{"id":56,"date":"2025-09-10T15:14:02","date_gmt":"2025-09-10T07:14:02","guid":{"rendered":"http:\/\/hmuseab.tstatic.top\/?p=56"},"modified":"2025-09-10T16:15:21","modified_gmt":"2025-09-10T08:15:21","slug":"%e5%ae%89%e5%8d%93%e9%80%86%e5%90%91-frida%e5%ae%89%e8%a3%85%e5%92%8c%e4%bd%bf%e7%94%a8","status":"publish","type":"post","link":"https:\/\/muse.lzink.icu\/?p=56","title":{"rendered":"\u5b89\u5353\u9006\u5411\u2014\u2014Frida\u5b89\u88c5\u548c\u4f7f\u7528"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">\u539f\u521b\u4e8e 2020-12-14 20:28:21 \u53d1\u5e03\u00b73.8w \u9605\u8bfb<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><img decoding=\"async\" alt=\"img\" src=\"https:\/\/i-operation.csdnimg.cn\/images\/a7311a21245d4888a669ca3155f1f4e5.png\">\u672c\u6587\u8be6\u7ec6\u4ecb\u7ecd\u4e86\u5982\u4f55\u5728Windows\u3001Android\u548ciOS\u5e73\u53f0\u4e0a\u5b89\u88c5\u548c\u4f7f\u7528Frida\uff0c\u5305\u62ecPC\u7aef\u7684Python\u3001Frida\u5e93\u548cfrida-tools\u7684\u5b89\u88c5\uff0c\u4ee5\u53ca\u5728\u79fb\u52a8\u7aef\u7684root\/jailbreak\u64cd\u4f5c\u548cfrida-server\u7684\u914d\u7f6e\u3002\u901a\u8fc7\u5b9e\u4f8b\u6f14\u793a\u4e86\u5982\u4f55\u5728\u591c\u795e\u6a21\u62df\u5668\u4e0a\u4f7f\u7528Frida\u8fdb\u884c\u5e94\u7528hook\uff0c\u5b9e\u73b0\u4ee3\u7801\u6ce8\u5165\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Frida \u5b89\u88c5\u548c\u4f7f\u7528<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. \u7b80\u4ecb<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">frida \u662f\u4e00\u6b3e\u57fa\u4e8epython+javascript \u7684 hook \u6846\u67b6\uff0c\u53ef\u8fd0\u884c\u5728 android\u3001ios\u3001linux\u3001win\u7b49\u5404\u4e2a\u5e73\u53f0\uff0c\u4e3b\u8981\u4f7f\u7528\u7684\u52a8\u6001\u4e8c\u8fdb\u5236\u63d2\u6869\u6280\u672f\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. Frida\u5b89\u88c5 <a href=\"https:\/\/www.frida.re\/\">\u5b98\u65b9\u5730\u5740<\/a> \uff0c<a href=\"https:\/\/github.com\/frida\/frida\/releases\">github\u5730\u5740<\/a><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">2.1 PC\u7aef\uff1a<\/h4>\n\n\n\n<pre class=\"wp-block-preformatted\"># \u9996\u5148\u9700\u8981python\u73af\u5883\uff0c\u5b89\u88c5python<br>install Python 3.x <br># \u5b89\u88c5 frida\u5e93 pip install frida <br># \u5b89\u88c5frida-tools\u5de5\u5177<br>pip install frida-tools <br>#\u76ee\u524d\u6d4b\u8bd5\u6700\u597d\u7528\u7684\u7248\u672c\uff0c\u5751\u5c11<br> &nbsp; &nbsp;  frida &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;12.11.18<br> &nbsp; &nbsp;  frida-tools &nbsp; &nbsp; &nbsp; &nbsp;5.3.0<br> &nbsp; &nbsp;  frida-server &nbsp; &nbsp; &nbsp; 12.8.10 &nbsp;<br> &nbsp; &nbsp; &nbsp;<br> &nbsp; &nbsp;  frida &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;12.7.26<br> &nbsp; &nbsp;  frida-tools &nbsp; &nbsp; &nbsp; &nbsp;5.3.0<br> &nbsp; &nbsp;  frida-server &nbsp; &nbsp; &nbsp; 12.8.10<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u5b89\u88c5\u6d4b\u8bd5\uff0c \u547d\u4ee4\u884c\u6267\u884c frida-ps\uff0c\u8f93\u51fa\u7cfb\u7edf\u8fd0\u884c\u7684\u6240\u6709\u8fdb\u7a0b\u53capid<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">2.2 \u79fb\u52a8\u7aef<\/h4>\n\n\n\n<pre class=\"wp-block-preformatted\">Android \uff1a <br>\u5148root\uff0c \u518d\u914d\u7f6e frida-server \uff08\u4e0b\u8f7d\u5e76push\u5230\/data\/tmp\/local, \u4ee5root\u6743\u9650\u6267\u884c\uff0c \u4e0b\u8f7d\u5730\u5740 https:\/\/github.com\/frida\/frida\/releases\uff09 &nbsp;<br>iOS \uff1a \u5148 jailbreak\uff0c\u518d\u4ececydia\u4e0b\u8f7dfrida\u63d2\u4ef6\u3002<br>\u679c\u6ca1\u6cd5root\u6216\u8d8a\u72f1\uff0c\u53ef\u7b80\u5355\u7684\u4fee\u6539\u5e94\u7528\uff0c\u5728\u5e94\u7528\u521d\u59cb\u5316\u65f6\uff0c\u4e3b\u52a8\u52a0\u8f7dfrida\u7ec4\u4ef6\uff0c\u76f8\u5f53\u4e8e\u8fdb\u7a0b\u5185\u90e8hook\u3002<br>\u8be6\u89c1\uff1ahttps:\/\/frida.re\/docs\/gadget\/ \uff08\u5f3a\u70c8\u5efa\u8bae\u8bbe\u5907root\u6216\u8d8a\u72f1\uff09<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u5b89\u88c5\u6d4b\u8bd5\uff0c \u547d\u4ee4\u884c\u6267\u884c frida-ps -U\uff0c\u8f93\u51fa\u7cfb\u7edf\u8fd0\u884c\u7684\u6240\u6709\u8fdb\u7a0b\u53capid<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3. \u4f7f\u7528\u6848\u4f8b<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">3.1 \u6211\u6d4b\u8bd5\u4f7f\u7528 <a href=\"https:\/\/www.yeshen.com\/\">\u591c\u795e\u6a21\u62df\u5668<\/a>\uff0capk\u6587\u4ef6\uff0cadb\u5de5\u5177\uff0c<a href=\"https:\/\/github.com\/frida\/frida\/releases\" data-type=\"link\" data-id=\"https:\/\/github.com\/frida\/frida\/releases\">frida-server<\/a><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>\u6ce8\u610f \u6ce8\u610f \u6ce8\u610f !!!<\/strong> \u591c\u795e\u6a21\u62df\u5668\u7684adb\u7248\u672c\u548cadb\u5de5\u5177\u7684\u7248\u672c\u5fc5\u987b\u4e00\u81f4\u624d\u80fd\u68c0\u6d4b\u5230\uff0c\u4e0b\u9762\u662f\u7684\u624b\u673a\u6a21\u62df\u5668 \u7248\u672c<\/p>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\"><figure class=\"wp-block-media-text__media\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/50157f9cbf1f83d8da9d3dd1c51b04b7.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/50157f9cbf1f83d8da9d3dd1c51b04b7.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure><div class=\"wp-block-media-text__content\">\n<p class=\"wp-block-paragraph\"><\/p>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">\u6253\u5f00 \u624b\u673a\u6a21\u62df\u5668 \u540e\uff0c\u53ef\u4ee5\u7528 \u7535\u8111\u7684 \u547d\u4ee4\u884c\uff0c\u8f93\u5165\u6307\u4ee4\u68c0\u6d4b\u4e00\u4e0b\u8bbe\u5907\uff0c\u68c0\u6d4b\u5230 \u4e00\u53f0\u8bbe\u5907\u5c31\u6ca1\u95ee\u9898\u4e86<\/p>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\"><figure class=\"wp-block-media-text__media\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/a407166d317c9d0c2174f1db0682f906.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/a407166d317c9d0c2174f1db0682f906.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure><div class=\"wp-block-media-text__content\">\n<p class=\"wp-block-paragraph\"><\/p>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">\u8fde\u63a5\u540e\uff0c\u67e5\u770b\u624b\u673a\u578b\u53f7\uff0c\u4e0b\u8f7d\u7cfb\u7edf\u5bf9\u5e94\u7248\u672c\u7684 \uff0c\u6211\u4e0a\u4f20\u7684\u6587\u4ef6\u90fd\u662f \u7248\u672c\u5bf9\u5e94\u597d\u7684\uff0c\u53ef\u4ee5\u76f4\u63a5\u4e0b\u8f7d<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"># \u67e5\u770b\u624b\u673a\u578b\u53f7<br>adb shell getprop ro.product.cpu.abi<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u5c06\u89e3\u538b\u4e4b\u540e\u7684\u6587\u4ef6push \u5230\u8bbe\u5907\u4e2d\uff0c\u6307\u5b9a\u5230 \/data\/local\/tmp<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"># \u628afrida-server \u653e\u5230 \u5b89\u5353\u7684\/data\/local\/tmp\/\u76ee\u5f55<br>adb push frida-server \/data\/local\/tmp\/<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u8fd0\u884cAndroid \u8bbe\u5907\u4e2d\u7684 frida-server<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"># \u8fdb\u5165 \u624b\u673a\u547d\u4ee4<br>adb shell<br>\u200b<br># \u8d85\u7ea7\u7ba1\u7406<br>su<br>\u200b<br># \u8fdb\u5165 frida-server \u76ee\u5f55<br>cd \/data\/local\/tmp<br>\u200b<br># \u4fee\u6539 \u6587\u4ef6 \u6743\u9650<br>chmod 755 frida-server<br>\u200b<br># \u8fd0\u884c\u6587\u4ef6<br>.\/frida-server<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u6267\u884c\u5b8c\u6bd5\u540e\u4e3a\u8fd0\u884c\u72b6\u6001\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u4fdd\u7559\u6b64\u7a97\u53e3 shell\uff0c\u4ee5\u4fdd\u8bc1\u670d\u52a1\u8fd0\u884c\uff0c\u5173\u95ed\u8be5shell \u6216\u8005\u505c\u6b62ctrl+c \u5219\u670d\u52a1\u5173\u95ed\u3002\u63a5\u4e0b\u6765\u7684\u64cd\u4f5c\u53ef\u53e6\u8d77shell \u6216\u8be5\u6b65\u9aa4\u547d\u4ee4\u53e6\u8d77 shell \u6267\u884c\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>\u8fdb\u884c\u7aef\u53e3\u8f6c\u53d1\u76d1\u542c<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\u8fdb\u884c\u7aef\u53e3\u8f6c\u53d1\u76d1\u542c<br>adb forward tcp:27042 tcp:27042<br>adb forward tcp:27043 tcp:27043<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>\u68c0\u67e5\u662f\u5426\u6210\u529f<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u6267\u884c <code>frida-ps -U<\/code> \u547d\u4ee4\u6210\u529f\u8f93\u51fa\u8fdb\u7a0b\u5217\u8868\uff0c\u5982\u4e0b\u6240\u793a<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u6267\u884c<code>frida -U -f com.xxx.xxx<\/code> \u8fdb\u884c\u8fde\u63a5\uff0c\u9009\u62e9\u4e00\u4e2a\u8fdb\u7a0b\uff0c\u7b49\u5f85\u4e00\u6bb5\u65f6\u95f4\u5219\u8fdb\u5165\u8be5\u5e94\u7528<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"># \u547d\u4ee4\u6210\u529f\u8f93\u51fa\u8fdb\u7a0b\u5217\u8868<br>frida-ps -U<br>frida-ps -R &nbsp;\u90fd\u53ef\u4ee5<br>\u200b<br># \u8fdb\u884c\u8fde\u63a5\uff0c\u9009\u62e9\u4e00\u4e2a\u8fdb\u7a0b<br>frida -U -f com.xxx.xxx <\/pre>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\"><figure class=\"wp-block-media-text__media\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/808c78759cdeff5b1c760c531a5e461b.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/808c78759cdeff5b1c760c531a5e461b.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure><div class=\"wp-block-media-text__content\">\n<p class=\"wp-block-paragraph\"><\/p>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\"><figure class=\"wp-block-media-text__media\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/49f48afc400708f829c016efe8b699dd.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/49f48afc400708f829c016efe8b699dd.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure><div class=\"wp-block-media-text__content\">\n<p class=\"wp-block-paragraph\"><\/p>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">\u5230\u8fd9\u91cc\u4e3a\u6b62 \u624b\u673a\u73af\u5883 \u5df2\u5b8c\u6210<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">PC\u7535\u8111<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u53cd\u7f16\u8bd1 apk<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"># \u53cd\u7f16\u8bd1<br>apktool d xxx.apk<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u53cd\u7f16\u8bd1\u4e4b\u540e\u751f\u6210 \u6587\u4ef6\u5939\uff0c\u6253\u5f00 xml \u6587\u4ef6<\/p>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\"><figure class=\"wp-block-media-text__media\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/2fbd04a4b7807d19f837409458322e00.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/2fbd04a4b7807d19f837409458322e00.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure><div class=\"wp-block-media-text__content\">\n<p class=\"wp-block-paragraph\"><\/p>\n<\/div><\/div>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/36efa5e375c2c33ff8ceec1dcd2013c5.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/36efa5e375c2c33ff8ceec1dcd2013c5.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">jadx \u53cd\u7f16\u8bd1, \u627e\u903b\u8f91<\/p>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\"><figure class=\"wp-block-media-text__media\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/0d26bd2e1fc09c5a3eda70a22343915d.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/0d26bd2e1fc09c5a3eda70a22343915d.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure><div class=\"wp-block-media-text__content\">\n<p class=\"wp-block-paragraph\"><\/p>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">\u5206\u6790\u5b8c\u4e86\uff0c\u7528python\u6765\u52a0\u8f7d\u811a\u672c\u5230\u6307\u5b9a\u8fdb\u7a0b<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"># -*- coding: utf-8 -*-<br>import frida<br>import sys<br>def on_message(message, data):<br> &nbsp; if message['type'] == 'send':<br> &nbsp; &nbsp; &nbsp; &nbsp;print(\"*****[frida hook]***** : {0}\".format(message['payload']))<br> &nbsp; else:<br> &nbsp; &nbsp; &nbsp; &nbsp;print(\"*****[frida hook]***** : \" + str(message))<br>jscode = \"\"\"<br>Java.perform(function () {<br> &nbsp;  var MainActivity = Java.use('com.yaotong.crackme.MainActivity');<br> &nbsp;  MainActivity.securityCheck.implementation  = function(str){<br> &nbsp; &nbsp; &nbsp;  return true;<br> &nbsp;  };<br> });<br>\"\"\"<br>process = frida.get_usb_device(-1).attach('com.yaotong.crackme')<br>script = process.create_script(jscode)<br>script.on('message', on_message)<br>print('[*] Running CTF')<br>script.load()<br>sys.stdin.read()<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u6267\u884c \u4ee3\u7801\uff0c\u518d\u6b21 \u6253\u5f00\u8f6f\u4ef6\uff0c\u4efb\u610f\u8f93\u5165\u6216\u4e0d\u8f93\u5165 \u90fd\u53ef\u4ee5\u8fdb\u53bb\uff0c\u56e0\u4e3a hook\u690d\u5165\u4ee3\u7801 \u628a securityCheck \u7684\u6539\u5199\u4e86\uff0c\u5c31\u4e0d\u4f1a\u68c0\u6d4b\u4e86<\/p>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\"><figure class=\"wp-block-media-text__media\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/56fc8e535602f26f93636455dbd024b1.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/56fc8e535602f26f93636455dbd024b1.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure><div class=\"wp-block-media-text__content\">\n<p class=\"wp-block-paragraph\"><\/p>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\"><figure class=\"wp-block-media-text__media\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/ca29b258a18b2517c9df2f4db3a83553.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/ca29b258a18b2517c9df2f4db3a83553.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure><div class=\"wp-block-media-text__content\">\n<p class=\"wp-block-paragraph\"><\/p>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\"><figure class=\"wp-block-media-text__media\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/i-blog.csdnimg.cn\/blog_migrate\/6dc0cc71edb7b374871599714c5d806e.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/i-blog.csdnimg.cn\/blog_migrate\/6dc0cc71edb7b374871599714c5d806e.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"img\"\/><\/div><\/figure><div class=\"wp-block-media-text__content\">\n<p class=\"wp-block-paragraph\"><\/p>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">\u7248\u672c\u5f88\u91cd\u8981\uff0c\u6d41\u7a0b\u8fc7\u7a0b\u5f88\u7b80\u5355\uff0c\u73af\u5883\u5f88\u6298\u817e\u4eba\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u539f\u521b\u4e8e 2020-12-14 20:28:21 \u53d1\u5e03\u00b73.8w \u9605\u8bfb \u672c\u6587\u8be6\u7ec6\u4ecb\u7ecd\u4e86\u5982\u4f55\u5728Windows\u3001An [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-56","post","type-post","status-publish","format-standard","hentry","category-7"],"_links":{"self":[{"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=\/wp\/v2\/posts\/56","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=56"}],"version-history":[{"count":4,"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=\/wp\/v2\/posts\/56\/revisions"}],"predecessor-version":[{"id":60,"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=\/wp\/v2\/posts\/56\/revisions\/60"}],"wp:attachment":[{"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=56"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=56"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/muse.lzink.icu\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=56"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}