___ ___ ___ ___ _ _____ __ __
/\ /\/___\/___\/\ /\ /\ /\ / _ \/ \/_\ /__ \/__\/__\
/ /_/ // /// // //_/____/ / \ \/ /_)/ /\ //_\\ / /\/_\ / \//
/ __ / \_// \_// __ \_____\ \_/ / ___/ /_// _ \/ / //__/ _ \
\/ /_/\___/\___/\/ \/ \___/\/ /___,'\_/ \_/\/ \__/\/ \_/
for Android Did you created any Frida hooks with the Java API and the app has been updated being unable to use them again?
With this tool, you will be able to update your non-functional Frida hooks to a new ones in only a few minutes!
It's provided as a solution that intends to update hooks between the same application and slightly different versions e.g. applications with minor update differences and low/mid levels of obfuscation.
- Generates an updated Frida hooks file.
- Updates hooks of applications with low/mid levels of obfuscation.
- All non-standard API hooks are updated.
- Compatibility with the most common OS.
- Apktool
- Python3
brew install apktool
choco install apktoolFollow this instructions from the apktool website.
updater.py [-h] -old OLD -new NEW -hooks HOOKS -out OUTYou can execute the tool with the following parameters:
python3 updater.py -old examples/*****/7.4.1.46567.apk -new examples/*****/7.5.0.46863.apk -hooks examples/*****/hooks.js -out examples/*****/updated_hooks.js
An example of execution:
If the solver has found the new classes and methods, a summary with the new classes and methods will be shown.
The user specifies two different APKs for the same application. It also specifies the old hooks file and the new hooks file paths. Then, the solver of the tool will try to find similarities between the old smali files and the new smali files from the updated APK.
The application uses multiple metrics and a score system to detect similarities between Java classes and Java methods that are in the Smali format.
Smali is a languaje created for representing decompiled Android bytecodes and it can be obtained using the original baksmali tool or using other tools that have integrated it such as apktool or jadx.
We can summarize the behaviour of this tool in different stages.
The application unpacks the APKs into a work directory.
The application find all the classes specified in the configuration file and copies all the smali files that contain these classes into a the work directory.
The application finds similarities between the specified classes and all the smali files that are inside the new provided APK. Whenever the tool finds these classes, it will copy the smali files into the work folder. Check Class finder metrics for more information.
The application will find similarities between the specified methods and the methods inside the found smali files using multiple metrics. Check Method-finder-metrics for more information.
The results obtained will be written into the new hook file.
The metrics used to find the new classes in a smali file are:
- Number of fields.
- Similarities between fields.
- Number of methods.
- Similarities between methods.
- Similarities between method signatures.
- Similarities between signatures.
- Similarities between Smali lines of code.
- Add support to dump application's DEX files in runtime.
- Improve class finder and method finder metrics.
- Code refactoring, make clean code.
Pull requests and issues are welcome to this repository.