script/frida-learn/fkysr2.py

# -*- coding:utf-8 -*-
import sys

__author__ = 'Snow'
import frida

dev = frida.get_remote_device()
session = dev.attach("海王捕鱼")
src = """
    setImmediate(function(){
    Java.perform(function(){
        send("starting script");
        var Toast = Java.use("android.widget.Toast");
        // 获取 context
        var currentApplication = Java.use("android.app.ActivityThread").currentApplication();
        var context = currentApplication.getApplicationContext();
        // 在主线程中运行回调
        Java.scheduleOnMainThread(function(){
            Toast.makeText(context, "Hello frida!", Toast.LENGTH_LONG.value).show();
        });
        var sdk = Java.use("com.handmobi.mutisdk.library.api.sdk._360");
        sdk.gameLogin.implementation = function(var1,var2,var3){
            this.gameLogin(var1,var2,var3);
            send("Landroid/app/Activity;      : "+var1);
            send("int      : "+var2);
            send("Lcom/handmobi/mutisdk/library/game/SdkResultCallBack;      : "+var3);
            //console.log(Java.use("android.util.Log").getStackTraceString(Java.use("java.lang.Exception").$new()));

        };

        var AppUtil_OuterAccess = Java.use("com.handmobi.sdk.library.utils.AppUtil_OuterAccess")
        AppUtil_OuterAccess.getToken.overload("android.content.Context").implementation = function(var1){
            var token = AppUtil_OuterAccess.getToken(var1);
            send("token is:" + token);
            return token;
        }

        var loginCallback = Java.use("com.handmobi.mutisdk.library.api.sdk._360$3");
        loginCallback.onFinished.implementation = function(result){
            send("login result:"+result);
            this.onFinished(result);
        }
    });
});
"""

def on_message(message,data):
    print("[-] {}".format(message))

script = session.create_script(src)
script.on("message", on_message)
script.load()
sys.stdin.read()