These determine the assumed/default size of instruction operands, and restricts which opcodes are available, and how they are used.
Modern operating systems, booted inside Real mode,
owen800q
owen800q
/ nativeGenerate2.java
Created
November 12, 2023 05:50
— forked from SeeFlowerX/nativeGenerate2.java
unidbg通过签名调用native方法,这样不用去看方法的地址是多少~~
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public void nativeGenerate2() { | |
| System.out.println("start call nativeGenerate2"); | |
| DvmClass SecureNative_cls = vm.resolveClass("com/xunmeng/pinduoduo/secure/SecureNative"); | |
| DvmObject<?> context = vm.resolveClass("android/content/Context").newObject(null); | |
| int context_ptr = vm.addLocalObject(context); | |
| int str1_ptr = vm.addLocalObject(new StringObject(vm, "")); | |
| int str2_ptr = vm.addLocalObject(new StringObject(vm, "Ck5UqWFzreofeABcWvkAAg==")); | |
| int str3_ptr = vm.addLocalObject(new StringObject(vm, "1Hdy4cQW")); | |
| int str4_ptr = vm.addLocalObject(new StringObject(vm, "/storage/emulated/0")); | |
| int str5_ptr = vm.addLocalObject(new StringObject(vm, "version=134&info=g6iUSuzNlWeDi%2FxPng%2FN%2B8ZyQEP%2FnQuHC42hkmSWvCOg79IqfkRW5Lu3jsAh0QwizbgZZSg1FOEI%0Ao4R%2F6pw6XXsv%2FxH%2FzUDXzxJ5UXUYGMSYhF%2BULFIhbWMihyiUWSRA%2FamuTFPOOd17oppNLL6QvlSp%0A9rC2BHcgOMfMaYgq0uuiVDJB4cXNREX10fgGf20jz56kh%2B6ejh1iHIEYffs3OKbtp9M7FqmSpiQY%0AuAHzn7rCorHuZDP8tyvStvBqpdDxO92eeEt%2BprLDqsM1HfA%2BX3ItGURbaT4%2BQ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| "about": "App-prefs:General&path=About", | |
| "autoLock": "App-prefs:General&path=AUTOLOCK", | |
| "bluetooth": "App-prefs:Bluetooth", | |
| "dateTime": "App-prefs:General&path=DATE_AND_TIME", | |
| "facetime": "App-prefs:FACETIME", | |
| "general": "App-prefs:General", | |
| "keyboard": "App-prefs:General&path=Keyboard", | |
| "iCloud": "App-prefs:CASTLE", | |
| "iCloudStorageBackup": "App-prefs:CASTLE&path=STORAGE_AND_BACKUP", |
owen800q
/ networking.js
Created
September 22, 2022 14:36
— forked from zihadmahiuddin/networking.js
A Frida script for native networking functions (getaddrinfo, connect, send and recv)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| console.log("Loading script..."); | |
| var getaddrinfoPtr = Module.findExportByName(null, 'getaddrinfo') | |
| var connectPtr = Module.findExportByName(null, 'connect') | |
| var sendPtr = Module.findExportByName(null, 'send') | |
| var recvPtr = Module.findExportByName(null, 'recv') | |
| var getaddrinfoFunction = new NativeFunction(getaddrinfoPtr, 'int', ['pointer', 'pointer', 'pointer', 'pointer']) | |
| var connectFunction = new NativeFunction(connectPtr, 'int', ['int', 'pointer', 'int']) | |
| var sendFunction = new NativeFunction(sendPtr, 'int', ['int', 'pointer', 'int', 'int']) |
owen800q
/ openssl-frida.js
Created
September 22, 2022 14:23
— forked from FrankSpierings/openssl-frida.js
Some OpenSSL hooks in Frida - Work in progress....
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const utils = { | |
| colors: { | |
| red: function(string) { | |
| return '\x1b[31m' + string + '\x1b[0m'; | |
| }, | |
| green: function(string) { | |
| return '\x1b[32m' + string + '\x1b[0m'; | |
| }, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import hashlib | |
| import requests | |
| # Get comic detail | |
| core_token = '' | |
| timestamp = str(int(time.time())) | |
| comic_id = '59872' | |
| hash_body = 'com.dmzj.manhua63:60:C8:3B:75:31:3F:35:EC:41:1D:85:60:63:EB:25{timestamp}+bYV5TaOBivUHM'.format(timestamp=timestamp) | |
| md5_hash = hashlib.md5(hash_body.encode('utf-8')).hexdigest().upper() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function a2e(a, b) { | |
| var c = a2c(); | |
| return a2e = function(d, e) { | |
| d = d - 0x96; | |
| var f = c[d]; | |
| if (a2e['ngWbPO'] === undefined) { | |
| var g = function(l) { | |
| var m = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/='; | |
| var n = '' | |
| , o = '' |
owen800q
/ frida_multiple_unpinning.js
Created
February 12, 2021 11:26
— forked from akabe1/frida_multiple_unpinning.js
Another Android ssl certificate pinning bypass for various methods
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Android ssl certificate pinning bypass script for various methods | |
| by Maurizio Siddu | |
| Run with: | |
| frida -U -f [APP_ID] -l frida_multiple_unpinning.js --no-pause | |
| */ | |
| setTimeout(function() { | |
| Java.perform(function () { | |
| console.log(''); |
owen800q
/ flutter_ios.js
Created
January 4, 2021 05:46
— forked from AICDEV/flutter_ios.js
Frida trace Flutter Functions on iOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * run the script to a running app: frida -U "appName" -l flutter_ios.js --no-pause | |
| * start app direct with the script: frida -Uf bundleIdentifier -l flutter_ios.js --no-pause | |
| */ | |
| // ############################################# | |
| // HELPER SECTION START | |
| var colors = { | |
| "resetColor": "\x1b[0m", | |
| "green": "\x1b[32m", | |
| "yellow": "\x1b[33m", |
owen800q
/ flutter_ios.js
Created
January 4, 2021 05:46
— forked from AICDEV/flutter_ios.js
Frida trace Flutter Functions on iOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * run the script to a running app: frida -U "appName" -l flutter_ios.js --no-pause | |
| * start app direct with the script: frida -Uf bundleIdentifier -l flutter_ios.js --no-pause | |
| */ | |
| // ############################################# | |
| // HELPER SECTION START | |
| var colors = { | |
| "resetColor": "\x1b[0m", | |
| "green": "\x1b[32m", | |
| "yellow": "\x1b[33m", |
owen800q
/ x86-assembly-notes.md
Created
August 7, 2020 05:43
— forked from mikesmullin/x86-assembly-notes.md
Notes on x86-64 Assembly and Machine Code
NewerOlder