Frida CodeShare

Project: Getting Intent from Android app

Try this code out now by running

$ frida --codeshare crazypinecone/getting-intent-from-android-app -f YOUR_BINARY

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
import frida, sys
def on_message(message, data):
    if message ['type'] == 'send':
        print("[*] {0}".format(message['payload']))
    else:
        print(message)
        
#time 1:26:33
hook_main_activity = """
//try dominos pizza app
//note make sure to be running the calc app when using
//Also run adb shell in the terminal to activate deamon in order for the VM to transfer to the phone
Java.perform(function () {
 
        try {
                var Activity = Java.use('android.app.Activity');
                 console.log("Compiling Overload Functions");
                Activity.startActivity.overload().implementation = function(arg1,arg2) {
                    console.log("-------------------The hook One is written-----------------");
                   
                  
                var bundle = this.getIntent.getExtras();
                var theIntent = this.getIntent(); 
                    console.log( bundle );
                    console.log(  theIntent);
                var result = JSON.stringify(theIntent);
                console.log(  result );
                
                    if (bundle == null) {
                        console.log( "The bundle is Null");
                    } else {
                        
                        console.log( "the bundle is not Null");
                        /*
                        for ( var key : bundle.keySet) {
                            console.log( key + " : " + bundle.get(key) );
                        }
                        */
                    }
                    //console.log("the input arg1 is " + this.getIntent);
                    console.log("Ending the override: " + this.onCreate(arg1,arg2));
                    console.log("-------------------after hook One--------------------------");
                }
                
                Activity.onCreate.overload('android.os.Bundle').implementation = function(arg1) {
  
                var bundle = this.getIntent.getExtras();
                var theIntent = this.getIntent(); 
                    console.log( bundle );
                    console.log(  theIntent);
                }
                console.log("Overload Functions have been compiled");
                                   
        }
        catch(e) {
            console.log(e.message);
        }
       
    });
"""
process = frida.get_usb_device().attach('com.discord')
#process = frida.get_usb_device().attach('com.google.android.apps.messaging')
#process = frida.get_usb_device().attach('com.bethsoft.blade')
#process = frida.get_usb_device().attach('com.bethsoft.falloutshelter')
script = process.create_script(hook_main_activity)
script.on('message',on_message)
print('[*] running CTF')
script.load()
sys.stdin.read()
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Fingerprint: f74111f24120683e7a96eaf20aeb7b8684b46895c95ff5e870ca20fbd9f2bf89