-
Notifications
You must be signed in to change notification settings - Fork 215
Expand file tree
/
Copy pathhook_mod_init_function.js
More file actions
43 lines (37 loc) · 1.31 KB
/
hook_mod_init_function.js
File metadata and controls
43 lines (37 loc) · 1.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
// https://www.romainthomas.fr/post/21-07-pokemongo-anti-frida-jailbreak-bypass/
function hook_mod_init_func(addr,targetModule){
Interceptor.attach(addr,{
onEnter: function(){
var debugSymbol = DebugSymbol.fromAddress(this.context.x1)
if(debugSymbol.moduleName == targetModule){
Interceptor.attach(debugSymbol.address,{
onEnter: function(){
// hook_msHookFunction()
},
onLeave: function(){
}
})
}
},onLeave: function(){
}
})
}
function findSymbolsAndHook(targetModule){
// frida hook dyld
let dyld = Process.getModuleByName('dyld');
if(dyld){
let symbols = dyld.enumerateSymbols()
if(symbols){
symbols.forEach((symbol) => {
if (symbol.name.indexOf('ImageLoader') >= 0 && symbol.name.indexOf('containsAddress') >= 0){
console.log(`symbol name = ${symbol.name}`)
hook_mod_init_func(symbol.address,targetModule)
}
})
}
}
}
function main(){
findSymbolsAndHook("test") // test 替换为自己想要hook的模块名即可。
}
setImmediate(main)