Untitled

From yes, 1 Month ago, written in Plain Text.

Embed

Download Paste or View Raw
Hits: 165

const LIBNAME = "libmmv8.so";

const prefix = "_ZN2v87Isolate";

waitForModule(LIBNAME, hookAllExports);

function waitForModule(moduleName, callback) {

var module = Process.findModuleByName(moduleName);

if (module !== null) {

console.log(moduleName + " module found");

callback(moduleName, prefix);

} else {

console.log(moduleName + " module not found, waiting...");

setTimeout(function () {

waitForModule(moduleName, callback);

}, 100); // Check every 0.1 second

}

}

function hookAllExports(moduleName, prefix) {

console.log("Starting export enumeration for " + moduleName);

var exports = Module.enumerateExports(moduleName);

exports.forEach(exp => {

try{

if (exp.type === "function" && (exp.name.toLowerCase().includes("isolate") || exp.name.toLowerCase().includes("startprofiling")|| exp.name.toLowerCase().includes("profiler") /* || exp.name.toLowerCase().includes("initialize")*/)) {

console.log("Hooking", exp.name);

Interceptor.attach(exp.address, {

onEnter: function (args) {

console.log(`Called ${exp.name}`);

try{

console.log('Arguments:', args[0]);

}catch(e){

console.log('Arguments:', args);

}

// console.log('from:\n' +

// Thread.backtrace(this.context, Backtracer.ACCURATE)

// .map(DebugSymbol.fromAddress).join('\n') + '\n');

// }

},

onLeave: function (retval) {

console.log(`Returned from ${exp.name}`);

console.log('Return value:', retval);

console.log('\n');

// You can add logic here to inspect or modify the return value

}

});

}

} catch (e) {

console.log(e);

}

});

}

Author

Title

Language

Your paste - Paste your paste here

const LIBNAME = &quot;libmmv8.so&quot;;
const prefix = &quot;_ZN2v87Isolate&quot;;

waitForModule(LIBNAME, hookAllExports);

// console.log('from:\n' +
                        // Thread.backtrace(this.context, Backtracer.ACCURATE)
                        // .map(DebugSymbol.fromAddress).join('\n') + '\n');
                        
                    // }
                    },
                    onLeave: function (retval) {
                        console.log(`Returned from ${exp.name}`);
                        console.log('Return value:', retval);
                        console.log('\n');
                        // You can add logic here to inspect or modify the return value
                    }
                });
            }
        } catch (e) {
            console.log(e);
        }
        });
}

Private - Private paste aren't shown in recent listings.

Delete After - When should we delete your paste?

Spam protection -

{"html5":"htmlmixed","css":"css","javascript":"javascript","php":"php","python":"python","ruby":"ruby","lua":"text\/x-lua","bash":"text\/x-sh","go":"go","c":"text\/x-csrc","cpp":"text\/x-c++src","diff":"diff","latex":"stex","sql":"sql","xml":"xml","apl":"apl","asterisk":"asterisk","c_loadrunner":"text\/x-csrc","c_mac":"text\/x-csrc","coffeescript":"text\/x-coffeescript","csharp":"text\/x-csharp","d":"d","ecmascript":"javascript","erlang":"erlang","groovy":"text\/x-groovy","haskell":"text\/x-haskell","haxe":"text\/x-haxe","html4strict":"htmlmixed","java":"text\/x-java","java5":"text\/x-java","jquery":"javascript","mirc":"mirc","mysql":"sql","ocaml":"text\/x-ocaml","pascal":"text\/x-pascal","perl":"perl","perl6":"perl","plsql":"sql","properties":"text\/x-properties","q":"text\/x-q","scala":"scala","scheme":"text\/x-scheme","tcl":"text\/x-tcl","vb":"text\/x-vb","verilog":"text\/x-verilog","yaml":"text\/x-yaml","z80":"text\/x-z80"}

Reply to "Untitled"