Frida agent, using Xamarin Mono APIs to intercept a full-AOT method and dump its single argument
| import { MonoApiHelper, MonoApi } from 'frida-mono-api' | |
| const domain = MonoApi.mono_get_root_domain() | |
| // Get a handle to the SeeingAI.Core assembly | |
| let coreAssembly = MonoApi.mono_assembly_load_with_partial_name(Memory.allocUtf8String("SeeingAI.Core"), NULL) | |
| let coreImage = MonoApi.mono_assembly_get_image(coreAssembly) | |
| // Retrieve class metadata | |
| let helperClass = MonoApiHelper.ClassFromName(coreImage, "SeeingAI.Network.SignatureHelper") | |
| // Get pointer to AOT compiled method | |
| let methodInfo = MonoApiHelper.ClassGetMethodFromName(helperClass, "GenerateSignature", 1) | |
| let monoError = Memory.alloc(32) // Allocate enough memory for MonoError initialization | |
| let nativeMethodPtr = MonoApi.mono_aot_get_method(domain, methodInfo, monoError) | |
| // Attach interceptor and fish out the first method argument | |
| Interceptor.attach(nativeMethodPtr, { | |
| onEnter: function(args) { | |
| console.log("GenerateSignature called") | |
| console.log("args[1] => " + MonoApiHelper.StringToUtf8(args[1])) | |
| } | |
| }) | |
| console.log("Interceptor attached and ready.") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment