Frida Hook API数据结构

hook StringBuilder

function HookStringBuilder(){
    var stringBuilder = Java.use("java.lang.StringBuilder");
    stringBuilder.toString.implementation = function (){
        var result = this.toString.apply(this, arguments);
        if(!result.includes("zh_CN") && !result.includes("zh-CN")) console.log("stringBuilder toString return : ", result);
        return result;
    }
}

hook HashMap

function HookHashMap(){
    var hashMap = Java.use("java.util.HashMap");
    hashMap.put.overload('java.lang.Object', 'java.lang.Object').implementation = function (key, value){
        if(!key.toString().includes("zh_CN")) console.log("HashMap put('java.lang.Object', 'java.lang.Object') 参数--->", key, value);

        return this.put(key, value)
    }
    // hashMap.get.overload('java.lang.Object').implementation = function (arg){
    //     console.log("HashMap get---》", arg);
    //     return this.get(arg);
    // }
}

hook Json

function HookJson(){
    var json = Java.use('org.json.JSONObject');
    json.put.overload('java.lang.String', 'java.lang.Object').implementation = function (key, value){
        console.log("JSON put('java.lang.String', 'java.lang.Object') 参数--->", key, value);
        return this.put(key, value);
    }
    json.getString.overload('java.lang.String').implementation = function (key){
        console.log("JSON getString('java.lang.String') 参数--->", key);
        let result = this.getString(key);
        console.log("JSON getString('java.lang.String') return : ", result)
        return result;
    }
}

Hook Base64

function HookBase64(){
    var base64 = Java.use("android.util.Base64");
    base64.decode.overload('java.lang.String', 'int').implementation = function (arg1, arg2){
        console.log("Base64 decode('java.lang.String', 'int') 参数--->", bytesToString(arg1), arg2);
        var result = this.decode(arg1, arg2);
        console.log("Base64 decode('java.lang.String', 'int') return : ", bytesToHex(result));
        return result;
    }
    base64.decode.overload('[B', 'int').implementation = function (arg1, arg2){
        console.log("Base64 decode('[B', 'int') 参数--->", bytesToHex(arg1), arg2);
        var result = this.decode(arg1, arg2);
        console.log("Base64 decode('[B', 'int') return : ", bytesToHex(result));
        return result;
    }
    base64.decode.overload('[B', 'int', 'int', 'int').implementation = function (arg1, arg2, arg3, arg4){
        console.log("Base64 decode('[B', 'int', 'int', 'int') 参数--->", bytesToString(arg1), arg2, arg3, arg4);
        var result = this.decode(arg1, arg2, arg3, arg4);
        console.log("Base64 decode('[B', 'int', 'int', 'int') return : ", bytesToHex(result));
        return result;
    }

    // base64.encode.overload('[B', 'int').implementation = function (arg1, arg2){
    //     console.log("Base64 encode('[B', 'int') 参数--->", bytesToHex(arg1), arg2);
    //     var result = this.encode(arg1, arg2);
    //     console.log("Base64 encode('[B', 'int') return : ", bytesToHex(result));
    //     return result;
    // }
    // base64.encode.overload('[B', 'int', 'int', 'int').implementation = function (arg1, arg2, arg3, arg4){
    //     console.log("Base64 encode('[B', 'int', 'int', 'int') 参数--->", bytesToHex(arg1), arg2, arg3, arg4);
    //     var result = this.encode(arg1, arg2, arg3, arg4);
    //     console.log("Base64 encode('[B', 'int', 'int', 'int') return : ", bytesToHex(result));
    //     return result;
    // }

    base64.encodeToString.overload('[B', 'int').implementation = function (arg1, arg2) {
        console.log("Base64 encodeToString('[B', 'int') 参数--->", bytesToHex(arg1), arg2);
        var result = this.encodeToString(arg1, arg2);
        console.log("Base64 encodeToString('[B', 'int') return : ", bytesToHex(result));
        return result;
    }
    base64.encodeToString.overload('[B', 'int', 'int', 'int').implementation = function (arg1, arg2) {
        console.log("Base64 encodeToString('[B', 'int', 'int', 'int') 参数--->", bytesToHex(arg1), arg2, arg3, arg4);
        var result = this.encodeToString(arg1, arg2, arg3, arg4);
        console.log("Base64 encodeToString('[B', 'int', 'int', 'int') return : ", bytesToHex(result));
        return result;
    }
}