Skip to content

Commit 5891383

Browse files
author
linjun
committed
domainChecker.py move out.
pyc file untrack
1 parent b07ea4c commit 5891383

File tree

4 files changed

+28
-179
lines changed

4 files changed

+28
-179
lines changed

MW.py

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
import frida
22
import sys
3+
import time
34
from utils.utils import *
45

56
reload(sys)
@@ -21,10 +22,10 @@ def _process_message(self, message, data):
2122
if stanza['name'] == '+log':
2223
msg = str(stanza["payload"])
2324
logl("[" + str(self.pid) + "]\t" + msg)
24-
try:
25-
self.extract.post({'type': '+log-ack'})
26-
except Exception as e:
27-
pass
25+
# try:
26+
# self.extract.post({'type': '+log-ack'})
27+
# except Exception as e:
28+
# pass
2829

2930
elif stanza['name'] == '+pkill':
3031
logl("Kill Sub-Process: " + str(stanza['payload']))
@@ -34,7 +35,7 @@ def _process_message(self, message, data):
3435
logl(message)
3536
logl("=========================")
3637
except Exception as ae:
37-
logl("exception on _process_message")
38+
#logl("exception on _process_message")
3839
pass
3940

4041

@@ -59,6 +60,7 @@ def main():
5960
logl("process spwnded.");
6061
Hooker.inject_script(jsfile)
6162
logl("js injected.");
63+
#time.sleep(1)
6264
Hooker.go()
6365
logl("go!");
6466

domainChecker.py

Lines changed: 0 additions & 165 deletions
This file was deleted.

mw.js

Lines changed: 21 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -6,20 +6,32 @@ function log(msg)
66
name: '+log',
77
payload: msg
88
});
9-
recv('+log-ack', function () {}).wait();
9+
//recv('+log-ack', function () {});//.wait();
1010
}
1111
};
1212

1313

1414
var ptrMessageBoxA = Module.findExportByName("user32.dll","MessageBoxA");
1515
var MessageBoxA=new NativeFunction(ptrMessageBoxA,'int',['int','pointer','pointer','int'],'stdcall');
16-
log("ptrMessageBoxA :"+ptrMessageBoxA);
17-
Interceptor.replace(ptrMessageBoxA,new NativeCallback(function (hwnd,pText,pTitle,type) {
18-
strText=Memory.readAnsiString(pText);
19-
strTitle=Memory.readAnsiString(pTitle);
20-
log("MessageBoxA "+strText+" with title "+strTitle);
21-
strHook=Memory.allocAnsiString("hooked!");
22-
return MessageBoxA(hwnd,strHook,pTitle,type);
16+
// log("ptrMessageBoxA :"+ptrMessageBoxA);
17+
// Interceptor.replace(ptrMessageBoxA,new NativeCallback(function (hwnd,pText,pTitle,type) {
18+
// strText=Memory.readAnsiString(pText);
19+
// strTitle=Memory.readAnsiString(pTitle);
20+
// log("MessageBoxA "+strText+" with title "+strTitle);
21+
// strHook=Memory.allocAnsiString("hooked!");
22+
// return MessageBoxA(hwnd,strHook,pTitle,type);
23+
//
24+
// },'int',['int','pointer','pointer','int'],'stdcall'));
2325

24-
},'int',['int','pointer','pointer','int'],'stdcall'));
26+
var ptrMessageBoxW = Module.findExportByName("user32.dll","MessageBoxW");
27+
var MessageBoxW=new NativeFunction(ptrMessageBoxW,'int',['int','pointer','pointer','int'],'stdcall');
28+
log("ptrMessageBoxW :"+ptrMessageBoxW);
29+
Interceptor.replace(ptrMessageBoxW,new NativeCallback(function (hwnd,pText,pTitle,type) {
30+
strText=Memory.readUtf8String(pText);
31+
strTitle=Memory.readUtf8String(pTitle);
32+
log("MessageBoxW "+strText+" with title "+strTitle);
33+
strHookText=Memory.allocAnsiString("text hooked!");
34+
strHookTitle=Memory.allocAnsiString("title hooked!");
35+
return MessageBoxA(hwnd,strHookText,strHookTitle,type);
2536

37+
},'int',['int','pointer','pointer','int'],'stdcall'));

utils/utils.pyc

-5.01 KB
Binary file not shown.

0 commit comments

Comments
 (0)