frIDA代码下:
Java.perform(
function() { function getSockData(fd) { console.log("fd:", fd); // Socket.type(handle) var socketType = Socket.type(fd.toInt()); if (socketType != null) { var res = "type:" + socketType + ",localAddress:" + JSON.stringify(Socket.localaddress(fd)) + ",serverAddress" + JSON.stringify(Socket.peerAddress(fd)); return res;
} else { return "type:" + socketType; }
}
//native http tcp send data function hook_native_tcp_http_send() { var sendtoPtr = Module.getExportByName("libc.so", "sendto"); var recvfromPtr = Module.getExportByName("libc.so", "recvfrom"); console.log("sendto:", sendtoPtr, ",recvfrom:", recvfromPtr); //sendto(int fd, const void *buf, size_t n, int flags, const struct sockaddr *addr, socklen_t addr_len) Interceptor.attach(sendtoPtr, { onEnter: function (args) { var fd = args[0]; var buff = args[1]; var size = args[2]; var sockdata = getSockData(fd.toInt32()); console.log(sockdata); console.log(hexdump(buff, { length: size.toInt32() })); }, onLeave: function (retval) {
}
} ) }
hook_native_tcp_http_send(); }
)
报错如下:{'type': 'error', 'description': 'TypeError: not a function', 'stack': 'TypeError: not a function\n at getSockData (/script1.js:75)\n at onEnter (/script1.js:97)', 'fileName': '/script1.js', 'lineNumber': 75, 'columnNumber': 1}
发表于 2025-1-16 23:32
|
发表于 2025-1-16 23:37
