apply arguments
MyClass.MyFunc.overload(<span class="hljs-string">"java.util.List"</span>).implementation = <span class="hljs-function"><span class="hljs-keyword">function</span>() </span>{
<span class="hljs-keyword">this</span>.MyFunc.overload(<span class="hljs-string">"java.util.List"</span>).apply(<span class="hljs-keyword">this</span>, <span class="hljs-built_in">arguments</span>);
}
argments下标
MyClass.MyFunc.overload(<span class="hljs-string">"java.util.List"</span>).implementation = <span class="hljs-function"><span class="hljs-keyword">function</span> () </span>{
<span class="hljs-keyword">this</span>.MyFunc(<span class="hljs-built_in">arguments</span>[<span class="hljs-number">0</span>]);
};
用具体的
MyClass.MyFuncs.overload(<span class="hljs-string">"int"</span>, <span class="hljs-string">"int"</span>).implementation = <span class="hljs-function"><span class="hljs-keyword">function</span> (<span class="hljs-params">s1, s2</span>) </span>{
<span class="hljs-keyword">var</span> ret = <span class="hljs-keyword">this</span>.MyFuncs(s1, s2);
}
字符串数组
hook.hookMeArray.overload(<span class="hljs-string">"[Ljava.lang.String;"</span>).implementation = {}
用call
<span class="hljs-keyword">var</span> Handler = classFactory.use(<span class="hljs-string">"android.os.Handler"</span>);
<span class="hljs-keyword">var</span> Looper = classFactory.use(<span class="hljs-string">"android.os.Looper"</span>);
<span class="hljs-keyword">var</span> looper = Looper.getMainLooper();
<span class="hljs-keyword">var</span> handler = Handler.$<span class="hljs-keyword">new</span>.overload(<span class="hljs-string">"android.os.Looper"</span>).call(Handler, looper);
MyClass.MyFunc.overload(<span class="hljs-string">"java.lang.String;"</span>).implementation = {
<span class="hljs-keyword">this</span>.MyFunc.overload(<span class="hljs-string">"java.lang.String"</span>).call(<span class="hljs-keyword">this</span>, args[<span class="hljs-number">1</span>])
MyClass.MyFunc.overload(<span class="hljs-string">"java.lang.String"</span>).call()
}
最近正好练习分析app
分析娘家人的一个app
发现登陆处是加密的 于是尝试解密
无混淆无壳
java太渣了 没定位到传入参数
于是想hook下login
Java.perform(function() {
var test1 = Java.use("com.wanmei.tiger.module.person.net.AccountLikeDownloader");
var ApiClient = Java.use('com.android.org.conscrypt.TrustManagerImpl');
var orglogin = test1.login.overload("java.lang.String","java.lang.String");
test1.login.implementation = function(arg1,arg2){
console.log(arg1);
console.log(arg2);
orglogin.call(arg1,arg2);
}
},0);
使用frida hook下 成功截获信息 没想到加密只是最普通的加密2333