This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var flutter = Module.getBaseAddress("libflutter.so") | |
// search ssl_client, add offset of found function | |
Interceptor.attach(flutter.add(0x5873D4),{ | |
onEnter: function (args) { | |
console.log("ssl verify called") | |
}, | |
onLeave:function(retval){ | |
console.log("retval value",retval.toInt32()) | |
retval.replace(0x1); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
meta: | |
id: luac | |
file-extension: luac | |
endian: le | |
seq: | |
- id: file_header | |
type: header | |
- id: top_level_function | |
type: function |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from androguard.core.bytecodes import apk | |
import sys | |
import logging | |
logging.getLogger().setLevel(logging.ERROR) | |
a = apk.APK(sys.argv[1]) | |
activities = a.get_activities() | |
application = a.get_attribute_value("application","name") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Java.perform(function() { | |
var f = Java.use("java.io.File") | |
f.delete.implementation = function(a){ | |
console.log("[+] Delete catched =>" +this.getAbsolutePath()) | |
return true | |
} | |
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// install package with adb install package.name | |
// do not open application | |
// use -f force option | |
// frida -U -f package.name -l del.js | |
Java.perform(function() { | |
var ssl = Java.use("k.x$b") | |
var channel = Java.use("f.e.c.b.g.f.g.a.c") | |
var Integer = Java.use("java.lang.Integer"); | |
var ArrayList = Java.use("java.util.ArrayList"); | |
var ArrayList = Java.use("java.util.ArrayList"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
arr=($(adb shell "ls /data/app" | tr "\r\n" " " | sed 's/-[0-9]//g') "Quit") | |
echo "It's time to choose" | |
select opt in "${arr[@]}";do | |
case $opt in | |
"Quit") | |
break | |
esac | |
re='^[0-9]+$' | |
if ! [[ $REPLY =~ $re ]]; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// send following command to trigger | |
// adb shell 'am broadcast -a flag_checker --es flag "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -n com.application.darkcon/com.application.darkcon.MyReceiver' | |
var flag = "" | |
var looper = Module.getExportByName("libnative-lib.so","_Z6looperj") | |
var nlib = Module.getBaseAddress("libnative-lib.so") | |
function bytes2hex(array) { | |
array = Java.array('byte',array) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
command! -nargs=+ FridaV call FridaV(<f-args>) | |
command! -nargs=+ Frida call Frida(<f-args>) | |
function! FridaV( ... ) | |
let class = split(a:1,"\\V.") | |
let last = class[len(class)-1] | |
let S = ":normal i" | |
let S .= "\tvar %s = Java.use(\"%s\")\n" | |
execute printf(S,last,a:1) | |
call Frida(last,a:2,a:3) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var DEBUG = false | |
console.log('Starting ..') | |
const YourCountry = 'Americans' | |
const HACKS = ['Cost','BuildTime','Armor','income','speed','firepower'] | |
function processCountry(rawCountry: NativePointer) { | |
const buffer = rawCountry.readByteArray(0x1A9); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#get apks from server? wget -np -e robots=off -m site.com/apk/folder/ | |
#Place all apks in the same dir as py file or change os.listdir parameter | |
#you can get del.js from my repo https://github.com/eybisi/fridaScripts/blob/master/del.js | |
import os | |
from androguard.core.bytecodes import apk | |
import frida | |
import time | |
device = frida.get_usb_device() | |
files = [f for f in os.listdir("./")] | |
for f in files: |