http://frida.re/
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
安装 frida -> here
- 先在电脑上装 frida ,
sudo pip3 install frida - 下载自己平台的 frida-server,比如 1+3t 的是
frida-server-10.6.28-android-arm64.xz
- 先在电脑上装 frida ,
run frida-server
解压 frida-server-10.6.28-android-arm64.xz ,然后在 android 设备上运行 frida-server1
2
3
4
5adb root
adb remount
adb push frida-server /data/local/tmp/
adb shell "chmod 755 /data/local/tmp/frida-server"
adb shell "/data/local/tmp/frida-server &"总之就是在手机上运行 frida-server 啦,跑起来就成。sd 卡目录有权限限制,所以建议按教程上写的走
跑个脚本
save -> request.js1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17// frida -U ${packageName} -l request.js
Java.perform(function () {
var OkHttpClient = Java.use("okhttp3.OkHttpClient");
var RealCall = Java.use("okhttp3.RealCall");
OkHttpClient.newCall.implementation = function (request) {
result = this.newCall(request)
console.log(request.toString())
return result
};
RealCall.getResponseWithInterceptorChain.implementation = function () {
response = this.getResponseWithInterceptorChain()
console.log(response.toString())
return response
}
});在电脑上执行
frida -U ${packageName} -l request.js就可以看到指定包名的应用使用 okhttp3 进行的 http 请求了更多资源
- 官网 http://www.frida.re
- 别人分享的代码段 https://codeshare.frida.re