lyxhh / lxhtoolhttpdecrypt Goto Github PK
View Code? Open in Web Editor NEWSimple Android/iOS protocol analysis and utilization tool
Simple Android/iOS protocol analysis and utilization tool
填好包名进行hook时提示[16:48:36] [ERROR] Script failed to load, Reason is unable to find process with name 'XXx', Try restarting the app to continue loading the script.
hook 结果
payment_type=1¬ify_url
原文应为
payment_type=1¬ify_url
应该是和上个bug类似 可能一并解决了~
本地和手机端都是frida 12.6.8 ,hooks-->confirm时app闪退
一直报这个错,请问是什么原因造成的?
如题
安卓环境为:夜神模拟器下的Android 7
细节如下:
虚拟机构架为x86
看了下app.py,默认的frida的监听端口为0,故运行时指定为27042:
python app.py -fp 27042
访问 http://127.0.0.1:8088 一直未成功 (默认python app.py也未成功):
安卓和主机都能相互ping,不知问题出在哪?
您好,哪个bp的插件如何安装上去呢?
[17:38:59] [INFO] unload_findclass_script
message handler error
Traceback (most recent call last):
File "D:\DevLab\py3_env\.venv\lib\site-packages\engineio\server.py", line 505, in _trigger_event
return self.handlers[event](*args)
File "D:\DevLab\py3_env\.venv\lib\site-packages\socketio\server.py", line 590, in _handle_eio_message
self._handle_event(sid, pkt.namespace, pkt.id, pkt.data)
File "D:\DevLab\py3_env\.venv\lib\site-packages\socketio\server.py", line 526, in _handle_event
self._handle_event_internal(self, sid, data, namespace, id)
File "D:\DevLab\py3_env\.venv\lib\site-packages\socketio\server.py", line 529, in _handle_event_internal
r = server._trigger_event(data[0], namespace, sid, *data[1:])
File "D:\DevLab\py3_env\.venv\lib\site-packages\socketio\server.py", line 558, in _trigger_event
return self.handlers[namespace][event](*args)
File "D:\DevLab\py3_env\.venv\lib\site-packages\flask_socketio\__init__.py", line 259, in _handler
*args)
File "D:\DevLab\py3_env\.venv\lib\site-packages\flask_socketio\__init__.py", line 660, in _handle_event
ret = handler(*args)
File "D:\PenLAB\burpsuite_pro\lxhToolHTTPDecrypt\HTTPDecrypt\socketutil.py", line 31, in unloadfindclassScript
genv.script.unload()
AttributeError: 'NoneType' object has no attribute 'unload'
start页面能看到手机上的包名,选择包,confirm
,Hooks看不到任何内容,控制台报错。
android 9 ,已root
回显中文乱码,再次加密的时候也是按照乱码的中文进行加密的
一个例子
{"usr_token":"111111111111111111","isRoot":"Y","appPackage":"com.xxka.xxykt","networkTyp":"1","netServiceMer":"","deviceMod":"MuMu","characterSet":"02","plat":"0","contentTyp":"text/html","locationCity":"","start_day":"2019年11月","deviceLanguage":"zh","fingerData":"","locationProvince":"","locationData":"","locationCountry":"","userNo":"10000000000000101","opSys":"0","channel":"0","ipAddress":"10.0.3.15","clientVer":"1.1.0","time":"2019/12/3 20:42:15","pageSize":"10","locationXY":"11111111111111|11111111111111","pageNo":"1","appHash":"11111111111111","isEmulator":"N","crdType":"1","deviceID":"520000000131673","opSysVer":"6.0.1"}
加密后再次解密之后
{"usr_token":"111111111111111111","isRoot":"Y","appPackage":"com.xxka.xxykt","networkTyp":"1","netServiceMer":"","deviceMod":"MuMu","characterSet":"02","plat":"0","contentTyp":"text/html","locationCity":"","start_day":"2019t11\x08","deviceLanguage":"zh","fingerData":"","locationProvince":"","locationData":"","locationCountry":"","userNo":"10000000000000101","opSys":"0","channel":"0","ipAddress":"10.0.3.15","clientVer":"1.1.0","time":"2019/12/3 20:42:15","pageSize":"10","locationXY":"11111111111111|11111111111111","pageNo":"1","appHash":"11111111111111","isEmulator":"N","crdType":"1","deviceID":"520000000131673","opSysVer":"6.0.1"}
hook的时候无法hook到任何东西,查看终端中,发现报错了
[18:22:45] [INFO] HooksMatch: ['com.picc.nmms'], Options:
[18:22:45] [ERROR] Script failed to load, Reason is ambiguous name; it matches: com.picc.nmms (pid: 13790), com.picc.nmms (pid: 13817), Try restarting the app to continue loading the script.
老铁,加载了burpsite插件,但是显示不出来,请问这是什么原因
[11:19:56] [INFO] HTTP Decrypt running at http://127.0.0.1:8088
你好,frida正常运行,已经进行端口转发,仍然不能使用,请问如何解决,多谢
Exception in thread Thread-24:
Traceback (most recent call last):
File "G:\Python36\lib\threading.py", line 916, in _bootstrap_inner
self.run()
File "G:\Python36\lib\threading.py", line 864, in run
self._target(*self._args, **self._kwargs)
File "G:\Python36\lib\site-packages\socketio\server.py", line 599, in _handle_event_internal
r = server._trigger_event(data[0], namespace, sid, *data[1:])
File "G:\Python36\lib\site-packages\socketio\server.py", line 628, in trigger_event
return self.handlers[namespace]event
File "G:\Python36\lib\site-packages\flask_socketio_init.py", line 277, in handler
*args)
File "G:\Python36\lib\site-packages\flask_socketio_init.py", line 680, in _handle_event
ret = handler(*args)
File "C:\Users\nsfocus-pc\Desktop\lxhToolHTTPDecrypt-master\HTTPDecrypt\socketutil.py", line 235, in doLoadHook
script_content = render('./script/hooks.js', content)
File "C:\Users\nsfocus-pc\Desktop\lxhToolHTTPDecrypt-master\HTTPDecrypt\socketutil.py", line 108, in render
).get_template(filename).render(context)
File "G:\Python36\lib\site-packages\jinja2\environment.py", line 830, in get_template
return self._load_template(name, self.make_globals(globals))
File "G:\Python36\lib\site-packages\jinja2\environment.py", line 804, in _load_template
template = self.loader.load(self, name, globals)
File "G:\Python36\lib\site-packages\jinja2\loaders.py", line 113, in load
source, filename, uptodate = self.get_source(environment, name)
File "G:\Python36\lib\site-packages\jinja2\loaders.py", line 187, in get_source
raise TemplateNotFound(template)
jinja2.exceptions.TemplateNotFound: hooks.js
除了安卓系统版本,其他应该都是按照说明配的,望解答一下
用usb连接设备,frida-ps -U 工作正常,这个无法连接到设备
右键菜单发送到HTTPDecrypt,点完OK退出弹窗页,burp 2.1
希望作者多出几个教材例子文档
遇到多个app hook都是这个位置有问题 应该是bug?
或者把整个项目打成包放到pipy也行安啥..每次第一次运行都提示少依赖
大佬,请问这种情况引起的原因是什么,有什么解决方案吗?
python:3.8.7
frida:14.6.2
图片加载不出的话下面复制了报错信息
Traceback (most recent call last):
File "C:\Program Files\Python38\lib\site-packages\frida\core.py", line 383, in _on_message
callback(message, data)
File "E:\android_test\lxhToolHTTPDecrypt-master\lxhToolHTTPDecrypt-master\HTTPDecrypt\util.py", line 147, in on_message
{'data': cgi.escape(json.dumps(j_info))},
AttributeError: module 'cgi' has no attribute 'escape'
/BurpSuite/HTTPDecryptburp/src/main/java/burp/BurpExtender.java
第156行前面得加final
String result = Util.sendPost(Config.getWebServerURL(), buildArgResult); ==>> final String result = Util.sendPost(Config.getWebServerURL(), buildArgResult);
The client is using an unsupported version of the Socket.IO or Engine.IO protocols (further occurrences of this error will be logged with level INFO)
你好,mac和ios的frida相同版本,frida-ps-U正常,运行python3 app.py 出现以下报错,找了好久没找到问题所在
➜ HTTPDecrypt python3 app.py
[15:57:50] [INFO] HTTP Decrypt running at http://127.0.0.1:8088
* Serving Flask app "globalenv" (lazy loading)
* Environment: production
WARNING: Do not use the development server in a production environment.
Use a production WSGI server instead.
* Debug mode: on
Traceback (most recent call last):
File "app.py", line 115, in <module>
main()
File "app.py", line 111, in main
socketio.run(app, host=host, port=FlaskPort, debug=True)
File "/usr/local/lib/python3.7/site-packages/flask_socketio/__init__.py", line 541, in run
use_reloader=use_reloader, **kwargs)
File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 943, in run
run_simple(host, port, self, **options)
File "/usr/local/lib/python3.7/site-packages/werkzeug/serving.py", line 1007, in run_simple
run_with_reloader(inner, extra_files, reloader_interval, reloader_type)
File "/usr/local/lib/python3.7/site-packages/werkzeug/_reloader.py", line 332, in run_with_reloader
sys.exit(reloader.restart_with_reloader())
File "/usr/local/lib/python3.7/site-packages/werkzeug/_reloader.py", line 176, in restart_with_reloader
exit_code = subprocess.call(args, env=new_environ, close_fds=False)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/subprocess.py", line 323, in call
with Popen(*popenargs, **kwargs) as p:
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/subprocess.py", line 775, in __init__
restore_signals, start_new_session)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/subprocess.py", line 1522, in _execute_child
raise child_exception_type(errno_num, err_msg, err_filename)
OSError: [Errno 8] Exec format error: '/Users/tale/Downloads/lxhToolHTTPDecrypt-master/HTTPDecrypt/app.py'
frida 12.8.10
手机小米6 android 8.0
试了好几个APP都这样,一到这里就闪退:
[22:37:41] [INFO] hooks class sun.security.x509.IssuingDistributionPointExtension all method
[22:37:42] [INFO] hooks class com.android.okhttp.internal.http.RequestLine all method
[22:37:42] [INFO] hooks class javax.net.ssl.SSLParameters all method
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.