owen800q

public void nativeGenerate2() {
    System.out.println("start call nativeGenerate2");
    DvmClass SecureNative_cls = vm.resolveClass("com/xunmeng/pinduoduo/secure/SecureNative");
    DvmObject<?> context = vm.resolveClass("android/content/Context").newObject(null);
    int context_ptr = vm.addLocalObject(context);
    int str1_ptr = vm.addLocalObject(new StringObject(vm, ""));
    int str2_ptr = vm.addLocalObject(new StringObject(vm, "Ck5UqWFzreofeABcWvkAAg=="));
    int str3_ptr = vm.addLocalObject(new StringObject(vm, "1Hdy4cQW"));
    int str4_ptr = vm.addLocalObject(new StringObject(vm, "/storage/emulated/0"));
    int str5_ptr = vm.addLocalObject(new StringObject(vm, "version=134&info=g6iUSuzNlWeDi%2FxPng%2FN%2B8ZyQEP%2FnQuHC42hkmSWvCOg79IqfkRW5Lu3jsAh0QwizbgZZSg1FOEI%0Ao4R%2F6pw6XXsv%2FxH%2FzUDXzxJ5UXUYGMSYhF%2BULFIhbWMihyiUWSRA%2FamuTFPOOd17oppNLL6QvlSp%0A9rC2BHcgOMfMaYgq0uuiVDJB4cXNREX10fgGf20jz56kh%2B6ejh1iHIEYffs3OKbtp9M7FqmSpiQY%0AuAHzn7rCorHuZDP8tyvStvBqpdDxO92eeEt%2BprLDqsM1HfA%2BX3ItGURbaT4%2BQ

owen800q

Init...
CheckCPU: SSE2 support: yes
Checking setup...
Launching TeamViewer ...
Launching TeamViewer GUI ...

then the windows does not pop out

Solution:

owen800q

 [
        "about": "App-prefs:General&path=About",
        "autoLock": "App-prefs:General&path=AUTOLOCK",
        "bluetooth": "App-prefs:Bluetooth",
        "dateTime": "App-prefs:General&path=DATE_AND_TIME",
        "facetime": "App-prefs:FACETIME",
        "general": "App-prefs:General",
        "keyboard": "App-prefs:General&path=Keyboard",
        "iCloud": "App-prefs:CASTLE",
        "iCloudStorageBackup": "App-prefs:CASTLE&path=STORAGE_AND_BACKUP",

owen800q

import time
import hashlib
import requests
# Get comic detail

core_token = ''
timestamp =  str(int(time.time()))
comic_id = '59872'
hash_body = 'com.dmzj.manhua63:60:C8:3B:75:31:3F:35:EC:41:1D:85:60:63:EB:25{timestamp}+bYV5TaOBivUHM'.format(timestamp=timestamp)
md5_hash = hashlib.md5(hash_body.encode('utf-8')).hexdigest().upper()

owen800q

console.log("Loading script...");

var getaddrinfoPtr = Module.findExportByName(null, 'getaddrinfo')
var connectPtr = Module.findExportByName(null, 'connect')
var sendPtr = Module.findExportByName(null, 'send')
var recvPtr = Module.findExportByName(null, 'recv')

var getaddrinfoFunction = new NativeFunction(getaddrinfoPtr, 'int', ['pointer', 'pointer', 'pointer', 'pointer'])
var connectFunction = new NativeFunction(connectPtr, 'int', ['int', 'pointer', 'int'])
var sendFunction = new NativeFunction(sendPtr, 'int', ['int', 'pointer', 'int', 'int'])

owen800q

const utils = {
	colors: {
		red: function(string) {
			return '\x1b[31m' + string + '\x1b[0m';
		},

		green: function(string) {
			return '\x1b[32m' + string + '\x1b[0m';
		},

owen800q

function a2e(a, b) {
    var c = a2c();
    return a2e = function(d, e) {
        d = d - 0x96;
        var f = c[d];
        if (a2e['ngWbPO'] === undefined) {
            var g = function(l) {
                var m = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';
                var n = ''
                  , o = ''

owen800q

function bytes sequence signature

arm 32

2D E9 F0 4F A3 B0 81 46 50 20 10 70 D9 F8 98 70 00 2F

arm 64

FF 03 05 D1 FC 6B 0F A9 F9 63 10 A9 F7 5B 11 A9 F5 53 12 A9 F3 7B 13 A9 08 0A 80 52 48 00 00 39 16 54 40 F9 56 07 00 B4 C8 02 40 F9 08 07 00 B4 29 20 40 A9 F3 03 02 AA

owen800q

/*  Android ssl certificate pinning bypass script for various methods
	by Maurizio Siddu
	
	Run with:
	frida -U -f [APP_ID] -l frida_multiple_unpinning.js --no-pause
*/

setTimeout(function() {
	Java.perform(function () {
		console.log('');

owen800q

/**
 * run the script to a running app: frida -U "appName" -l flutter_ios.js --no-pause
 * start app direct with the script:  frida -Uf bundleIdentifier -l flutter_ios.js --no-pause
 */
// #############################################
// HELPER SECTION START
var colors = {
    "resetColor": "\x1b[0m",
    "green": "\x1b[32m",
    "yellow": "\x1b[33m",