逆向工程 - Frida - Load Multiple Scripts

參考資訊：
https://github.com/frida/frida
https://frida.re/docs/functions/
https://frida.re/docs/installation/

main.c

#include <stdio.h>
#include <unistd.h>

void test(int);

int main(int argc, char *argv[])
{
    int cc = 0;

    while (1) {
        test(cc++);
        sleep(1);
    }
    return 0;
}

test.c

#include <stdio.h>

void test(int v)
{
    printf("%d\n", v);
}

hook.py

import sys
import frida
  
def on_message(message, data):
    print(message)
  
session = frida.attach("main")
 
script = session.create_script("""
    const mylib = "test.so";

    rpc.exports.enumerateModules = () => { 
        let m = Process.enumerateModules();
        for (let i = 0; i < m.length; i++) {
            if (m[i]["name"] == mylib) {
                return m[i].enumerateExports();
            }
        }
        return m;
    }; 
""")
  
script.on('message', on_message)
script.load()

addr = 0;
for m in script.exports.enumerate_modules():
    if m['name'] == 'test':
        addr = m['address']

script = session.create_script("""
    Interceptor.attach(ptr("%s"), {
        onEnter(args) {
            send(args[0].toInt32());
        }
    });
""" % addr)
 
script.on('message', on_message)
script.load()

sys.stdin.read()

編譯、執行

$ gcc test.c -o test.so -shared -fPIC
$ gcc main.c -o main test.so

$ LD_LIBRARY_PATH=. ./main&
    0
    1
    2
    3
    4
    5

$ python3 ./hook.py
    {'type': 'send', 'payload': 6}
    {'type': 'send', 'payload': 7}
    {'type': 'send', 'payload': 8}
    {'type': 'send', 'payload': 9}