逆向工程 - Frida - Print Hex Value

參考資訊：
https://github.com/frida/frida
https://frida.re/docs/functions/
https://frida.re/docs/installation/

main.c

#include <stdio.h>
#include <unistd.h>
 
static void test(unsigned char *buf)
{
    buf[0] = 0x00;
    buf[1] = 0x11;
    buf[2] = 0x22;
    buf[3] = 0x33;
}
 
int main(int argc, char *argv[])
{
    unsigned char buf[4] = { 0 };

    printf("test()=%p\n", test); 
    usleep(10000000);
    test(buf);
 
    return 0;
}

hook.py

import sys
import frida
 
def on_message(message, data):
    print(message)
 
session = frida.attach("main")
 
script = session.create_script("""
    Interceptor.attach(ptr("%s"), {
        onEnter: function (args) {
            this.saveArg = args[0];
        },
        onLeave: function (retval) {
            var a = this.saveArg.readByteArray(4);
            var b = new Uint8Array(a);

            send("0x" + b[0].toString(16));
            send("0x" + b[1].toString(16));
            send("0x" + b[2].toString(16));
            send("0x" + b[3].toString(16));
        }
    });
""" % int(sys.argv[1], 16))
 
script.on('message', on_message)
script.load()
sys.stdin.read()

編譯、執行

$ gcc main.c -o main
$ ./main&
    test()=0x55cadeb1e149

$ python3 ./hook.py 0x55cadeb1e149
    {'type': 'send', 'payload': '0x0'}
    {'type': 'send', 'payload': '0x11'}
    {'type': 'send', 'payload': '0x22'}
    {'type': 'send', 'payload': '0x33'}