frida工具的缝合怪

Related tags

Deep LearningfridaUiTools
Overview

fridaUiTools

fridaUiTools是一个界面化整理脚本的工具。新人的练手作品。参考项目ZenTracer,觉得既然可以界面化,那么应该可以把功能做的更加完善一些。跨平台支持:win、mac、linux

功能缝合怪。把一些常用的frida的hook脚本简单统一输出方式后,整合进来。并且将自己觉得常用的功能做成界面调用的。还想动态获取一些信息默认的直接展示。后续会根据自己实战的经验。不断完善这个工具。

Hook脚本如下(附加进程前使用)

  • 整合r0capture
  • 整合jnitrace
  • java层的加解密相关自吐
  • ssl pining(整合DroidSSLUnpinning)
  • 模糊匹配函数进行批量hook(整合ZenTracer)
  • native的sub函数批量hook(参数统一方式打印。所以输出只能做参考)
  • stalker的trace(整合sktrace)
  • 整合frida_hook_libart
  • 脱壳相关(整合frida_dump、FRIDA-DEXDump、fart)
  • 自定义脚本添加
  • patch汇编代码

调用功能如下(附加进程后使用)

  • fart主动调用
  • DUMPDex主动调用
  • dump打印指定地址
  • dump指定模块
  • wallBreak整合

应用信息

附加成功时将一些信息带出来给界面展示。目前仅将module列表和class列表展示出来。可以查询函数以及符号

日志说明

1、操作日志

是对软件操作的所有输出日志。

2、输出日志

所有js返回的日志都在输出日志。并且保存在logs目录中

3、当前hook列表

当前勾选的hook脚本列表展示。可以保存,方便以后直接加载使用。

应用部分界面

image-20210710125622863

image-20210710130420705

image-20210710130555333

image-20210710130631452

image-20210710130712969

image-20210710130905757

使用说明

软件里面有很多地方用到了缓存数据。缓存数据是附加一次进程后,保存下来的module和class列表。这样方便智能的检索。所以一般第一次使用的时候,先附加一次目标进程,就有缓存数据可以使用了。

fart如果第一次使用,需要在上传与下载菜单栏中点击上传fart的so。

软件目前应该还存在很多瑕疵和bug。我会在实用中慢慢修补。

新增功能

frida-server14.2的自动上传到手机

frida-server的启动

自定义脚本功能

fart的dump结果下载

增加patch功能

应用信息显示(adb shell dumpsys取出来的数据)

hookEvent(app的所有控件的点击事件hook)

cmd切换(有些设备是需要adb shell su 0来使用su权限的,有些是adb shell su -c。这里为了通用,可以自己切换)

感谢

Comments
  • x86用的哪个模拟器?

    x86用的哪个模拟器?

    fridaUiTools_for_window1.0.6版本frida选择的14.2.18,试了“雷电3x/4x-32位”,“逍遥5.1/7.1-32位”,上传frida-server均已失败告终,手动上传并启动,只能获取应用信息,其他功能都无法正常使用。 作者大大测试的是哪款模拟器,系统位数,frida版本等信息,请告知。

    opened by taotaoli123 3
  • ubantu 20.04折腾了一天都没运行起来

    ubantu 20.04折腾了一天都没运行起来

    源码报错如下 ➜ fridaUiTools-1.0.3 ./kmainForm.py File "./kmainForm.py", line 339 res = self.spawnAttachForm.exec() ^ SyntaxError: invalid syntax

    打包的 yangmoling-pc% ./fridaUiTools Traceback (most recent call last): File "PyInstaller/loader/pyimod04_ctypes.py", line 53, in init File "ctypes/init.py", line 373, in init OSError: libcapstone.so: cannot open shared object file: No such file or directory

    The above exception was the direct cause of the following exception:

    Traceback (most recent call last): File "kmainForm.py", line 20, in File "", line 991, in _find_and_load File "", line 975, in _find_and_load_unlocked File "", line 671, in _load_unlocked File "PyInstaller/loader/pyimod03_importers.py", line 476, in exec_module File "forms/Patch.py", line 6, in File "", line 991, in _find_and_load File "", line 975, in _find_and_load_unlocked File "", line 671, in _load_unlocked File "PyInstaller/loader/pyimod03_importers.py", line 476, in exec_module File "utils/AsmUtil.py", line 1, in File "", line 991, in _find_and_load File "", line 975, in _find_and_load_unlocked File "", line 671, in _load_unlocked File "PyInstaller/loader/pyimod03_importers.py", line 476, in exec_module File "capstone/init.py", line 312, in File "capstone/init.py", line 285, in _load_lib File "ctypes/init.py", line 451, in LoadLibrary File "PyInstaller/loader/pyimod04_ctypes.py", line 55, in init pyimod04_ctypes.PyInstallerImportError: Failed to load dynlib/dll 'libcapstone.so'. Most likely this dynlib/dll was not found when the application was frozen. [2061672] Failed to execute script 'kmainForm' due to unhandled exception!

    opened by yangmoling 3
  • 关于端口转发的问题

    关于端口转发的问题

    用wifi连接,启动frida命令中并没有体现出来 (没有替换转发端口27042) adb shell su 0 /data/local/tmp/frida-server-16.0.2-android-arm64 -l 192.168.0.102:6666 adb forward tcp:27042 tcp:27042 adb forward tcp:27043 tcp:27043

    这里的两个端口不应该对应么 希望大佬有时间回答一下。

    opened by Rungjen 2
  • mac下无法使用

    mac下无法使用

    Last login: Wed Dec 14 16:23:59 on ttys002 /Users/mac/Downloads/fridaUiTools_for_mac/kmainForm_14 ; exit; macdeiMac-4:~ mac$ /Users/mac/Downloads/fridaUiTools_for_mac/kmainForm_14 ; exit; Traceback (most recent call last): File "kmainForm.py", line 22, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "forms/Patch.py", line 6, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "utils/AsmUtil.py", line 1, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "capstone/init.py", line 315, in ImportError: ERROR: fail to load the dynamic library. [2538] Failed to execute script 'kmainForm' due to unhandled exception: ERROR: fail to load the dynamic library. [2538] Traceback: Traceback (most recent call last): File "kmainForm.py", line 22, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "forms/Patch.py", line 6, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "utils/AsmUtil.py", line 1, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "capstone/init.py", line 315, in ImportError: ERROR: fail to load the dynamic library.

    logout Saving session... ...copying shared history... ...saving history...truncating history files... ...completed.

    [进程已完成]

    opened by wulliwui 1
  • frida_dexdump

    frida_dexdump

    android10 pip 安装使用报 Set read permission for memory range: 0x7041abff-0x704211e000错误 用 ui 使用报Error: access violation accessing 0x32c00000错误 考虑到应该是访问内存的问题 大佬知道该怎么解决么?

    opened by Rungjen 1
  • 自定义脚本

    自定义脚本

    自定义脚本那里,我用下面代码在原来的frida能用,但在window你这工具没信息显示? Java.perform(function() { var targetClass='com.shandui.common.utils.MD5Util'; var methodName='getMD5'; var gclass = Java.use(targetClass); gclass[methodName].overload('java.lang.String').implementation = function(arg0) { console.log('\nGDA[Hook getMD5(java.lang.String)]'+'\n\targ0 = '+arg0); var i=thismethodName; console.log('\treturn '+i); return i; } })

    日志以下,没显示 2022-12-07 09:44:59 default.js init hook success 2022-12-07 09:45:00 加载appinfo 2022-12-07 09:49:23 default.js init hook success 2022-12-07 09:49:23 加载appinfo

    opened by book9602 2
Releases(v1.0.11)
Owner
diveking
diveking
GitHub Repository
[ICCV'21] Pri3D: Can 3D Priors Help 2D Representation Learning?

Pri3D: Can 3D Priors Help 2D Representation Learning? [ICCV 2021] Pri3D leverages 3D priors for downstream 2D image understanding tasks: during pre-tr

Ji Hou 124 Jan 06, 2023
CS506-Spring2022 - Code and Slides for Boston University CS 506

CS 506 - Computational Tools for Data Science Code, slides, and notes for Boston

Lance Galletti 17 May 06, 2022
BuildingNet: Learning to Label 3D Buildings

BuildingNet This is the implementation of the BuildingNet architecture described in this paper: Paper: BuildingNet: Learning to Label 3D Buildings Arx

16 Nov 07, 2022
Fast Neural Style for Image Style Transform by Pytorch

FastNeuralStyle by Pytorch Fast Neural Style for Image Style Transform by Pytorch This is famous Fast Neural Style of Paper Perceptual Losses for Real

Bengxy 81 Sep 03, 2022
Deep Text Search is an AI-powered multilingual text search and recommendation engine with state-of-the-art transformer-based multilingual text embedding (50+ languages).

Deep Text Search - AI Based Text Search & Recommendation System Deep Text Search is an AI-powered multilingual text search and recommendation engine w

19 Sep 29, 2022
ICRA 2021 "Towards Precise and Efficient Image Guided Depth Completion"

PENet: Precise and Efficient Depth Completion This repo is the PyTorch implementation of our paper to appear in ICRA2021 on "Towards Precise and Effic

232 Dec 25, 2022
Hierarchical probabilistic 3D U-Net, with attention mechanisms (—𝘈𝘵𝘵𝘦𝘯𝘵𝘪𝘰𝘯 𝘜-𝘕𝘦𝘵, 𝘚𝘌𝘙𝘦𝘴𝘕𝘦𝘵) and a nested decoder structure with deep supervision (—𝘜𝘕𝘦𝘵++).

Hierarchical probabilistic 3D U-Net, with attention mechanisms (—𝘈𝘵𝘵𝘦𝘯𝘵𝘪𝘰𝘯 𝘜-𝘕𝘦𝘵, 𝘚𝘌𝘙𝘦𝘴𝘕𝘦𝘵) and a nested decoder structure with deep supervision (—𝘜𝘕𝘦𝘵++). Built in TensorFlow 2.5. Configured for vox

Diagnostic Image Analysis Group 32 Dec 08, 2022
Exploring Machine Learning Models for detecting anomalous behavior in credit-card transactions. It's crucial that credit-card companies are able to recognize fraudulent activity so that customers are not charged for items they didn't purchase.

Credit Card Fraud Detection Came across this mocked-up dataset of customer transactions at [Capital One Recruitment Challenge](https://github.com/Capi

Vikrant Deshpande 1 Nov 17, 2022
Official Implementation for HyperStyle: StyleGAN Inversion with HyperNetworks for Real Image Editing

HyperStyle: StyleGAN Inversion with HyperNetworks for Real Image Editing Yuval Alaluf*, Omer Tov*, Ron Mokady, Rinon Gal, Amit H. Bermano *Denotes equ

885 Jan 06, 2023
Unified Instance and Knowledge Alignment Pretraining for Aspect-based Sentiment Analysis

Unified Instance and Knowledge Alignment Pretraining for Aspect-based Sentiment Analysis Requirements python 3.7 pytorch-gpu 1.7 numpy 1.19.4 pytorch_

12 Oct 29, 2022
True Few-Shot Learning with Language Models

This codebase supports using language models (LMs) for true few-shot learning: learning to perform a task using a limited number of examples from a single task distribution.

Ethan Perez 124 Jan 04, 2023
DSTC10 Track 2 - Knowledge-grounded Task-oriented Dialogue Modeling on Spoken Conversations

DSTC10 Track 2 - Knowledge-grounded Task-oriented Dialogue Modeling on Spoken Conversations This repository contains the data, scripts and baseline co

Alexa 51 Dec 17, 2022
The story of Chicken for Club Bing

Chicken Story tl;dr: The time when Microsoft banned my entire country for cheating at Club Bing. (A lot of the details are from memory so I've recreat

Eyal 142 May 16, 2022
This repository contains the code for: RerrFact model for SciVer shared task

RerrFact This repository contains the code for: RerrFact model for SciVer shared task. Setup for Inference 1. Download SciFact database Download the S

Ashish Rana 1 May 22, 2022
Bridging Vision and Language Model

BriVL BriVL (Bridging Vision and Language Model) 是首个中文通用图文多模态大规模预训练模型。BriVL模型在图文检索任务上有着优异的效果,超过了同期其他常见的多模态预训练模型(例如UNITER、CLIP)。 BriVL论文:WenLan: Bridgi

235 Dec 27, 2022
Simulation of moving particles under microscopic imaging

Simulation of moving particles under microscopic imaging Install scipy numpy scikit-image tiffile Run python simulation.py Read result https://imagej

Zehao Wang 2 Dec 14, 2021
Official Pytorch implementation of "Beyond Static Features for Temporally Consistent 3D Human Pose and Shape from a Video", CVPR 2021

TCMR: Beyond Static Features for Temporally Consistent 3D Human Pose and Shape from a Video Qualtitative result Paper teaser video Introduction This r

Hongsuk Choi 215 Jan 06, 2023
FLSim a flexible, standalone library written in PyTorch that simulates FL settings with a minimal, easy-to-use API

Federated Learning Simulator (FLSim) is a flexible, standalone core library that simulates FL settings with a minimal, easy-to-use API. FLSim is domain-agnostic and accommodates many use cases such a

Meta Research 162 Jan 02, 2023
[NeurIPS 2021] Large Scale Learning on Non-Homophilous Graphs: New Benchmarks and Strong Simple Methods

Large Scale Learning on Non-Homophilous Graphs: New Benchmarks and Strong Simple Methods Large Scale Learning on Non-Homophilous Graphs: New Benchmark

60 Jan 03, 2023
DziriBERT: a Pre-trained Language Model for the Algerian Dialect

DziriBERT DziriBERT is the first Transformer-based Language Model that has been pre-trained specifically for the Algerian Dialect. It handles Algerian

117 Jan 07, 2023