Created
January 30, 2022 08:29
-
-
Save leonjza/9b6ab672242122daafc899daf2b92305 to your computer and use it in GitHub Desktop.
objection boot target picker poc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/objection/console/cli.py b/objection/console/cli.py | |
index f9738d1..4814eff 100644 | |
--- a/objection/console/cli.py | |
+++ b/objection/console/cli.py | |
@@ -3,6 +3,8 @@ import time | |
from pathlib import Path | |
import click | |
+from prompt_toolkit import prompt | |
+from prompt_toolkit.completion import FuzzyCompleter, WordCompleter | |
from objection.commands.plugin_manager import load_plugin | |
from objection.utils.agent import Agent, AgentConfig | |
@@ -30,6 +32,42 @@ def get_agent() -> Agent: | |
pause=not state_connection.no_pause | |
)) | |
+ # launch the target picker if we need to | |
+ if not state_connection.name: | |
+ click.secho('No target specified. Start typing to choose a target.', dim=True) | |
+ apps = agent.get_applications() | |
+ app_completer = FuzzyCompleter(WordCompleter([app.identifier for app in apps])) | |
+ | |
+ target = prompt('target app: ', completer=app_completer, complete_while_typing=True) | |
+ | |
+ app = list(filter(lambda x: x.identifier == target, apps)) | |
+ if len(app) <= 0: | |
+ raise Exception(f'Could not find application {target}') | |
+ app = app[0] # get the first one | |
+ | |
+ # set the name. if the pid is 0, also set the spawn bit together with the bundle. | |
+ # if the pid is not 0, the name is the process | |
+ if app.pid == 0: | |
+ click.secho(f'Will spawn {app.identifier}', dim=True) | |
+ state_connection.name = app.identifier | |
+ state_connection.spawn = True | |
+ else: | |
+ click.secho(f'Will attach to {app.name}', dim=True) | |
+ state_connection.name = app.name | |
+ | |
+ # start a fresh agent | |
+ agent = Agent(AgentConfig( | |
+ name=state_connection.name, | |
+ host=state_connection.host, | |
+ port=state_connection.port, | |
+ device_type=state_connection.device_type, | |
+ device_id=state_connection.device_id, | |
+ spawn=state_connection.spawn, | |
+ foremost=state_connection.foremost, | |
+ debugger=state_connection.debugger, | |
+ pause=not state_connection.no_pause | |
+ )) | |
+ | |
agent.run() | |
return agent | |
diff --git a/objection/utils/agent.py b/objection/utils/agent.py | |
index 3932148..5896a15 100644 | |
--- a/objection/utils/agent.py | |
+++ b/objection/utils/agent.py | |
@@ -6,6 +6,7 @@ from dataclasses import dataclass | |
from pathlib import Path | |
from pprint import pprint | |
+import _frida # typing related :| | |
import click | |
import frida | |
@@ -186,6 +187,20 @@ class Agent(object): | |
debug_print(f'device determined as: {self.device}') | |
+ def get_applications(self) -> list[_frida.Application]: | |
+ """ | |
+ Get's the applications available on a device. | |
+ This function has a side effect in that it kicks off the device | |
+ chooser so that we can enumerate applications. | |
+ | |
+ :return: | |
+ """ | |
+ | |
+ if not self.device: | |
+ self.set_device() | |
+ | |
+ return self.device.enumerate_applications(scope='minimal') | |
+ | |
def set_target_pid(self): | |
""" | |
Set's the PID we should attach to. This method will spawn the | |
@@ -198,7 +213,7 @@ class Agent(object): | |
""" | |
if (self.config.name is None) and (not self.config.foremost): | |
- raise Exception('Need a target name to spawn/attach to') | |
+ raise Exception('Need a target name to spawn or attach to') | |
if self.config.foremost: | |
try: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment