Skip to content
Permalink
Browse files

Update devkit examples to the new APIs

  • Loading branch information...
oleavr committed May 10, 2019
1 parent df91077 commit ddd41112771f3ac4c8a61f6c52a2603aed4b7170
@@ -61,23 +61,30 @@ main (int argc,
if (error == NULL)
{
FridaScript * script;
FridaScriptOptions * options;

g_print ("[*] Attached\n");

script = frida_session_create_script_sync (session, "example",
"Interceptor.attach(Module.findExportByName(null, 'open'), {\n"
" onEnter: function (args) {\n"
" console.log('[*] open(\"' + Memory.readUtf8String(args[0]) + '\")');\n"
options = frida_script_options_new ();
frida_script_options_set_name (options, "example");
frida_script_options_set_runtime (options, FRIDA_SCRIPT_RUNTIME_V8);

script = frida_session_create_script_sync (session,
"Interceptor.attach(Module.getExportByName(null, 'open'), {\n"
" onEnter(args) {\n"
" console.log('[*] open(\"' + args[0].readUtf8String() + '\")');\n"
" }\n"
"});\n"
"Interceptor.attach(Module.findExportByName(null, 'close'), {\n"
" onEnter: function (args) {\n"
"Interceptor.attach(Module.getExportByName(null, 'close'), {\n"
" onEnter(args) {\n"
" console.log('[*] close(' + args[0].toInt32() + ')');\n"
" }\n"
"});",
&error);
options, &error);
g_assert (error == NULL);

g_clear_object (&options);

g_signal_connect (script, "message", G_CALLBACK (on_message), NULL);

frida_script_load_sync (script, &error);
@@ -70,23 +70,30 @@ main (int argc,
if (error == NULL)
{
FridaScript * script;
FridaScriptOptions * options;

g_print ("[*] Attached\n");

script = frida_session_create_script_sync (session, "example",
"Interceptor.attach(Module.findExportByName('kernel32.dll', 'CreateFileW'), {\n"
" onEnter: function (args) {\n"
" console.log('[*] CreateFileW(\"' + Memory.readUtf16String(args[0]) + '\")');\n"
options = frida_script_options_new ();
frida_script_options_set_name (options, "example");
frida_script_options_set_runtime (options, FRIDA_SCRIPT_RUNTIME_V8);

script = frida_session_create_script_sync (session,
"Interceptor.attach(Module.getExportByName('kernel32.dll', 'CreateFileW'), {\n"
" onEnter(args) {\n"
" console.log('[*] CreateFileW(\"' + args[0].readUtf16String() + '\")');\n"
" }\n"
"});\n"
"Interceptor.attach(Module.findExportByName('kernel32.dll', 'CloseHandle'), {\n"
" onEnter: function (args) {\n"
"Interceptor.attach(Module.getExportByName('kernel32.dll', 'CloseHandle'), {\n"
" onEnter(args) {\n"
" console.log('[*] CloseHandle(' + args[0] + ')');\n"
" }\n"
"});",
&error);
options, &error);
g_assert (error == NULL);

g_clear_object (&options);

g_signal_connect (script, "message", G_CALLBACK (on_message), NULL);

frida_script_load_sync (script, &error);
@@ -18,16 +18,16 @@ main (int argc,

gum_init_embedded ();

backend = gum_script_backend_obtain_duk ();
backend = gum_script_backend_obtain_v8 ();

script = gum_script_backend_create_sync (backend, "example",
"Interceptor.attach(Module.findExportByName(null, 'open'), {\n"
" onEnter: function (args) {\n"
" console.log('[*] open(\"' + Memory.readUtf8String(args[0]) + '\")');\n"
"Interceptor.attach(Module.getExportByName(null, 'open'), {\n"
" onEnter(args) {\n"
" console.log('[*] open(\"' + args[0].readUtf8String() + '\")');\n"
" }\n"
"});\n"
"Interceptor.attach(Module.findExportByName(null, \"close\"), {\n"
" onEnter: function (args) {\n"
"Interceptor.attach(Module.getExportByName(null, \"close\"), {\n"
" onEnter(args) {\n"
" console.log('[*] close(' + args[0].toInt32() + ')');\n"
" }\n"
"});",
@@ -28,12 +28,12 @@ main (int argc,
backend = gum_script_backend_obtain_duk ();

script = gum_script_backend_create_sync (backend, "example",
"Interceptor.attach(Module.findExportByName('user32.dll', 'MessageBeep'), {\n"
"Interceptor.attach(Module.getExportByName('user32.dll', 'MessageBeep'), {\n"
" onEnter: function (args) {\n"
" console.log('[*] MessageBeep(' + args[0].toInt32() + ')');\n"
" }\n"
"});\n"
"Interceptor.attach(Module.findExportByName('kernel32.dll', 'Sleep'), {\n"
"Interceptor.attach(Module.getExportByName('kernel32.dll', 'Sleep'), {\n"
" onEnter: function (args) {\n"
" console.log('[*] Sleep(' + args[0].toInt32() + ')');\n"
" }\n"

0 comments on commit ddd4111

Please sign in to comment.
You can’t perform that action at this time.