evan/frida-dingding
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
5f80546ca9
frida-dingding/dingding.js
wenyifan 5f80546ca9 init
2022-08-15 14:50:50 +08:00

224 lines
8.7 KiB
JavaScript
Raw Blame History

Java.perform(function () {
//const
const MODE_COLLECT = "collect";
const MODE_MOCK = "mock";
//Global Config
let rootDir = "/sdcard/Android/data/com.alibaba.android.rimet/dingding";
let mode = "";
let active = "";
//Library
Java.openClassFile(rootDir + "/help.dex").load();
let fastJson = Java.use("com.alibaba.fastjson.JSON");
let serializerFeature = Java.use("com.alibaba.fastjson.serializer.SerializerFeature");
let wifiInfoClass = Java.use("android.net.wifi.WifiInfo");
let ScanResultClass = Java.use("android.net.wifi.ScanResult")
let systemClock = Java.use("android.os.SystemClock");
let javaSystem = Java.use("java.lang.System");
let ddHelper = Java.use("run.evan.dd.DdHelper");
var context = Java.use('android.app.ActivityThread').currentApplication().getApplicationContext();
//Load Config
mode = ddHelper.readFileString(rootDir + "/mode");
active = ddHelper.readFileString(rootDir + "/active");
mode = mode.replace(/\n/, "");
active = active.replace(/\n/, "");
//debug ----------------------
//mode = "none";
//active = "suan";
//debug ----------------------
console.log("mode=" + mode);
console.log("active profile=" + active);
ddHelper.isDirExist(rootDir + "/" + active);
let serializerFeatures = [serializerFeature.WriteClassName.value];
Java.scheduleOnMainThread(function () {
ddHelper.toast(context, "增强功能: 模式=" + mode + ",激活配置=" + active);
});
// let e = Java.use("com.amap.api.col.3sl.d$a");
// e.handleMessage.overload("android.os.Message").implementation = function (message) {
// this.handleMessage(message);
// if (message.what.value == 1014) {
// console.log(fastJson.toJSONString(message.getData()));
// }
// };
// let geo = Java.use("com.alibaba.lightapp.runtime.plugin.device.Geolocation");
// geo.buildResultData.implementation = function (a, b) {
// let ret = this.buildResultData(a, b);
// console.log(fastJson.toJSONString(a));
// return ret;
// };
// let encryptLoc = Java.use("com.autonavi.aps.amapapi.utils.i");
// encryptLoc.b.overload("com.amap.api.location.AMapLocation").implementation = function (aMapLocation) {
// let ret = this.b(aMapLocation);
// console.log("ELat=" + aMapLocation.getLatitude() + ",ELon=" + aMapLocation.getLongitude());
// return ret;
// };
// let g = Java.use("com.amap.api.col.3sl.g");
// g.a.overload("android.location.Location").implementation = function (location) {
// console.log("A:" + this.C.value);
// this.a(location);
// };
let loc = Java.use("com.amap.api.location.AMapLocation");
//Debug Check for detect mock
// loc.setMock.implementation = function (mock) {
// if (mock === true) {
// console.log("MOCK!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
// //console.log(Java.use("android.util.Log").getStackTraceString(Java.use("java.lang.Throwable").$new()));
// }
// };
// loc.setErrorCode.implementation = function (err) {
// if (err === 15) {
// console.log("EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE");
// //console.log(Java.use("android.util.Log").getStackTraceString(Java.use("java.lang.Throwable").$new()));
// }
// };
//
// loc.getLongitude.implementation = function () {
// let ret = this.getLongitude();
// console.log("ALON=" + ret);
// return ret;
// };
// loc.getLatitude.implementation = function () {
// let ret = this.getLatitude();
// console.log("ALAT=" + ret);
// return ret;
// };
//
// let location = Java.use("android.location.Location");
// location.getLongitude.implementation = function () {
// let ret = this.getLongitude();
// console.log("LON=" + ret);
// return ret;
// };
// location.getLatitude.implementation = function () {
// let ret = this.getLatitude();
// console.log("LAT=" + ret);
// return ret;
// };
// let gpsStatus = Java.use("com.amap.api.col.3sl.g$1");
// gpsStatus.onGpsStatusChanged.implementation = function (i) {
// console.log("onGpsStatusChanged:" + i);
// this.onGpsStatusChanged(i);
// };
// let utili = Java.use("com.autonavi.aps.amapapi.utils.i");
// utili.a.overload("android.location.Location", "int").implementation = function (location, i) {
// let ret = this.a(location, i);
// if (ret === true) {
// console.log("Location=" + fastJson.toJSONString(location));
// }
// return ret;
// };
// loc.setLongitude.implementation = function (a) {
// let ret = this.setLongitude(a);
// console.log("setLongitude="+a);
// console.log(Java.use("android.util.Log").getStackTraceString(Java.use("java.lang.Throwable").$new()));
// return ret;
// };
// let jw = Java.use("com.amap.api.col.3sl.jw");
// jw.c.overload("com.amap.api.col.3sl.jz").implementation = function (jzVar) {
// console.log("req=" + fastJson.toJSONString(jzVar));
// let ret = this.c(jzVar);
// console.log("ret=" + fastJson.toJSONString(ret));
// return ret;
// };
//debug ----------------------
if (mode === MODE_MOCK || mode === MODE_COLLECT) {
let locManager = Java.use("android.location.LocationManager$LocationListenerTransport");
locManager.acceptLocation.implementation = function (currentExecutor, location) {
if (mode == MODE_COLLECT) {
ddHelper.writeFileString(location.getLatitude().toString(), rootDir + "/" + active + "/lat")
ddHelper.writeFileString(location.getLongitude().toString(), rootDir + "/" + active + "/lon")
} else {
location.setLatitude(ddHelper.randLatLon(ddHelper.readFileString(rootDir + "/" + active + "/lat")));
location.setLongitude(ddHelper.randLatLon(ddHelper.readFileString(rootDir + "/" + active + "/lon")));
}
this.acceptLocation(currentExecutor, location);
console.log("lat=" + location.getLatitude() + ",lon=" + location.getLongitude());
};
let teleManager = Java.use("android.telephony.TelephonyManager");
teleManager.getAllCellInfo.implementation = function () {
try {
let path = rootDir + "/" + active + "/cellInfo.bin";
if (mode == MODE_MOCK) {
let cellInfo = ddHelper.readCellInfo(path);
return cellInfo;
} else {
let ret = this.getAllCellInfo();
ddHelper.saveCellInfo(ret, path);
return ret;
}
} catch (e) {
console.log(e);
}
};
let CellInfoClass = Java.use("android.telephony.CellInfo");
CellInfoClass.getTimeStamp.implementation = function () {
return systemClock.elapsedRealtimeNanos();
};
CellInfoClass.getTimestampMillis.implementation = function () {
return systemClock.elapsedRealtime();
};
let wifi = Java.use("android.net.wifi.WifiManager");
wifi.getConnectionInfo.implementation = function () {
let path = rootDir + "/" + active + "/wifiConnection.json";
if (mode == MODE_MOCK) {
let wifiConnJson = ddHelper.readFileString(path);
let wifiConnInfo = fastJson.parseArray(wifiConnJson, wifiInfoClass.class);
return wifiConnInfo;
} else {
let ret = this.getConnectionInfo();
ddHelper.writeFileString(fastJson.toJSONString(ret, serializerFeatures), path)
return ret;
}
};
wifi.getScanResults.implementation = function () {
let path = rootDir + "/" + active + "/wifiNb.bin";
if (mode == MODE_MOCK) {
let parseScanResult = ddHelper.readScanResult(path);
if (parseScanResult != null) {
for (var i = 0; i < parseScanResult.size(); i++) {
var item = Java.cast(parseScanResult.get(i), ScanResultClass);
item.timestamp.value = systemClock.elapsedRealtimeNanos();
item.seen.value = javaSystem.currentTimeMillis();
}
}
return parseScanResult;
} else {
let ret = this.getScanResults();
try {
ddHelper.saveScanResult(ret, path);
return ret;
} catch (e) {
console.log(e);
}
}
};
}
});
Reference in New Issue View Git Blame Copy Permalink