hpp0hpp
commented
2 years ago is this the right way to hook the code using frida?
function hook_native(){ var libc_base = Module.findExportByName('libapp.so', '_kDartIsolateSnapshotInstructions');
var libc_hook = libc_base.add(0x0000000000110608);
// var libc_hook_addr = libc_base.add(0x1b9c);
console.log('libc_hook: ' + libc_hook);
console.log('libc_base: ' + libc_base);
Interceptor.attach(libc_hook, {
onEnter: function(args) {
for(var i = 0; i < args.length; i++){
// console.log('arg[' + i + ']: ' + args[i]);
console.log('arg[' + i + ']: ' );
}
},
onLeave: function(retval) {
console.log('retval: ' + retval);
}
})}
Hi there
Seems the dart code is executed by VM, so even if we know the code offset, how can we read that? is there any guidance on how to read?