-
微信 Windows 端推送的 11529 版本似乎已经大改,之前所有的 hook 锚点均已失效。包括:
1. `--xweb-enable-inspect` flag 已被移除
2. `OnMenuItemPressed` 似乎不论哪个按钮都不会触发(可能是因为 DevTools 按钮被移除?)
3. `SwitchVersion` 逻辑直接被删除
测试的版本:
* We…
-
```javascript
@Hook(agentTarget('hookLogoutEventCallback'))
logoutEvent (
@ParamType('int32', 'U32') bySrv: number,
) { return Ret(bySrv) }
```
The `@ParamType` causes the following er…
-
such as android JNI function, and some functions not export.
-
[push](https://github.com/frida/frida-gum/blob/master/gum/arch-x86/gumx86writer.h#L300-L308), missed "push [reg+offset]".
[leave](https://github.com/frida/frida-gum/blob/master/gum/arch-x86/gumx86w…
nblog updated
2 years ago
-
```sh
16:51:58 VERB Message static load(cksptxlge005pi0o5ajz48vfe)
16:51:58 VERB Message constructor(cksptxlge005pi0o5ajz48vfe) for class WechatifiedMessage
16:51:58 VERB Message ready()
16:51:58 …
-
Hello, in an analysis recently, I found that the parameters of the active call function can only be constructed by changing the register. I checked the document of frida and found that "this" pointer …
-
I can't seem to get `NativeCallback` to work on Windows/x86 with anything other than `mscdecl`. The stack is not being set up or cleared correctly for the other abis, but I'm not sure if I'm using it …