1、下载安装Anaconda3
安装并配置基本环境变量
2、执行python命令安装frida工具集
pip3 -V
python -m pip install --upgrade pip
pip install wheel
pip install frida
pip install frida-tools
3、查看frida版本
frida --version
4、下载对应的frida版本16.3.1的安卓x86包
frida-server-16.3.1-android-x86_64
5、frida测试代码框架,主文件hook.py
import frida,sys
# 获取模拟器或者手机上已连接的设备
device = frida.get_remote_device()
#print(device)
# 获取device上的所有app
#applications = device.enumerate_applications()
#for application in applications:
# print(application)
# 附加到应用 com.target.demo
session = device.attach("demo")
jsScript = """
console.log('this is inject javascript code')
"""
# 加载Javascript代码
#script = session.create_script(jsScript)
#file = open("hook.js",mode='r',encoding='UTF-8')
#jsScript = file.read()
# 加载Javascript代码
script = session.create_script(jsScript)
# 执行
script.load()
6、hook.py加载外部的hook.js
// 程序入口
Java.perform(function()
{
// 获取类
var clazz = Java.use("com.unity3d.player.UnityPlayerActivity");
// 获取类中所有函数
var methods = clazz.class.getDeclaredMethods();
console.log("have method count:"+methods.length);
var i=0
if(methods.length > 0){
//遍历函数名
methods.forEach(function(method){
i = i+1
console.log(i+":"+method);
});
}
});
