逆向工程 - Frida - Get Return Value

參考資訊：
https://github.com/frida/frida
https://frida.re/docs/functions/
https://frida.re/docs/installation/

main.c

#include <stdio.h>
#include <unistd.h>
 
static int test(void)
{
    return 1234;
}
 
int main(int argc, char *argv[])
{
    printf("test()=%p\n", test);
    usleep(10000000);
    test();
 
    return 0;
}

hook.py

import sys
import frida
 
def on_message(message, data):
    print(message)
 
session = frida.attach("main")
 
script = session.create_script("""
    Interceptor.attach(ptr("%s"), {
        onEnter: function (args) {
        },
        onLeave: function (retval) {
            send(retval.toInt32());
        }
    });
""" % int(sys.argv[1], 16))
 
script.on('message', on_message)
script.load()
sys.stdin.read()

編譯、執行

$ gcc main.c -o main
$ ./main&
    test()=0x555d0fb52149

$ python3 ./hook.py 0x555d0fb52149
    {'type': 'send', 'payload': 1234}