Created
May 15, 2020 01:37
-
-
Save ox1111/94bd0f7086ed5dd0526d7d5016ee6c5c to your computer and use it in GitHub Desktop.
Frida Script to automatically redirect all java.net.URLConnections through a proxy of your choosing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Frida Script to automatically redirect all java.net.URLConnections through a proxy of your choosing | |
| setImmediate(function() { | |
| Java.perform(function() { | |
| var url = Java.use("java.net.URL"); | |
| var proxyTypeI = Java.use('java.net.Proxy$Type'); | |
| var inetSockAddrWrap = Java.use("java.net.InetSocketAddress"); | |
| var proxy = Java.use('java.net.Proxy'); | |
| url.$init.overload('java.lang.String').implementation = function (var0) { | |
| console.log("[*] Created new URL with value: " + var0 +"\n"); | |
| return this.$init(var0); | |
| }; | |
| url.openConnection.overload().implementation = function () { | |
| console.log("[*] Created new URL connection\n"); | |
| /* | |
| try{ | |
| console.log("A - calling Proxy.Type.valueOf('HTTP')"); | |
| var proxyTypeImpl = proxyTypeI.valueOf("HTTP"); | |
| console.log("ProxyType:" + proxyTypeImpl); | |
| } | |
| catch(e){console.log("caught:" + e);}*/ | |
| //console.log("B - Creating java.net.InetSocketAddress wrapper"); | |
| console.log("B - iNSTANTIATING java.net.InetSocketAddress "); | |
| var inetSockAddrImpl = inetSockAddrWrap.$new("whatever.proxy.address.blah",8080) | |
| var proxyImpl; | |
| try{ | |
| console.log("C - Creating Proxy wrapper"); | |
| //var proxyImpl1 = proxy.$new(); | |
| //console.log(proxyImpl1); | |
| //console.log(proxyImpl1.getClass()); | |
| console.log("ProxyType:" + proxyTypeI.HTTP); | |
| console.log("InetSockAddr:" + inetSockAddrImpl); | |
| proxyImpl = proxy.$new(proxyTypeI.valueOf('HTTP'), inetSockAddrImpl); | |
| } | |
| catch(e){ | |
| console.log(e); | |
| } | |
| console.log("D - Returning Proxy wrapper"); | |
| return this.openConnection(proxyImpl); | |
| }; | |
| url.openConnection.overload('java.net.Proxy').implementation = function (var0) { | |
| console.log("[*] Created new URL connection with proxy value: " + var0 +"\n"); | |
| return this.openConnection(var0); | |
| }; | |
| var URLConnection = Java.use("java.net.URLConnection"); | |
| URLConnection.connect.implementation = function () { | |
| console.log("[*] Connect called.\n"); | |
| this.connect(); | |
| }; | |
| URLConnection.getContent.overload().implementation = function () { | |
| var content = this.getContent(); | |
| console.log("[*] Get content called. Content: " + content + "\n"); | |
| return content; | |
| }; | |
| URLConnection.getContentType.implementation = function () { | |
| var contentType = this.getContentType(); | |
| console.log("[*] Get content type called. Content type: " + contentType + "\n"); | |
| return contentType; | |
| }; | |
| URLConnection.getContentLength.implementation = function () { | |
| var contentLength = this.getContentLength(); | |
| console.log("[*] Get content length called. Content length: " + contentLength + "\n"); | |
| return contentLength; | |
| }; | |
| URLConnection.getContentLengthLong.implementation = function () { | |
| var contentLengthLong = this.getContentLengthLong(); | |
| console.log("[*] Get content length long called. Content length long: " + contentLengthLong + "\n"); | |
| return contentLengthLong; | |
| }; | |
| URLConnection.getContentEncoding.implementation = function () { | |
| var contentEncoding = this.getContentEncoding(); | |
| console.log("[*] Get content encoding called. Content encoding: " + contentEncoding + "\n"); | |
| return contentEncoding; | |
| }; | |
| URLConnection.getDate.implementation = function () { | |
| var contentDate = this.getDate(); | |
| console.log("[*] Get date called. Date: " + contentDate + "\n"); | |
| return contentDate; | |
| }; | |
| URLConnection.getExpiration.implementation = function () { | |
| var contentExpiration = this.getExpiration(); | |
| console.log("[*] Get expiration called. Expiration: " + contentExpiration + "\n"); | |
| return contentExpiration; | |
| }; | |
| URLConnection.getLastModified.implementation = function () { | |
| var lastModified = this.getLastModified(); | |
| console.log("[*] Get last modified called. Value: " + lastModified + "\n"); | |
| return lastModified; | |
| }; | |
| URLConnection.getInputStream.implementation = function () { | |
| console.log("[*] Get input stream called.\n"); | |
| return this.getInputStream; | |
| }; | |
| URLConnection.setDoOutput.overload('boolean').implementation = function (var0) { | |
| console.log("[*] URLConnection.setDoOutput called with value: " + var0 + ".\n"); | |
| this.setDoOutput(var0); | |
| }; | |
| URLConnection.setDoInput.overload('boolean').implementation = function (var0) { | |
| console.log("[*] URLConnection.setDoInput called with value: " + var0 + ".\n"); | |
| this.setDoInput(var0); | |
| }; | |
| var httpURLConnection = Java.use("com.android.okhttp.internal.huc.HttpURLConnectionImpl"); | |
| httpURLConnection.setRequestMethod.overload('java.lang.String').implementation = function (var0) { | |
| console.log("[*] Set request method called: " + var0 + "\n"); | |
| this.setRequestMethod(var0); | |
| }; | |
| httpURLConnection.setRequestMethod.overload('java.lang.String').implementation = function (var0) { | |
| console.log("[*] Set request method called: " + var0 + "\n"); | |
| this.setRequestMethod(var0); | |
| }; | |
| httpURLConnection.connect.implementation = function () { | |
| console.log("[*] Connect called.\n"); | |
| this.connect(); | |
| }; | |
| httpURLConnection.disconnect.implementation = function () { | |
| console.log("[*] Disconnect called.\n"); | |
| this.disconnect(); | |
| }; | |
| httpURLConnection.getResponseCode.implementation = function () { | |
| var responseCode = this.getResponseCode(); | |
| console.log("[*] Get response code called: " + responseCode + "\n"); | |
| return responseCode; | |
| }; | |
| var httpsURLConnection = Java.use("com.android.okhttp.internal.huc.HttpsURLConnectionImpl"); | |
| httpsURLConnection.setRequestMethod.overload('java.lang.String').implementation = function (var0) { | |
| console.log("[*] Set request method called: " + var0 + "\n"); | |
| this.setRequestMethod(var0); | |
| }; | |
| httpsURLConnection.connect.implementation = function () { | |
| console.log("[*] Connect called.\n"); | |
| this.connect(); | |
| }; | |
| httpsURLConnection.disconnect.implementation = function () { | |
| console.log("[*] Disconnect called.\n"); | |
| this.disconnect(); | |
| }; | |
| httpsURLConnection.getResponseCode.implementation = function () { | |
| var responseCode = this.getResponseCode(); | |
| console.log("[*] Get response code called: " + responseCode + "\n"); | |
| return responseCode; | |
| }; | |
| httpsURLConnection.setRequestProperty.overload('java.lang.String', 'java.lang.String').implementation = function (var0, var1) { | |
| console.log("[*] URLConnection.setRequestProperty called with key: " + var0 + " and value: " + var1 + ".\n"); | |
| this.setRequestProperty(var0, var1); | |
| }; | |
| }); | |
| }); | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment