173 字
1 分钟
rpc_demo_test
2025-11-10
re
frida

frida rpc调用示例

本次使用目的,將结果用python获取,以方便在python中过略和操作数据(rpc就很好的实现了这点)

先看下hook.js cli调用所用到的代码

function hook(param){
    let App = Java.use("com.example.autorun.helper.App");
    console.log(App.genTack(param));


}




function main() {
    Java.perform(function () {
        hook(5513);
    })
}


setTimeout(main, 1000);

转为rpc调用

function hook(param){
    let result = ""
    Java.perform(function () {
        let App = Java.use("com.example.autorun.helper.App");
        result = App.genTack(param).toString();
    });
    return result;
}


// 用rpc.exports导出
rpc.exports = {
    gentask: hook
}

python调用

import frida


def on_message(message, data):
    print("[*] Message:", message)
    print("[*] Data:", data)
# 这里需要手动启动应用程序
device = frida.get_usb_device()
session = device.attach("程序名")


with open("hook.js", "r") as f:
    script = session.create_script(f.read())
script.on("message", on_message)
script.load()


# Use RPC to call the function
print(script.exports_sync.gentask(5513))

image-20251110175154203

成功获取到返回结果

rpc_demo_test
https://albert1x.top/posts/rpc_demo_test/
作者
555
发布于
2025-11-10
许可协议
CC BY-NC-SA 4.0
rss.md
© 2025 555. All Rights Reserved. / RSS / Sitemap
Powered by Astro & Fuwari