安卓逆向之socket抓包

思路：socket包大部分都是密文的，常规的抓包工具Charles、Fiddler等一般都无法抓到，所以使用frida进行hook抓包。但frida抓的socket太多了，进一步用Wireshark抓包看想要的数据是哪些包，根据某些特征给frida过滤。

function jhexdump(array) {
    var ptr_array = Memory.alloc(array.length);
    for(var i = 0; i < array.length; ++i)
        Memory.writeS8(ptr_array.add(i), array[i]);
    console.log(hexdump(ptr_array,{length: 0x520}), "\r\n");
    console.log("ptr: ",ptr(ptr_array).readCString()); 
}

function hook_socket(){
    Java.perform(function(){
        Java.use("java.net.SocketOutputStream").write.overload('[B', 'int', 'int').implementation = function(bytearry,int1,int2){
            var result = this.write(bytearry,int1,int2);
            console.log(jhexdump(bytearry));
            return result;
        }
        

        Java.use("java.net.SocketInputStream").read.overload('[B', 'int', 'int').implementation = function(bytearry,int1,int2){
            var result = this.read(bytearry,int1,int2);
            console.log(jhexdump(bytearry));
            return result;
        }

    })
}

function main(){
	hook_socket()
}
setImmediate(main)