_deserialize = libil2cppb.add(0x6c316c);

console.log("Starting script..");
function readString(pointr:NativePointer){
    let length = pointr.add(16).readInt()
    const stringBytes = pointr.add(20).readByteArray(length*2)
    if(stringBytes instanceof ArrayBuffer){
        const view = new Uint16Array(stringBytes)
        return String.fromCharCode.apply(null,[...view])
    }
    return "Cant read"

}
function processPlayerInfo(rawPlayer: NativePointer) {
    const buffer = rawPlayer.readByteArray(0x41);
    const playername_ptr = rawPlayer.add(0x18).readPointer()
    const playername = readString(playername_ptr)

    if (buffer instanceof ArrayBuffer) {
        const playerInfoView = new DataView(buffer);
        const player = {
            PlayerId: playerInfoView.getInt8(0x10),
            PlayerName: playername, //0x18
            ColorId: playerInfoView.getInt32(0x20, true),
            HatId: playerInfoView.getInt16(0x24, true),
            PetId: playerInfoView.getInt16(0x28, true),
            SkinId: `0x${playerInfoView.getInt16(0x2c, true).toString(16)}`,
            Disconnected: `0x${playerInfoView.getInt32(0x30, true).toString(16)}`,
            Tasks: playerInfoView.getInt32(0x38, true),
            IsImpostor: playerInfoView.getInt8(0x40),
        };
        console.log("[+] Player Serialize");
        console.log(JSON.stringify(player,null,"-- "))
    }
}

Interceptor.attach(playerinfo_serialize, {
    onEnter: function (args) {
        const rawPlayer = args[0];
        processPlayerInfo(rawPlayer);
        // console.log(
        //     hexdump(rawPlayer.add(0x20), {
        //         offset: 0,
        //         length: 0x50,
        //         header: true,
        //         ansi: true,
        //     })
        // );
    },
    onLeave: retval => {},
});

Interceptor.attach(playerinfo_deserialize, {
    onEnter: function (args) {
       //save playerInfo pointer
       this.pInfo = args[0];

    },
    onLeave: function (retval) {
        if(this.pInfo instanceof NativePointer){
            //playerInfo deserialized into pInfo
            processPlayerInfo(this.pInfo);
        }
     },

});

PS D:\Root\frida-agent-example> frida -U --no-pause -l .\_agent.js com.innersloth.spacemafia                                 ____
    / _  |   Frida 12.11.17 - A world-class dynamic instrumentation toolkit
   | (_| |
    > _  |   Commands:
   /_/ |_|       help      -> Displays the help system
   . . . .       object?   -> Display information about 'object'
   . . . .       exit/quit -> Exit
   . . . .
   . . . .   More info at https://www.frida.re/docs/home/

Error: unable to find module 'libil2cpp.so'
    at frida/runtime/core.js:345
    at agent/index.ts:4
    at o (node_modules/browser-pack/_prelude.js:1)
    at r (node_modules/browser-pack/_prelude.js:1)
    at /_agent.js:1414

this is the new error

This is because when you start the app libil2cpp is not loaded. You should start the game then load frida script

Frida version 15.2.2
frida-server-15.0.7-android-x86_64

Happens to me when I run this command
Frida version 15.2.2
frida -U -f br.com.brainweb.name -l jsInjection.js --no-pause
____
/ _ | Frida 15.2.2 - A world-class dynamic instrumentation toolkit
| (| |
> _ | Commands:
// |_| help -> Displays the help system
. . . . object? -> Display information about 'object'
. . . . exit/quit -> Exit
. . . .
. . . . More info at https://frida.re/docs/home/
. . . .
. . . . Connected to Android Emulator 5554 (id=emulator-5554)
Failed to load script: script(line 1): SyntaxError: unexpected character

Thank you for using Frida!

My script jsInjection.js
java.perform( function () {
console.log(' ');
console.log(' Silva Silva');

});