zihadmahiuddin/networking.js

## networking.js
console.log("Loading script...");

var getaddrinfoPtr = Module.findExportByName(null, 'getaddrinfo')
var connectPtr = Module.findExportByName(null, 'connect')
var sendPtr = Module.findExportByName(null, 'send')
var recvPtr = Module.findExportByName(null, 'recv')

var getaddrinfoFunction = new NativeFunction(getaddrinfoPtr, 'int', ['pointer', 'pointer', 'pointer', 'pointer'])
var connectFunction = new NativeFunction(connectPtr, 'int', ['int', 'pointer', 'int'])
var sendFunction = new NativeFunction(sendPtr, 'int', ['int', 'pointer', 'int', 'int'])
var recvFunction = new NativeFunction(recvPtr, 'int', ['int', 'pointer', 'int', 'int'])

/**
 * Returns hex from an ArrayBuffer object
 * @param {ArrayBuffer} array Array to work with
 * @param {Boolean} hex Whether to convert to hex or plain string
 */
function getReadable(array, hex) {
    var result = new Uint8Array(array.byteLength)
    result.set(array, 0)
    if (hex == false) {
        var str = ''
        for (var i = 0; i < result.length; i++) {
            str += String.fromCharCode(result[i])
        }
        return str
    }
    else {
        var hexStr = ''
        for (var i = 0; i < result.length; i++) {
            hexStr += result[i].toString(16)
        }
        return hexStr
    }
}

/**
 * Returns a nice formatting of a function with parameters
 * @param {string} functionName The name of the function to format
 * @param {string[]} params The function parameters as strings
 */
function formatFunction(functionName, params, retval) {
    var result = ''
    result += functionName
    result += '('
    for (var i = 0; i < params.length; i++) {
        if (i != 0) {
            result += ', '
        }
        result += params[i]
    }
    result += ')'
    if (retval) {
        result += ' -> '
        result += retval
    }
    return result
}

function replaceGadp() {
    Interceptor.replace(getaddrinfoPtr, new NativeCallback(function (name, service, req, pai) {
        var nameStr = Memory.readUtf8String(name)
        console.log(formatFunction('getaddrinfo', [nameStr, service, req, pai]))
        return getaddrinfoFunction(name, service, req, pai)
    }, 'int', ['pointer', 'pointer', 'pointer', 'pointer']))
}

function replaceConnect() {
    Interceptor.replace(connectPtr, new NativeCallback(function (socket, address, addressLen) {
        var endpoint = {
            ip: '',
            port: 0
        }
        var portPtr = ptr(parseInt(address) + 2)
        var portHigh = Memory.readU8(portPtr)
        var portLow = Memory.readU8(ptr(parseInt(portPtr) + 1))
        endpoint.port = (portHigh & 0xFF) << 8 | (portLow & 0xFF)

        var ipPtr = ptr(parseInt(address) + 4)
        var ip = []

        ip.push(Memory.readU8(ipPtr))
        ip.push(Memory.readU8(ptr(parseInt(ipPtr) + 1)))
        ip.push(Memory.readU8(ptr(parseInt(ipPtr) + 2)))
        ip.push(Memory.readU8(ptr(parseInt(ipPtr) + 3)))

        endpoint.ip = ip.join('.')

        var result = connectFunction(socket, address, addressLen)

        console.log(formatFunction('connect', [socket, JSON.stringify(endpoint), addressLen], result))
        return result
    }, 'int', ['int', 'pointer', 'int']))
}

function replaceSend() {
    Interceptor.replace(sendPtr, new NativeCallback(function (fd, buf, len, flags) {
        var buffer = Memory.readByteArray(buf, len)
        var result = sendFunction(fd, buf, len, flags)
        console.log(formatFunction('send', [fd, getReadable(buffer, false), len, flags], result))
        return result
    }, 'int', ['int', 'pointer', 'int', 'int']))
}

function replaceRecv() {
    Interceptor.replace(recvPtr, new NativeCallback(function (fd, buf, len, flags) {
        var result = recvFunction(fd, buf, len, flags)
        if (result > -1) {
            var buffer = Memory.readByteArray(buf, result)
            console.log(formatFunction('recv', [fd, getReadable(buffer, false), len, flags], result))
        }
        else {
            console.log(formatFunction('recv', [fd, null, len, flags], result))
        }
        return result
    }, 'int', ['int', 'pointer', 'int', 'int']))
}

replaceGadp()
replaceConnect()
replaceSend()
replaceRecv()

console.log('Script loaded!')
	console.log("Loading script...");

	var getaddrinfoPtr = Module.findExportByName(null, 'getaddrinfo')
	var connectPtr = Module.findExportByName(null, 'connect')
	var sendPtr = Module.findExportByName(null, 'send')
	var recvPtr = Module.findExportByName(null, 'recv')

	var getaddrinfoFunction = new NativeFunction(getaddrinfoPtr, 'int', ['pointer', 'pointer', 'pointer', 'pointer'])
	var connectFunction = new NativeFunction(connectPtr, 'int', ['int', 'pointer', 'int'])
	var sendFunction = new NativeFunction(sendPtr, 'int', ['int', 'pointer', 'int', 'int'])
	var recvFunction = new NativeFunction(recvPtr, 'int', ['int', 'pointer', 'int', 'int'])

	/**
	* Returns hex from an ArrayBuffer object
	* @param {ArrayBuffer} array Array to work with
	* @param {Boolean} hex Whether to convert to hex or plain string
	*/
	function getReadable(array, hex) {
	var result = new Uint8Array(array.byteLength)
	result.set(array, 0)
	if (hex == false) {
	var str = ''
	for (var i = 0; i < result.length; i++) {
	str += String.fromCharCode(result[i])
	}
	return str
	}
	else {
	var hexStr = ''
	for (var i = 0; i < result.length; i++) {
	hexStr += result[i].toString(16)
	}
	return hexStr
	}
	}

	/**
	* Returns a nice formatting of a function with parameters
	* @param {string} functionName The name of the function to format
	* @param {string[]} params The function parameters as strings
	*/
	function formatFunction(functionName, params, retval) {
	var result = ''
	result += functionName
	result += '('
	for (var i = 0; i < params.length; i++) {
	if (i != 0) {
	result += ', '
	}
	result += params[i]
	}
	result += ')'
	if (retval) {
	result += ' -> '
	result += retval
	}
	return result
	}

	function replaceGadp() {
	Interceptor.replace(getaddrinfoPtr, new NativeCallback(function (name, service, req, pai) {
	var nameStr = Memory.readUtf8String(name)
	console.log(formatFunction('getaddrinfo', [nameStr, service, req, pai]))
	return getaddrinfoFunction(name, service, req, pai)
	}, 'int', ['pointer', 'pointer', 'pointer', 'pointer']))
	}

	function replaceConnect() {
	Interceptor.replace(connectPtr, new NativeCallback(function (socket, address, addressLen) {
	var endpoint = {
	ip: '',
	port: 0
	}
	var portPtr = ptr(parseInt(address) + 2)
	var portHigh = Memory.readU8(portPtr)
	var portLow = Memory.readU8(ptr(parseInt(portPtr) + 1))
	endpoint.port = (portHigh & 0xFF) << 8 \| (portLow & 0xFF)

	var ipPtr = ptr(parseInt(address) + 4)
	var ip = []

	ip.push(Memory.readU8(ipPtr))
	ip.push(Memory.readU8(ptr(parseInt(ipPtr) + 1)))
	ip.push(Memory.readU8(ptr(parseInt(ipPtr) + 2)))
	ip.push(Memory.readU8(ptr(parseInt(ipPtr) + 3)))

	endpoint.ip = ip.join('.')

	var result = connectFunction(socket, address, addressLen)

	console.log(formatFunction('connect', [socket, JSON.stringify(endpoint), addressLen], result))
	return result
	}, 'int', ['int', 'pointer', 'int']))
	}

	function replaceSend() {
	Interceptor.replace(sendPtr, new NativeCallback(function (fd, buf, len, flags) {
	var buffer = Memory.readByteArray(buf, len)
	var result = sendFunction(fd, buf, len, flags)
	console.log(formatFunction('send', [fd, getReadable(buffer, false), len, flags], result))
	return result
	}, 'int', ['int', 'pointer', 'int', 'int']))
	}

	function replaceRecv() {
	Interceptor.replace(recvPtr, new NativeCallback(function (fd, buf, len, flags) {
	var result = recvFunction(fd, buf, len, flags)
	if (result > -1) {
	var buffer = Memory.readByteArray(buf, result)
	console.log(formatFunction('recv', [fd, getReadable(buffer, false), len, flags], result))
	}
	else {
	console.log(formatFunction('recv', [fd, null, len, flags], result))
	}
	return result
	}, 'int', ['int', 'pointer', 'int', 'int']))
	}

	replaceGadp()
	replaceConnect()
	replaceSend()
	replaceRecv()

	console.log('Script loaded!')