marco-lancini
commented
6 years ago @Yogehi, lines 33-39 are needed to print the return value of the function. They shouldn't be commented out
Closed Yogehi closed 6 years ago
marco-lancini
commented
6 years ago @Yogehi, lines 33-39 are needed to print the return value of the function. They shouldn't be commented out
Yogehi
commented
6 years ago any recommendation for a fix? both needle and running the frida script by itself causes the error SyntaxError: invalid object literal (line 16).
full Frida output below:
root@YayComputerYay:~# frida -U -f <package name> --no-pause
____
/ _ | Frida 10.6.54 - A world-class dynamic instrumentation toolkit
| (_| |
> _ | Commands:
/_/ |_| help -> Displays the help system
. . . . object? -> Display information about 'object'
. . . . exit/quit -> Exit
. . . .
. . . . More info at http://www.frida.re/docs/home/
Spawned `com.mwr.iSieve-main-view`. Resuming main thread!
[iOS Device::com.mwr.iSieve-main-view]-> if(ObjC.available) {
var className = "<class name>";
var methodName = "<method name>";
var hook = eval('ObjC.classes[className][methodName]');
Interceptor.attach(hook.implementation, {
onEnter: function(args) {
// args[0] is self
// args[1] is selector (SEL "sendMessageWithTex
t:")
// args[2] holds the first function argument, a
n NSString
console.log("[*] Detected call to: " + classNam
e + " -> " + methodName);
//For viewing and manipulating arguments
//console.log("\t[-] Value1: "+ObjC.Object(args
[2]));
//console.log("\t[-] Value2: "+(ObjC.Object(arg
s[2])).toString());
//console.log(args[2]);
}
onLeave: function(retarval) {
console.log("[*] Class Name: " + className);
console.log("[*] Method Name: " + methodName);
console.log("\t[-] Type of return value: " + ty
peof retval);
//console.log(retval.toString());
console.log("\t[-] Return Value: " + retval);
}
});
} else {
console.log("Objective-C Runtime is not available!");
}
SyntaxError: invalid object literal (line 15)found a fix. i've updated the proposed change already.
new frida script looks like this:
if(ObjC.available) {
var className = "<class name>";
var methodName = "<method name>";
var hook = eval('ObjC.classes[className][methodName]');
Interceptor.attach(hook.implementation, {
onEnter: function(args) {
// args[0] is self
// args[1] is selector (SEL "sendMessageWithText:")
// args[2] holds the first function argument, an NSString
console.log("[*] Detected call to: " + className + " -> " + methodName);
//For viewing and manipulating arguments
//console.log("\t[-] Value1: "+ObjC.Object(args[2]));
//console.log("\t[-] Value2: "+(ObjC.Object(args[2])).toString());
//console.log(args[2]);
}
});
Interceptor.attach(hook.implementation, {
onLeave: function(retval) {
console.log("[*] Class Name: " + className);
console.log("[*] Method Name: " + methodName);
console.log("\t[-] Type of return value: " + typeof retval);
//console.log(retval.toString());
console.log("\t[-] Return Value: " + retval);
}
});
} else {
console.log("Objective-C Runtime is not available!");
}can confirm this works in Frida by itself as well as Needle
marco-lancini
commented
6 years ago @Yogehi this looks ok to me.
Before @HenryHoggard can merge this, please change the destination to the develop branch (as we don't accept PR straight to master). Please change the destination also to all the other PRs you have open at the moment
Yogehi
commented
6 years ago closing this PR to clear up commit clutter.
see https://github.com/mwrlabs/needle/pull/233 for new PR
fixed three issues.
1) on line 21, fixed the same issue that was outlined in pull request https://github.com/mwrlabs/needle/pull/210. Credit to Kamil Wilk of MWR for coming up with this fix.
2) on line 27, 'funcName' was used instead of 'methodName'. Should have been 'methodName' to begin with.
3) commented out lines 33-39. Not sure why, but they cause a "invalid object literal" error in Frida. Not sure what these lines are for, so I commented them out instead.