├── .gitignore
├── 001_frida-stalker-recompile-fix
    ├── .gitignore
    ├── README.md
    ├── app-debug.apk
    ├── app
    │   ├── .gitignore
    │   ├── app
    │   │   ├── .gitignore
    │   │   ├── build.gradle.kts
    │   │   ├── proguard-rules.pro
    │   │   └── src
    │   │   │   └── main
    │   │   │       ├── AndroidManifest.xml
    │   │   │       ├── cpp
    │   │   │           ├── CMakeLists.txt
    │   │   │           └── test_frida.cpp
    │   │   │       ├── java
    │   │   │           └── com
    │   │   │           │   └── example
    │   │   │           │       └── frida_stalker_recompile_fix
    │   │   │           │           ├── MainActivity.kt
    │   │   │           │           └── ui
    │   │   │           │               └── theme
    │   │   │           │                   ├── Color.kt
    │   │   │           │                   ├── Theme.kt
    │   │   │           │                   └── Type.kt
    │   │   │       └── res
    │   │   │           ├── drawable
    │   │   │               ├── ic_launcher_background.xml
    │   │   │               └── ic_launcher_foreground.xml
    │   │   │           ├── mipmap-anydpi
    │   │   │               ├── ic_launcher.xml
    │   │   │               └── ic_launcher_round.xml
    │   │   │           ├── mipmap-hdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   │   │           ├── mipmap-mdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   │   │           ├── mipmap-xhdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   │   │           ├── mipmap-xxhdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   │   │           ├── mipmap-xxxhdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   │   │           ├── values
    │   │   │               ├── colors.xml
    │   │   │               ├── strings.xml
    │   │   │               └── themes.xml
    │   │   │           └── xml
    │   │   │               ├── backup_rules.xml
    │   │   │               └── data_extraction_rules.xml
    │   ├── build.gradle.kts
    │   ├── gradle.properties
    │   ├── gradle
    │   │   ├── libs.versions.toml
    │   │   └── wrapper
    │   │   │   ├── gradle-wrapper.jar
    │   │   │   └── gradle-wrapper.properties
    │   ├── gradlew
    │   ├── gradlew.bat
    │   └── settings.gradle.kts
    ├── docs
    │   ├── 001-正常执行.jpg
    │   ├── 002-frida-stalker原版.jpg
    │   └── 003-frida-stalker修复.jpg
    ├── expect_run_server.sh
    ├── index.ts
    ├── package.json
    ├── run_test_fix.sh
    └── tsconfig.json
├── 002_frida-analykit-ssl-log-secret
    ├── .gitignore
    ├── README.md
    ├── app-debug.apk
    ├── app
    │   ├── .gitignore
    │   ├── app
    │   │   ├── .gitignore
    │   │   ├── build.gradle.kts
    │   │   ├── proguard-rules.pro
    │   │   └── src
    │   │   │   ├── androidTest
    │   │   │       └── java
    │   │   │       │   └── com
    │   │   │       │       └── frida_analykit
    │   │   │       │           └── ssl_log_secret
    │   │   │       │               └── ExampleInstrumentedTest.kt
    │   │   │   ├── main
    │   │   │       ├── AndroidManifest.xml
    │   │   │       ├── java
    │   │   │       │   └── com
    │   │   │       │   │   └── frida_analykit
    │   │   │       │   │       └── ssl_log_secret
    │   │   │       │   │           ├── MainActivity.kt
    │   │   │       │   │           └── ui
    │   │   │       │   │               └── theme
    │   │   │       │   │                   ├── Color.kt
    │   │   │       │   │                   ├── Theme.kt
    │   │   │       │   │                   └── Type.kt
    │   │   │       └── res
    │   │   │       │   ├── drawable
    │   │   │       │       ├── ic_launcher_background.xml
    │   │   │       │       └── ic_launcher_foreground.xml
    │   │   │       │   ├── mipmap-anydpi-v26
    │   │   │       │       ├── ic_launcher.xml
    │   │   │       │       └── ic_launcher_round.xml
    │   │   │       │   ├── mipmap-hdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── mipmap-mdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── mipmap-xhdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── mipmap-xxhdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── mipmap-xxxhdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── values
    │   │   │       │       ├── colors.xml
    │   │   │       │       ├── strings.xml
    │   │   │       │       └── themes.xml
    │   │   │       │   └── xml
    │   │   │       │       ├── backup_rules.xml
    │   │   │       │       ├── data_extraction_rules.xml
    │   │   │       │       └── network_security_config.xml
    │   │   │   └── test
    │   │   │       └── java
    │   │   │           └── com
    │   │   │               └── frida_analykit
    │   │   │                   └── ssl_log_secret
    │   │   │                       └── ExampleUnitTest.kt
    │   ├── build.gradle.kts
    │   ├── gradle.properties
    │   ├── gradle
    │   │   ├── libs.versions.toml
    │   │   └── wrapper
    │   │   │   ├── gradle-wrapper.jar
    │   │   │   └── gradle-wrapper.properties
    │   ├── gradlew
    │   ├── gradlew.bat
    │   └── settings.gradle.kts
    ├── docs
    │   ├── 001-wireshark中配置sslkey_log文件的位置.png
    │   ├── 002-wireshark中的client_random位置.png
    │   ├── 003-测试样本app功能说明.png
    │   ├── 004-wireshark选择捕获热点网卡的流量.png
    │   ├── 005-wireshark抓包解密后的http协议流量.png
    │   ├── 006-发起请求.png
    │   ├── 007-frida-analykit注入控制台输出.png
    │   ├── 008-wireshark抓包开启了ssl-pinning的流量.png
    │   ├── 009-charles中间人代理抓包开启了ssl-pinning的客户端.png
    │   └── 010-中间人代理抓包开启了ssl-pinning的客户端.png
    └── index.ts
├── 003_frida-analykit-static-linked-boringssl
    ├── .gitignore
    ├── README.md
    ├── app
    │   ├── .gitignore
    │   ├── app
    │   │   ├── .gitignore
    │   │   ├── build.gradle.kts
    │   │   ├── proguard-rules.pro
    │   │   ├── release
    │   │   │   ├── baselineProfiles
    │   │   │   │   ├── 0
    │   │   │   │   │   └── app-release.dm
    │   │   │   │   └── 1
    │   │   │   │   │   └── app-release.dm
    │   │   │   └── output-metadata.json
    │   │   └── src
    │   │   │   ├── androidTest
    │   │   │       └── java
    │   │   │       │   └── com
    │   │   │       │       └── frida_analykit
    │   │   │       │           └── static_linked_boringssl
    │   │   │       │               └── ExampleInstrumentedTest.kt
    │   │   │   ├── main
    │   │   │       ├── AndroidManifest.xml
    │   │   │       ├── java
    │   │   │       │   └── com
    │   │   │       │   │   └── frida_analykit
    │   │   │       │   │       └── static_linked_boringssl
    │   │   │       │   │           ├── MainActivity.kt
    │   │   │       │   │           ├── WebViewActivity.kt
    │   │   │       │   │           └── ui
    │   │   │       │   │               └── theme
    │   │   │       │   │                   ├── Color.kt
    │   │   │       │   │                   ├── Theme.kt
    │   │   │       │   │                   └── Type.kt
    │   │   │       └── res
    │   │   │       │   ├── drawable
    │   │   │       │       ├── ic_launcher_background.xml
    │   │   │       │       └── ic_launcher_foreground.xml
    │   │   │       │   ├── mipmap-anydpi-v26
    │   │   │       │       ├── ic_launcher.xml
    │   │   │       │       └── ic_launcher_round.xml
    │   │   │       │   ├── mipmap-hdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── mipmap-mdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── mipmap-xhdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── mipmap-xxhdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── mipmap-xxxhdpi
    │   │   │       │       ├── ic_launcher.webp
    │   │   │       │       └── ic_launcher_round.webp
    │   │   │       │   ├── values
    │   │   │       │       ├── colors.xml
    │   │   │       │       ├── strings.xml
    │   │   │       │       └── themes.xml
    │   │   │       │   └── xml
    │   │   │       │       ├── backup_rules.xml
    │   │   │       │       ├── data_extraction_rules.xml
    │   │   │       │       └── network_security_config.xml
    │   │   │   └── test
    │   │   │       └── java
    │   │   │           └── com
    │   │   │               └── frida_analykit
    │   │   │                   └── static_linked_boringssl
    │   │   │                       └── ExampleUnitTest.kt
    │   ├── build.gradle.kts
    │   ├── flutter_module
    │   │   ├── .gitignore
    │   │   ├── .metadata
    │   │   ├── README.md
    │   │   ├── analysis_options.yaml
    │   │   ├── lib
    │   │   │   └── main.dart
    │   │   ├── pubspec.lock
    │   │   ├── pubspec.yaml
    │   │   └── test
    │   │   │   └── widget_test.dart
    │   ├── gradle.properties
    │   ├── gradle
    │   │   ├── libs.versions.toml
    │   │   └── wrapper
    │   │   │   ├── gradle-wrapper.jar
    │   │   │   └── gradle-wrapper.properties
    │   ├── gradlew
    │   ├── gradlew.bat
    │   └── settings.gradle.kts
    ├── docs
    │   ├── 001-ssl_log_secret函数引用.png
    │   ├── 002-CLIENT_RANDOM字符串搜索.png
    │   ├── 003-CLIENT_RANDOM字符串引用指令.png
    │   ├── 004-测试样本app.png
    │   ├── 005-开启frida-server和启动实时编译.png
    │   ├── 006-注入三个场景的boringssl.png
    │   ├── 007-webview的wireshark抓包案例.png
    │   ├── 008-flutter中的dart发起请求的wireshark抓包案例.png
    │   └── 009-java层okhttp发起请求的wireshark抓包案例.png
    ├── index.ts
    └── samples
    │   ├── app-release.apk
    │   └── libssl.so
└── LICENSE


/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_Store
2 | .vscode


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/.gitignore:
--------------------------------------------------------------------------------
1 | node_modules/*
2 | package-lock.json
3 | .DS_Store
4 | /test/*
5 | .idea/


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/README.md:
--------------------------------------------------------------------------------
  1 | 
  2 | # frida基于bug的Stalker跟踪检测和修复
  3 | 
  4 | ## 前言
  5 | > Stalker 是 Frida 内部的一个模块用于动态追踪目标程序的执行流程，也就是当我们需要知道：
  6 | > - 函数是怎么调用的？
  7 | > - 指令是怎么一步步执行的？
  8 | > - 分支是怎么跳转的？
  9 | > - 有哪些函数是频繁被调用的？
 10 | > 
 11 | > 的时候，会用到`Stalker.follow`跟踪线程将要执行的指令，可以对指令动态插桩修改。对莫名其妙的反调试行为来说，是一个通用的兜底窥探方案。
 12 | 
 13 | ## stalker跟踪检测
 14 | > 关于stalker参考官方文档： https://frida.re/docs/stalker/
 15 | 
 16 | **注： 这个检测手段仅对于在开启`Stalker.follow`跟踪的线程生效**
 17 | 
 18 | - 原理：stalker会对执行过的内存地址(`block->real_start`)存储的指令会进行缓存，当再次进入要执行同一个地址的指令的时候，通过比对内存和缓存中的指令来确定是否需要重编译`block`来确保执行到正确的原指令 - 本应该是如此，但是正如标题所说，这个检测依赖当前`frida-gum`项目的`stalker`的重编译bug，而这个bug就出现在比对和重编译上，导致了当执行同一个内存地址的`block`时候，实际指令都是在跟第一次编译后的缓存`block`的原指令快照进行比对。所以这样的后果就是显而易见的，初次执行该内存地址的指令会一直存在于`stalker`的"阴影中"，下面我会用一个测试例子来说明这个现象。
 19 | 
 20 | 以上的场景说明存在简化，实际的问题路径在下面对应的代码: 
 21 | 1. [指令比对](https://github.com/frida/frida-gum/blob/main/gum/backend-arm64/gumstalker-arm64.c#L2596)
 22 | 2. [block重编译](https://github.com/frida/frida-gum/blob/main/gum/backend-arm64/gumstalker-arm64.c#L2635)
 23 | 
 24 | 
 25 | ### 通过下面一个例子来验证这个问题
 26 | 
 27 | 
 28 | - 为了利用上面这个bug，我们可以简单的实现两个函数，一个函数(`add_99_func`)是对传递的第一个参数+99，另一个函数(`empty_func`)是不做任何操作直接返回原参数。
 29 | 
 30 | ```c
 31 | uint64_t add_99_func(uint64_t count) {
 32 |     return count + 99;
 33 | }
 34 | 
 35 | // 对应的汇编可以是:
 36 | // add x0, x0, #99
 37 | // ret
 38 | 
 39 | ```
 40 | 
 41 | ```c
 42 | uint64 empty_func(uint64_t count){
 43 |     return count;
 44 | }
 45 | 
 46 | // 对应的汇编可以是:
 47 | // ret
 48 | ```
 49 | 
 50 | - 使用`mmap`来创建指定内存块用于复写和执行指令
 51 | ```c
 52 | 
 53 | static void *exec_addr = nullptr;
 54 | 
 55 | // insnBytes: 要写入的指令字节数组
 56 | // num: 调用func传递的count值
 57 | jstring mmap_exec(JNIEnv *env, jobject thiz, jbyteArray insnBytes, jint num) {
 58 |     size_t page_size = sysconf(_SC_PAGE_SIZE);
 59 |     if (page_size == -1) {
 60 |         std::cerr << "Failed to get page size!" << std::endl;
 61 |         return nullptr;
 62 |     }
 63 | 
 64 |     void *start_addr = exec_addr;
 65 |     int flags = MAP_ANON | MAP_PRIVATE;
 66 |     if (start_addr != nullptr) {
 67 |         flags |= MAP_FIXED;
 68 |     }
 69 |     void *mem = mmap(
 70 |             start_addr, page_size, PROT_READ | PROT_WRITE | PROT_EXEC,
 71 |              flags, -1, 0); 
 72 |     if (mem == MAP_FAILED) {
 73 |         std::cerr << "mmap failed!" << std::endl;
 74 |         exec_addr = nullptr;
 75 |         return nullptr;
 76 |     }
 77 |     if (exec_addr == nullptr) {
 78 |         exec_addr = mem; // 下次也使用同一内存地址来写入指令
 79 |     }
 80 |     jsize length = env->GetArrayLength((insnBytes));
 81 | 
 82 |     jbyte *code = env->GetByteArrayElements(insnBytes, nullptr);
 83 |     std::memcpy(mem, code, length);
 84 | 
 85 |     aarch64_sync_cache_range(mem, page_size); // 刷新cpu指令和内存数据缓存
 86 | 
 87 |     func_t func = reinterpret_cast<func_t>(mem);
 88 |     
 89 |     uint64_t sum = func(num); // 调用函数
 90 | 
 91 |     munmap(mem, page_size);
 92 | 
 93 |     env->ReleaseByteArrayElements(insnBytes, code, 0);
 94 | 
 95 |     char buff[128];
 96 |     std::sprintf(buff, "[%p] sum[%lu]", mem, sum);
 97 | 
 98 |     return env->NewStringUTF(buff);
 99 | }
100 | 
101 | 
102 | // jni native
103 | __attribute__((visibility("default")))
104 | JNIEXPORT jobjectArray JNICALL
105 | Java_com_example_frida_1stalker_1recompile_1fix_MainActivity_mmapExec(
106 |         JNIEnv *env, jobject thiz, jbyteArray inst1, jbyteArray inst2, jint base_num) {
107 |     jclass stringCls = env->FindClass("java/lang/String");
108 |     const jsize test_num = 20;
109 |     jobjectArray resultArray = env->NewObjectArray(test_num, stringCls, nullptr);
110 |     // 每点击一次按钮，遍历交替复写执行20次
111 |     for(jsize i = 0; i < test_num; i++) {
112 |         jbyteArray inst = i % 2 == 0 ? inst1 : inst2;
113 |         jstring result1 = mmap_exec(env, thiz, inst, base_num);
114 |         env->SetObjectArrayElement(resultArray, i, result1);
115 |     }
116 |     return resultArray;
117 | }
118 | 
119 | ```
120 | 
121 | - frida测试脚本
122 | ```typescript
123 | setImmediate(() => {
124 |     Interceptor.attach(
125 |         Module.getExportByName('libdl.so', 'android_dlopen_ext'), {
126 |             onEnter(args) {
127 |                 this.filename = args[0].readCString()
128 |                 console.error(`[android_dlopen_ext] ${this.filename}`)
129 |             },
130 |             onLeave(retval) {
131 |                 const filename: string = this.filename
132 |                 if(filename.includes('libtest_frida.so')) {
133 |                     attachMmapExec(Process.findModuleByName(filename)!)
134 |                 }
135 |             },
136 |         }
137 |     )
138 | 
139 |     function attachMmapExec(mod: Module) {
140 |         console.error(`[attachMmapExec] ${JSON.stringify(mod)}`)
141 |         const target = mod.getExportByName("Java_com_example_frida_1stalker_1recompile_1fix_MainActivity_mmapExec")
142 |         Interceptor.attach(target, {
143 |             onEnter(args) {
144 |                 console.log(`[mmap_exec] follow => tid[${Process.getCurrentThreadId()}]`)
145 |                 Stalker.follow(Process.getCurrentThreadId(), {
146 |                     transform(iterator: StalkerArm64Iterator) {
147 |                         let inst
148 |                         while((inst = iterator.next()) !== null) {
149 |                             // console.log(`[${Process.getCurrentThreadId()}] ${inst}`)
150 |                             iterator.keep()
151 |                         }
152 |                     }
153 |                 })
154 |             },
155 |             onLeave(retval) {
156 |                 Stalker.unfollow()
157 |                 console.error(`[mmap_exec] unfollow => tid[${Process.getCurrentThreadId()}]`)
158 |             },
159 |         })
160 |     }
161 | })
162 | 
163 | ```
164 | 
165 | - 通过对于同一个内存块进行来回按照`empty_func`，`add_99_func`的顺序来写入对应的的汇编来执行（假设传递的`count=1`）：<sup>[代码(2)](./app/app/src/main/cpp/test_frida.cpp)</sup>
166 | 1. 第一次执行`empty_func(1)`的时候返回值是1（首次编译，缓存根据empty_func生成的插桩指令）
167 | 2. 通过比对指令，第二次进行了重编译，执行`add_99_func(1)`返回100 (第一次重编译，缓存根据add_99_func生成的插桩指令，但是指令快照却是empty_func)
168 | 3. 第三次执行，预期是执行`empty_func(1)`返回1，但实际却因为快照是第一次编译的指令（empty_func），所以误认为指令没变动，所以执行了**第一次重编译**的插桩代码add_99_func，导致了此时会返回100。
169 | 4. 第四次执行，预期是执行`add_99_func(1)`返回100，实际上也是执行了`add_99_func(1)`，但是错误的又重编译一次
170 | 5. ...接下来的都会是执行`add_99_func(1)`的结果
171 | 
172 | 以下展示了三种测试结果用于说明：
173 | 
174 | #### 1. 正常无frida-stalker跟踪现象
175 | <!-- ![无注入执行](./docs/001-正常执行.jpg) -->
176 | <img src="./docs/001-正常执行.jpg" alt="无注入执行" width="200" />
177 | 
178 | #### 2. 使用原版frida-stalker跟踪现象
179 | <!-- ![frida-stalker原版跟踪](./docs/002-frida-stalker原版.jpg) -->
180 | <img src="./docs/002-frida-stalker原版.jpg" alt="frida-stalker原版跟踪" width="200" />
181 | 
182 | #### 3. 使用修复的frida-stalker后的跟踪现象
183 | <!-- ![frida-stalker修复版跟踪](./docs/003-frida-stalker修复.jpg) -->
184 | <img src="./docs/003-frida-stalker修复.jpg" alt="frida-stalker修复版跟踪" width="200" />
185 | 
186 | 
187 | 
188 | 
189 | ## 编译修复frida-server
190 | 
191 | ### 拉取源项目和合并修改
192 | ```shell
193 | # 从frida中递归子模块拉取主分支(修改基于16.5.9进行，所以我编译这个版本，其他版本如果没冲突可以试试)
194 | git clone --branch 16.5.9 --single-branch --recurse-submodules https://github.com/frida/frida.git
195 | 
196 | # 进入子模块下的frida-gum
197 | cd subprojects/frida-gum
198 | 
199 | # 添加修复的远程代码仓库地址
200 | git remote add zsa233 https://github.com/zsa233/frida-gum.git
201 | 
202 | # 拉取zsa233仓库，并且将对应的修改分支合并到本地仓库
203 | git fetch zsa233
204 | git merge zsa233/fix/stalker-wrong-recompile
205 | 
206 | # 后面接着就是编译
207 | ```
208 | 
209 | ### 编译
210 | > 参考官方文档： https://frida.re/docs/building/#cross
211 | ```shell
212 | # 指定ANDROID_NDK_ROOT，我这里下载r25c版本（16.5.9要求
213 | # wget https://dl.google.com/android/repository/android-ndk-r25c-linux.zip
214 | # 其中还需要node.js >= 18之类的编译依赖，根据错误提示解决即可，这里不再赘述
215 | # 
216 | export ANDROID_NDK_VERSION=r25c
217 | # ！！！/mypath/改成自己的ndk路径
218 | export ANDROID_NDK_ROOT=/mypath/android-ndk-$ANDROID_NDK_VERSION/
219 | 
220 | # 回到frida项目下，配置编译android-arm64平台
221 | ./configure --host=android-arm64
222 | 
223 | # 编译
224 | make
225 | 
226 | # 将编译成功的frida-server上传
227 | adb push build/subprojects/frida-core/server/frida-server /data/local/tmp/frida-server
228 | # 加上x权限
229 | adb shell chmod u+x /data/local/tmp/frida-server
230 | ```
231 | 
232 | ## 测试
233 | > [修复的测试结果如上图](#3-使用修复的frida-stalker后的跟踪现象)
234 | 
235 | 
236 | ## 资源链接
237 | > 0. [代码仓库](./)
238 | > 1. [测试app代码](./app)
239 | > 2. [so库实现](./app/app/src/main/cpp/test_frida.cpp)
240 | > 3. [frida注入脚本](./index.ts)
241 | > 4. [编译的arm64测试apk](./app-debug.apk)
242 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app-debug.apk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app-debug.apk


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/.gitignore:
--------------------------------------------------------------------------------
 1 | *.iml
 2 | .gradle
 3 | /local.properties
 4 | /.idea/caches
 5 | /.idea/libraries
 6 | /.idea/modules.xml
 7 | /.idea/workspace.xml
 8 | /.idea/navEditor.xml
 9 | /.idea/assetWizardSettings.xml
10 | .DS_Store
11 | /build
12 | /captures
13 | .externalNativeBuild
14 | .cxx
15 | local.properties
16 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/.gitignore:
--------------------------------------------------------------------------------
1 | /build


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/build.gradle.kts:
--------------------------------------------------------------------------------
 1 | plugins {
 2 |     alias(libs.plugins.android.application)
 3 |     alias(libs.plugins.jetbrains.kotlin.android)
 4 | }
 5 | 
 6 | android {
 7 |     namespace = "com.example.frida_stalker_recompile_fix"
 8 |     compileSdk = 35
 9 | 
10 |     defaultConfig {
11 |         applicationId = "com.example.frida_stalker_recompile_fix"
12 |         minSdk = 29
13 |         targetSdk = 34
14 |         versionCode = 1
15 |         versionName = "1.0"
16 | 
17 |         testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
18 | 
19 |         ndk {
20 |             abiFilters.add("arm64-v8a")
21 |         }
22 |         vectorDrawables {
23 |             useSupportLibrary = true
24 |         }
25 |         externalNativeBuild {
26 |             cmake {
27 |                 cppFlags += ""
28 |             }
29 |         }
30 | 
31 |     }
32 | 
33 |     buildTypes {
34 |         release {
35 |             isMinifyEnabled = false
36 |             proguardFiles(
37 |                 getDefaultProguardFile("proguard-android-optimize.txt"),
38 |                 "proguard-rules.pro"
39 |             )
40 |         }
41 |     }
42 |     compileOptions {
43 |         sourceCompatibility = JavaVersion.VERSION_1_8
44 |         targetCompatibility = JavaVersion.VERSION_1_8
45 |     }
46 |     kotlinOptions {
47 |         jvmTarget = "1.8"
48 |     }
49 |     buildFeatures {
50 |         compose = true
51 |     }
52 |     composeOptions {
53 |         kotlinCompilerExtensionVersion = "1.5.1"
54 |     }
55 |     packaging {
56 |         resources {
57 |             excludes += "/META-INF/{AL2.0,LGPL2.1}"
58 |         }
59 |     }
60 |     externalNativeBuild {
61 |         cmake {
62 |             path = file("src/main/cpp/CMakeLists.txt")
63 |             version = "3.22.1"
64 |         }
65 |     }
66 | }
67 | 
68 | dependencies {
69 | 
70 |     implementation(libs.androidx.core.ktx)
71 |     implementation(libs.androidx.lifecycle.runtime.ktx)
72 |     implementation(libs.androidx.activity.compose)
73 |     implementation(platform(libs.androidx.compose.bom))
74 |     implementation(libs.androidx.ui)
75 |     implementation(libs.androidx.ui.graphics)
76 |     implementation(libs.androidx.ui.tooling.preview)
77 |     implementation(libs.androidx.material3)
78 |     testImplementation(libs.junit)
79 |     androidTestImplementation(libs.androidx.junit)
80 |     androidTestImplementation(libs.androidx.espresso.core)
81 |     androidTestImplementation(platform(libs.androidx.compose.bom))
82 |     androidTestImplementation(libs.androidx.ui.test.junit4)
83 |     debugImplementation(libs.androidx.ui.tooling)
84 |     debugImplementation(libs.androidx.ui.test.manifest)
85 | }


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/proguard-rules.pro:
--------------------------------------------------------------------------------
 1 | # Add project specific ProGuard rules here.
 2 | # You can control the set of applied configuration files using the
 3 | # proguardFiles setting in build.gradle.
 4 | #
 5 | # For more details, see
 6 | #   http://developer.android.com/guide/developing/tools/proguard.html
 7 | 
 8 | # If your project uses WebView with JS, uncomment the following
 9 | # and specify the fully qualified class name to the JavaScript interface
10 | # class:
11 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
12 | #   public *;
13 | #}
14 | 
15 | # Uncomment this to preserve the line number information for
16 | # debugging stack traces.
17 | #-keepattributes SourceFile,LineNumberTable
18 | 
19 | # If you keep the line number information, uncomment this to
20 | # hide the original source file name.
21 | #-renamesourcefileattribute SourceFile


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 3 |     xmlns:tools="http://schemas.android.com/tools">
 4 |     <application
 5 |         android:allowBackup="true"
 6 |         android:dataExtractionRules="@xml/data_extraction_rules"
 7 |         android:fullBackupContent="@xml/backup_rules"
 8 |         android:icon="@mipmap/ic_launcher"
 9 |         android:label="@string/app_name"
10 |         android:roundIcon="@mipmap/ic_launcher_round"
11 |         android:supportsRtl="true"
12 |         android:theme="@style/Theme.Testfrida"
13 |         >
14 |         <activity
15 |             android:name="com.example.frida_stalker_recompile_fix.MainActivity"
16 |             android:exported="true"
17 |             android:theme="@style/Theme.Testfrida">
18 |             <intent-filter>
19 |                 <action android:name="android.intent.action.MAIN" />
20 | 
21 |                 <category android:name="android.intent.category.LAUNCHER" />
22 |             </intent-filter>
23 |         </activity>
24 |     </application>
25 | 
26 | </manifest>


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/cpp/CMakeLists.txt:
--------------------------------------------------------------------------------
 1 | 
 2 | # For more information about using CMake with Android Studio, read the
 3 | # documentation: https://d.android.com/studio/projects/add-native-code.html.
 4 | # For more examples on how to use CMake, see https://github.com/android/ndk-samples.
 5 | 
 6 | # Sets the minimum CMake version required for this project.
 7 | cmake_minimum_required(VERSION 3.22.1)
 8 | 
 9 | # Declares the project name. The project name can be accessed via ${ PROJECT_NAME},
10 | # Since this is the top level CMakeLists.txt, the project name is also accessible
11 | # with ${CMAKE_PROJECT_NAME} (both CMake variables are in-sync within the top level
12 | # build script scope).
13 | project("test_frida")
14 | 
15 | # Creates and names a library, sets it as either STATIC
16 | # or SHARED, and provides the relative paths to its source code.
17 | # You can define multiple libraries, and CMake builds them for you.
18 | # Gradle automatically packages shared libraries with your APK.
19 | #
20 | # In this top level CMakeLists.txt, ${CMAKE_PROJECT_NAME} is used to define
21 | # the target library name; in the sub-module's CMakeLists.txt, ${PROJECT_NAME}
22 | # is preferred for the same purpose.
23 | #
24 | # In order to load a library into your app from Java/Kotlin, you must call
25 | # System.loadLibrary() and pass the name of the library defined here;
26 | # for GameActivity/NativeActivity derived applications, the same library name must be
27 | # used in the AndroidManifest.xml file.
28 | add_library(${CMAKE_PROJECT_NAME} SHARED
29 |     # List C/C++ source files with relative paths to this CMakeLists.txt.
30 |     test_frida.cpp)
31 | 
32 | set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fvisibility=default")
33 | 
34 | # Specifies libraries CMake should link to your target library. You
35 | # can link libraries from various origins, such as libraries defined in this
36 | # build script, prebuilt third-party libraries, or Android system libraries.
37 | target_link_libraries(${CMAKE_PROJECT_NAME}
38 |     # List libraries link to the target library
39 |     android
40 |     log)
41 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/cpp/test_frida.cpp:
--------------------------------------------------------------------------------
  1 | #include <jni.h>
  2 | #include <string>
  3 | #include <iostream>
  4 | #include <sys/mman.h>
  5 | #include <android/log.h>
  6 | #include <bits/sysconf.h>
  7 | #include <cstdio>
  8 | 
  9 | typedef uint64_t (*func_t)(uint64_t i);
 10 | static inline uint32_t read_ctr_el0();
 11 | 
 12 | 
 13 | static uint32_t global_ctr = read_ctr_el0();
 14 | static void *exec_addr = nullptr;
 15 | 
 16 | void aarch64_sync_cache_range(void *start, size_t len);
 17 | 
 18 | extern "C" {
 19 | 
 20 | __attribute__((visibility("default")))
 21 | jstring mmap_exec(JNIEnv *env, jobject thiz, jbyteArray insnBytes, jint num) {
 22 |     size_t page_size = sysconf(_SC_PAGE_SIZE);
 23 |     if (page_size == -1) {
 24 |         std::cerr << "Failed to get page size!" << std::endl;
 25 |         return nullptr;
 26 |     }
 27 | 
 28 |     void *start_addr = exec_addr;
 29 |     int flags = MAP_ANON | MAP_PRIVATE;
 30 |     if (start_addr != nullptr) {
 31 |         flags |= MAP_FIXED;
 32 |     }
 33 |     void *mem = mmap(
 34 |             start_addr, page_size, PROT_READ | PROT_WRITE | PROT_EXEC,
 35 |              flags, -1, 0);
 36 |     if (mem == MAP_FAILED) {
 37 |         std::cerr << "mmap failed!" << std::endl;
 38 |         exec_addr = nullptr;
 39 |         return nullptr;
 40 |     }
 41 |     if (exec_addr == nullptr) {
 42 |         exec_addr = mem;
 43 |     }
 44 |     jsize length = env->GetArrayLength((insnBytes));
 45 | 
 46 |     jbyte *code = env->GetByteArrayElements(insnBytes, nullptr);
 47 |     std::memcpy(mem, code, length);
 48 | 
 49 |     aarch64_sync_cache_range(mem, page_size);
 50 | 
 51 |     func_t func = reinterpret_cast<func_t>(mem);
 52 | 
 53 |     uint64_t sum = func(num);
 54 | 
 55 |     munmap(mem, page_size);
 56 | 
 57 |     env->ReleaseByteArrayElements(insnBytes, code, 0);
 58 | 
 59 |     char buff[128];
 60 |     std::sprintf(buff, "[%p] sum[%lu]", mem, sum);
 61 | 
 62 |     return env->NewStringUTF(buff);
 63 | }
 64 | 
 65 | __attribute__((visibility("default")))
 66 | JNIEXPORT jobjectArray JNICALL
 67 | Java_com_example_frida_1stalker_1recompile_1fix_MainActivity_mmapExec(
 68 |         JNIEnv *env, jobject thiz, jbyteArray inst1, jbyteArray inst2, jint base_num) {
 69 |     jclass stringCls = env->FindClass("java/lang/String");
 70 |     const jsize test_num = 20;
 71 |     jobjectArray resultArray = env->NewObjectArray(test_num, stringCls, nullptr);
 72 |     for(jsize i = 0; i < test_num; i++) {
 73 |         jbyteArray inst = i % 2 == 0 ? inst1 : inst2;
 74 |         jstring result1 = mmap_exec(env, thiz, inst, base_num);
 75 |         env->SetObjectArrayElement(resultArray, i, result1);
 76 |     }
 77 |     return resultArray;
 78 | }
 79 | 
 80 | 
 81 | }
 82 | 
 83 | 
 84 | 
 85 | // 读取 CTR_EL0 寄存器（缓存类型寄存器）
 86 | // CTR_EL0 寄存器中：
 87 | //   - bits [19:16]：表示数据缓存最小行大小(DminLine)，计算方式为：4 << ((CTR_EL0 >> 16) & 0xF)
 88 | //   - bits [3:0]  ：表示指令缓存最小行大小(IminLine)，计算方式为：4 << (CTR_EL0 & 0xF)
 89 | static inline uint32_t read_ctr_el0(){
 90 |     uint64_t ctr;
 91 |     __asm__ volatile(
 92 |         "mrs %[ctr], ctr_el0" : [ctr] "=r"(ctr)
 93 |     );
 94 |     return (uint32_t)ctr;
 95 | }
 96 | 
 97 | 
 98 | void aarch64_sync_cache_range(void *start, size_t len) {
 99 |     uint64_t addr_start = (uint64_t)start;
100 |     uint64_t addr_end = addr_start + len;
101 |     uint32_t ctr = global_ctr;
102 |     // 数据缓存行大小
103 |     int dcache_line_size = 4 << ((ctr >> 16) & 0xF);
104 |     // 指令缓存行大小
105 |     int icache_line_size = 4 << (ctr & 0xF);
106 | 
107 |     // 清理数据缓存（将数据写回到内存）：
108 |     // 循环遍历整个内存区域，对每个缓存行执行 "dc cvau" 操作
109 |     for(uint64_t addr = addr_start & ~(dcache_line_size - 1)
110 |         ; addr < addr_end
111 |         ; addr += dcache_line_size) {
112 |         __asm__ volatile("DC CVAU, %[addr]": : [addr]"r"(addr) : "memory");
113 |     }
114 |     // 数据同步屏障，确保上面的缓存清理操作完成
115 |     __asm__ volatile("dsb ish": : : "memory");
116 | 
117 |     // 使指令缓存失效（让 CPU 重新加载新的指令）
118 |     // 遍历整个内存区域，对每个缓存行执行 "ic ivau" 操作
119 |     for(uint64_t addr = addr_start & ~(icache_line_size - 1)
120 |         ; addr < addr_end
121 |         ; addr += icache_line_size) {
122 |         __asm__ volatile("IC IVAU, %[addr]": : [addr]"r"(addr) : "memory");
123 |     }
124 |     // 再次数据同步屏障，确保失效操作完成
125 |     __asm__ volatile("dsb ish": : : "memory");
126 |     // 指令同步屏障，刷新指令流水线
127 |     __asm__ volatile("isb": : : "memory");
128 | }


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/java/com/example/frida_stalker_recompile_fix/MainActivity.kt:
--------------------------------------------------------------------------------
  1 | package com.example.frida_stalker_recompile_fix
  2 | 
  3 | import android.os.Bundle
  4 | import android.text.TextUtils
  5 | import androidx.activity.ComponentActivity
  6 | import androidx.activity.compose.setContent
  7 | import androidx.activity.enableEdgeToEdge
  8 | import androidx.compose.foundation.layout.fillMaxSize
  9 | import androidx.compose.foundation.layout.padding
 10 | import androidx.compose.foundation.rememberScrollState
 11 | import androidx.compose.foundation.verticalScroll
 12 | import androidx.compose.material3.Button
 13 | import androidx.compose.material3.Scaffold
 14 | import androidx.compose.material3.Text
 15 | import androidx.compose.runtime.*
 16 | import androidx.compose.runtime.snapshots.SnapshotStateList
 17 | import androidx.compose.ui.Modifier
 18 | import androidx.compose.ui.platform.LocalContext
 19 | import com.example.frida_stalker_recompile_fix.ui.theme.TestfridaTheme
 20 | import kotlinx.coroutines.Dispatchers
 21 | import kotlinx.coroutines.launch
 22 | import kotlinx.coroutines.withContext
 23 | import java.util.Locale
 24 | 
 25 | class MainActivity : ComponentActivity() {
 26 |     override fun onCreate(savedInstanceState: Bundle?) {
 27 |         super.onCreate(savedInstanceState)
 28 |         enableEdgeToEdge()
 29 | 
 30 |         setContent {
 31 |             TestfridaTheme {
 32 |                 val resultList = remember { mutableStateListOf<String>() }
 33 | 
 34 |                 Scaffold(
 35 |                     modifier = Modifier
 36 |                         .fillMaxSize(),
 37 |                     floatingActionButton = { Trigger(resultList) },
 38 |                 ) { innerPadding ->
 39 |                     Greeting(
 40 |                         resultList = resultList,
 41 |                         modifier = Modifier.padding(innerPadding)
 42 |                     )
 43 |                 }
 44 | 
 45 |                 System.loadLibrary("test_frida")
 46 |             }
 47 |         }
 48 |     }
 49 | 
 50 |     external fun mmapExec(insn1: ByteArray, insn2: ByteArray, num: Int): Array<String>
 51 | }
 52 | 
 53 | @Composable
 54 | fun Greeting(resultList: List<String>, modifier: Modifier = Modifier) {
 55 |     val formattedText = resultList.joinToString("\n")
 56 |     val scrollState = rememberScrollState()
 57 | 
 58 |     Text(
 59 |         text = formattedText,
 60 |         modifier = modifier.verticalScroll(scrollState)
 61 |     )
 62 | }
 63 | 
 64 | val emptyFunc = byteArrayOf(
 65 |     0xC0.toByte(), 0x03.toByte(), 0x5F.toByte(), 0xD6.toByte(),  // ret
 66 | )
 67 | val add99Func = byteArrayOf(
 68 |     0x00.toByte(), 0x8C.toByte(), 0x01.toByte(), 0x91.toByte(), // add x0, x0, #99
 69 |     0xC0.toByte(), 0x03.toByte(), 0x5F.toByte(), 0xD6.toByte(), // ret
 70 | )
 71 | 
 72 | 
 73 | @Composable
 74 | fun Trigger(resultList: SnapshotStateList<String>) {
 75 |     val activity = LocalContext.current as MainActivity
 76 | 
 77 |     val text = remember { mutableStateOf("执行") }
 78 |     val toggle = remember { mutableStateOf(false) }
 79 |     val counter = remember { mutableIntStateOf(0) }
 80 |     val isLoading = remember { mutableStateOf(false) }
 81 | 
 82 |     val coroutineScope = rememberCoroutineScope()
 83 |     Button(
 84 |         onClick = {
 85 |             if (!isLoading.value) {
 86 |                 isLoading.value = true
 87 |                 coroutineScope.launch {
 88 |                     text.value = "进行中..."
 89 |                     val results = withContext(Dispatchers.IO) {
 90 |                         toggle.value = !toggle.value
 91 |                         counter.intValue ++
 92 |                         val fn = listOf(emptyFunc, add99Func)
 93 |                         activity.mmapExec(fn[0], fn[1], 1)
 94 |                     }
 95 |                     val i = String.format(Locale.CHINA, "%03d", counter.intValue)
 96 |                     val result = TextUtils.join("\n", results)
 97 |                     resultList.add(0, "[$i]: \n $result \n")
 98 |                     isLoading.value = false
 99 |                 }
100 |             }
101 |         },
102 |         enabled = !isLoading.value
103 |     ) {
104 |         Text("开始执行")
105 |     }
106 | }
107 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/java/com/example/frida_stalker_recompile_fix/ui/theme/Color.kt:
--------------------------------------------------------------------------------
 1 | package com.example.frida_stalker_recompile_fix.ui.theme
 2 | 
 3 | import androidx.compose.ui.graphics.Color
 4 | 
 5 | val Purple80 = Color(0xFFD0BCFF)
 6 | val PurpleGrey80 = Color(0xFFCCC2DC)
 7 | val Pink80 = Color(0xFFEFB8C8)
 8 | 
 9 | val Purple40 = Color(0xFF6650a4)
10 | val PurpleGrey40 = Color(0xFF625b71)
11 | val Pink40 = Color(0xFF7D5260)


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/java/com/example/frida_stalker_recompile_fix/ui/theme/Theme.kt:
--------------------------------------------------------------------------------
 1 | package com.example.frida_stalker_recompile_fix.ui.theme
 2 | 
 3 | import android.os.Build
 4 | import androidx.compose.foundation.isSystemInDarkTheme
 5 | import androidx.compose.material3.MaterialTheme
 6 | import androidx.compose.material3.darkColorScheme
 7 | import androidx.compose.material3.dynamicDarkColorScheme
 8 | import androidx.compose.material3.dynamicLightColorScheme
 9 | import androidx.compose.material3.lightColorScheme
10 | import androidx.compose.runtime.Composable
11 | import androidx.compose.ui.platform.LocalContext
12 | 
13 | private val DarkColorScheme = darkColorScheme(
14 |     primary = Purple80,
15 |     secondary = PurpleGrey80,
16 |     tertiary = Pink80
17 | )
18 | 
19 | private val LightColorScheme = lightColorScheme(
20 |     primary = Purple40,
21 |     secondary = PurpleGrey40,
22 |     tertiary = Pink40
23 | 
24 |     /* Other default colors to override
25 |     background = Color(0xFFFFFBFE),
26 |     surface = Color(0xFFFFFBFE),
27 |     onPrimary = Color.White,
28 |     onSecondary = Color.White,
29 |     onTertiary = Color.White,
30 |     onBackground = Color(0xFF1C1B1F),
31 |     onSurface = Color(0xFF1C1B1F),
32 |     */
33 | )
34 | 
35 | @Composable
36 | fun TestfridaTheme(
37 |     darkTheme: Boolean = isSystemInDarkTheme(),
38 |     // Dynamic color is available on Android 12+
39 |     dynamicColor: Boolean = true,
40 |     content: @Composable () -> Unit
41 | ) {
42 |     val colorScheme = when {
43 |         dynamicColor && Build.VERSION.SDK_INT >= Build.VERSION_CODES.S -> {
44 |             val context = LocalContext.current
45 |             if (darkTheme) dynamicDarkColorScheme(context) else dynamicLightColorScheme(context)
46 |         }
47 | 
48 |         darkTheme -> DarkColorScheme
49 |         else -> LightColorScheme
50 |     }
51 | 
52 |     MaterialTheme(
53 |         colorScheme = colorScheme,
54 |         typography = Typography,
55 |         content = content
56 |     )
57 | }


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/java/com/example/frida_stalker_recompile_fix/ui/theme/Type.kt:
--------------------------------------------------------------------------------
 1 | package com.example.frida_stalker_recompile_fix.ui.theme
 2 | 
 3 | import androidx.compose.material3.Typography
 4 | import androidx.compose.ui.text.TextStyle
 5 | import androidx.compose.ui.text.font.FontFamily
 6 | import androidx.compose.ui.text.font.FontWeight
 7 | import androidx.compose.ui.unit.sp
 8 | 
 9 | // Set of Material typography styles to start with
10 | val Typography = Typography(
11 |     bodyLarge = TextStyle(
12 |         fontFamily = FontFamily.Default,
13 |         fontWeight = FontWeight.Normal,
14 |         fontSize = 16.sp,
15 |         lineHeight = 24.sp,
16 |         letterSpacing = 0.5.sp
17 |     )
18 |     /* Other default text styles to override
19 |     titleLarge = TextStyle(
20 |         fontFamily = FontFamily.Default,
21 |         fontWeight = FontWeight.Normal,
22 |         fontSize = 22.sp,
23 |         lineHeight = 28.sp,
24 |         letterSpacing = 0.sp
25 |     ),
26 |     labelSmall = TextStyle(
27 |         fontFamily = FontFamily.Default,
28 |         fontWeight = FontWeight.Medium,
29 |         fontSize = 11.sp,
30 |         lineHeight = 16.sp,
31 |         letterSpacing = 0.5.sp
32 |     )
33 |     */
34 | )


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/drawable/ic_launcher_background.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
  3 |     android:width="108dp"
  4 |     android:height="108dp"
  5 |     android:viewportWidth="108"
  6 |     android:viewportHeight="108">
  7 |     <path
  8 |         android:fillColor="#3DDC84"
  9 |         android:pathData="M0,0h108v108h-108z" />
 10 |     <path
 11 |         android:fillColor="#00000000"
 12 |         android:pathData="M9,0L9,108"
 13 |         android:strokeWidth="0.8"
 14 |         android:strokeColor="#33FFFFFF" />
 15 |     <path
 16 |         android:fillColor="#00000000"
 17 |         android:pathData="M19,0L19,108"
 18 |         android:strokeWidth="0.8"
 19 |         android:strokeColor="#33FFFFFF" />
 20 |     <path
 21 |         android:fillColor="#00000000"
 22 |         android:pathData="M29,0L29,108"
 23 |         android:strokeWidth="0.8"
 24 |         android:strokeColor="#33FFFFFF" />
 25 |     <path
 26 |         android:fillColor="#00000000"
 27 |         android:pathData="M39,0L39,108"
 28 |         android:strokeWidth="0.8"
 29 |         android:strokeColor="#33FFFFFF" />
 30 |     <path
 31 |         android:fillColor="#00000000"
 32 |         android:pathData="M49,0L49,108"
 33 |         android:strokeWidth="0.8"
 34 |         android:strokeColor="#33FFFFFF" />
 35 |     <path
 36 |         android:fillColor="#00000000"
 37 |         android:pathData="M59,0L59,108"
 38 |         android:strokeWidth="0.8"
 39 |         android:strokeColor="#33FFFFFF" />
 40 |     <path
 41 |         android:fillColor="#00000000"
 42 |         android:pathData="M69,0L69,108"
 43 |         android:strokeWidth="0.8"
 44 |         android:strokeColor="#33FFFFFF" />
 45 |     <path
 46 |         android:fillColor="#00000000"
 47 |         android:pathData="M79,0L79,108"
 48 |         android:strokeWidth="0.8"
 49 |         android:strokeColor="#33FFFFFF" />
 50 |     <path
 51 |         android:fillColor="#00000000"
 52 |         android:pathData="M89,0L89,108"
 53 |         android:strokeWidth="0.8"
 54 |         android:strokeColor="#33FFFFFF" />
 55 |     <path
 56 |         android:fillColor="#00000000"
 57 |         android:pathData="M99,0L99,108"
 58 |         android:strokeWidth="0.8"
 59 |         android:strokeColor="#33FFFFFF" />
 60 |     <path
 61 |         android:fillColor="#00000000"
 62 |         android:pathData="M0,9L108,9"
 63 |         android:strokeWidth="0.8"
 64 |         android:strokeColor="#33FFFFFF" />
 65 |     <path
 66 |         android:fillColor="#00000000"
 67 |         android:pathData="M0,19L108,19"
 68 |         android:strokeWidth="0.8"
 69 |         android:strokeColor="#33FFFFFF" />
 70 |     <path
 71 |         android:fillColor="#00000000"
 72 |         android:pathData="M0,29L108,29"
 73 |         android:strokeWidth="0.8"
 74 |         android:strokeColor="#33FFFFFF" />
 75 |     <path
 76 |         android:fillColor="#00000000"
 77 |         android:pathData="M0,39L108,39"
 78 |         android:strokeWidth="0.8"
 79 |         android:strokeColor="#33FFFFFF" />
 80 |     <path
 81 |         android:fillColor="#00000000"
 82 |         android:pathData="M0,49L108,49"
 83 |         android:strokeWidth="0.8"
 84 |         android:strokeColor="#33FFFFFF" />
 85 |     <path
 86 |         android:fillColor="#00000000"
 87 |         android:pathData="M0,59L108,59"
 88 |         android:strokeWidth="0.8"
 89 |         android:strokeColor="#33FFFFFF" />
 90 |     <path
 91 |         android:fillColor="#00000000"
 92 |         android:pathData="M0,69L108,69"
 93 |         android:strokeWidth="0.8"
 94 |         android:strokeColor="#33FFFFFF" />
 95 |     <path
 96 |         android:fillColor="#00000000"
 97 |         android:pathData="M0,79L108,79"
 98 |         android:strokeWidth="0.8"
 99 |         android:strokeColor="#33FFFFFF" />
100 |     <path
101 |         android:fillColor="#00000000"
102 |         android:pathData="M0,89L108,89"
103 |         android:strokeWidth="0.8"
104 |         android:strokeColor="#33FFFFFF" />
105 |     <path
106 |         android:fillColor="#00000000"
107 |         android:pathData="M0,99L108,99"
108 |         android:strokeWidth="0.8"
109 |         android:strokeColor="#33FFFFFF" />
110 |     <path
111 |         android:fillColor="#00000000"
112 |         android:pathData="M19,29L89,29"
113 |         android:strokeWidth="0.8"
114 |         android:strokeColor="#33FFFFFF" />
115 |     <path
116 |         android:fillColor="#00000000"
117 |         android:pathData="M19,39L89,39"
118 |         android:strokeWidth="0.8"
119 |         android:strokeColor="#33FFFFFF" />
120 |     <path
121 |         android:fillColor="#00000000"
122 |         android:pathData="M19,49L89,49"
123 |         android:strokeWidth="0.8"
124 |         android:strokeColor="#33FFFFFF" />
125 |     <path
126 |         android:fillColor="#00000000"
127 |         android:pathData="M19,59L89,59"
128 |         android:strokeWidth="0.8"
129 |         android:strokeColor="#33FFFFFF" />
130 |     <path
131 |         android:fillColor="#00000000"
132 |         android:pathData="M19,69L89,69"
133 |         android:strokeWidth="0.8"
134 |         android:strokeColor="#33FFFFFF" />
135 |     <path
136 |         android:fillColor="#00000000"
137 |         android:pathData="M19,79L89,79"
138 |         android:strokeWidth="0.8"
139 |         android:strokeColor="#33FFFFFF" />
140 |     <path
141 |         android:fillColor="#00000000"
142 |         android:pathData="M29,19L29,89"
143 |         android:strokeWidth="0.8"
144 |         android:strokeColor="#33FFFFFF" />
145 |     <path
146 |         android:fillColor="#00000000"
147 |         android:pathData="M39,19L39,89"
148 |         android:strokeWidth="0.8"
149 |         android:strokeColor="#33FFFFFF" />
150 |     <path
151 |         android:fillColor="#00000000"
152 |         android:pathData="M49,19L49,89"
153 |         android:strokeWidth="0.8"
154 |         android:strokeColor="#33FFFFFF" />
155 |     <path
156 |         android:fillColor="#00000000"
157 |         android:pathData="M59,19L59,89"
158 |         android:strokeWidth="0.8"
159 |         android:strokeColor="#33FFFFFF" />
160 |     <path
161 |         android:fillColor="#00000000"
162 |         android:pathData="M69,19L69,89"
163 |         android:strokeWidth="0.8"
164 |         android:strokeColor="#33FFFFFF" />
165 |     <path
166 |         android:fillColor="#00000000"
167 |         android:pathData="M79,19L79,89"
168 |         android:strokeWidth="0.8"
169 |         android:strokeColor="#33FFFFFF" />
170 | </vector>
171 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/drawable/ic_launcher_foreground.xml:
--------------------------------------------------------------------------------
 1 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
 2 |     xmlns:aapt="http://schemas.android.com/aapt"
 3 |     android:width="108dp"
 4 |     android:height="108dp"
 5 |     android:viewportWidth="108"
 6 |     android:viewportHeight="108">
 7 |     <path android:pathData="M31,63.928c0,0 6.4,-11 12.1,-13.1c7.2,-2.6 26,-1.4 26,-1.4l38.1,38.1L107,108.928l-32,-1L31,63.928z">
 8 |         <aapt:attr name="android:fillColor">
 9 |             <gradient
10 |                 android:endX="85.84757"
11 |                 android:endY="92.4963"
12 |                 android:startX="42.9492"
13 |                 android:startY="49.59793"
14 |                 android:type="linear">
15 |                 <item
16 |                     android:color="#44000000"
17 |                     android:offset="0.0" />
18 |                 <item
19 |                     android:color="#00000000"
20 |                     android:offset="1.0" />
21 |             </gradient>
22 |         </aapt:attr>
23 |     </path>
24 |     <path
25 |         android:fillColor="#FFFFFF"
26 |         android:fillType="nonZero"
27 |         android:pathData="M65.3,45.828l3.8,-6.6c0.2,-0.4 0.1,-0.9 -0.3,-1.1c-0.4,-0.2 -0.9,-0.1 -1.1,0.3l-3.9,6.7c-6.3,-2.8 -13.4,-2.8 -19.7,0l-3.9,-6.7c-0.2,-0.4 -0.7,-0.5 -1.1,-0.3C38.8,38.328 38.7,38.828 38.9,39.228l3.8,6.6C36.2,49.428 31.7,56.028 31,63.928h46C76.3,56.028 71.8,49.428 65.3,45.828zM43.4,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2c-0.3,-0.7 -0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C45.3,56.528 44.5,57.328 43.4,57.328L43.4,57.328zM64.6,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2s-0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C66.5,56.528 65.6,57.328 64.6,57.328L64.6,57.328z"
28 |         android:strokeWidth="1"
29 |         android:strokeColor="#00000000" />
30 | </vector>


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-anydpi/ic_launcher.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background" />
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground" />
5 |     <monochrome android:drawable="@drawable/ic_launcher_foreground" />
6 | </adaptive-icon>


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-anydpi/ic_launcher_round.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background" />
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground" />
5 |     <monochrome android:drawable="@drawable/ic_launcher_foreground" />
6 | </adaptive-icon>


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-hdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-hdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-hdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-hdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-mdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-mdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-mdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-mdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/values/colors.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <resources>
 3 |     <color name="purple_200">#FFBB86FC</color>
 4 |     <color name="purple_500">#FF6200EE</color>
 5 |     <color name="purple_700">#FF3700B3</color>
 6 |     <color name="teal_200">#FF03DAC5</color>
 7 |     <color name="teal_700">#FF018786</color>
 8 |     <color name="black">#FF000000</color>
 9 |     <color name="white">#FFFFFFFF</color>
10 | </resources>


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/values/strings.xml:
--------------------------------------------------------------------------------
1 | <resources>
2 |     <string name="app_name">frida-stalker-recompile-fix</string>
3 | </resources>


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/values/themes.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <resources>
3 | 
4 |     <style name="Theme.Testfrida" parent="android:Theme.Material.Light.NoActionBar" />
5 | </resources>


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/xml/backup_rules.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?><!--
 2 |    Sample backup rules file; uncomment and customize as necessary.
 3 |    See https://developer.android.com/guide/topics/data/autobackup
 4 |    for details.
 5 |    Note: This file is ignored for devices older that API 31
 6 |    See https://developer.android.com/about/versions/12/backup-restore
 7 | -->
 8 | <full-backup-content>
 9 |     <!--
10 |    <include domain="sharedpref" path="."/>
11 |    <exclude domain="sharedpref" path="device.xml"/>
12 | -->
13 | </full-backup-content>


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/app/src/main/res/xml/data_extraction_rules.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?><!--
 2 |    Sample data extraction rules file; uncomment and customize as necessary.
 3 |    See https://developer.android.com/about/versions/12/backup-restore#xml-changes
 4 |    for details.
 5 | -->
 6 | <data-extraction-rules>
 7 |     <cloud-backup>
 8 |         <!-- TODO: Use <include> and <exclude> to control what is backed up.
 9 |         <include .../>
10 |         <exclude .../>
11 |         -->
12 |     </cloud-backup>
13 |     <!--
14 |     <device-transfer>
15 |         <include .../>
16 |         <exclude .../>
17 |     </device-transfer>
18 |     -->
19 | </data-extraction-rules>


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/build.gradle.kts:
--------------------------------------------------------------------------------
1 | // Top-level build file where you can add configuration options common to all sub-projects/modules.
2 | plugins {
3 |     alias(libs.plugins.android.application) apply false
4 |     alias(libs.plugins.jetbrains.kotlin.android) apply false
5 | }


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/gradle.properties:
--------------------------------------------------------------------------------
 1 | # Project-wide Gradle settings.
 2 | # IDE (e.g. Android Studio) users:
 3 | # Gradle settings configured through the IDE *will override*
 4 | # any settings specified in this file.
 5 | # For more details on how to configure your build environment visit
 6 | # http://www.gradle.org/docs/current/userguide/build_environment.html
 7 | # Specifies the JVM arguments used for the daemon process.
 8 | # The setting is particularly useful for tweaking memory settings.
 9 | org.gradle.jvmargs=-Xmx2048m -Dfile.encoding=UTF-8
10 | # When configured, Gradle will run in incubating parallel mode.
11 | # This option should only be used with decoupled projects. For more details, visit
12 | # https://developer.android.com/r/tools/gradle-multi-project-decoupled-projects
13 | # org.gradle.parallel=true
14 | # AndroidX package structure to make it clearer which packages are bundled with the
15 | # Android operating system, and which are packaged with your app's APK
16 | # https://developer.android.com/topic/libraries/support-library/androidx-rn
17 | android.useAndroidX=true
18 | # Kotlin code style for this project: "official" or "obsolete":
19 | kotlin.code.style=official
20 | # Enables namespacing of each library's R class so that its R class includes only the
21 | # resources declared in the library itself and none from the library's dependencies,
22 | # thereby reducing the size of the R class for that library
23 | android.nonTransitiveRClass=true


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/gradle/libs.versions.toml:
--------------------------------------------------------------------------------
 1 | [versions]
 2 | agp = "8.4.1"
 3 | kotlin = "1.9.0"
 4 | coreKtx = "1.15.0"
 5 | junit = "4.13.2"
 6 | junitVersion = "1.2.1"
 7 | espressoCore = "3.6.1"
 8 | lifecycleRuntimeKtx = "2.8.7"
 9 | activityCompose = "1.8.0"
10 | composeBom = "2023.08.00"
11 | 
12 | [libraries]
13 | androidx-core-ktx = { group = "androidx.core", name = "core-ktx", version.ref = "coreKtx" }
14 | junit = { group = "junit", name = "junit", version.ref = "junit" }
15 | androidx-junit = { group = "androidx.test.ext", name = "junit", version.ref = "junitVersion" }
16 | androidx-espresso-core = { group = "androidx.test.espresso", name = "espresso-core", version.ref = "espressoCore" }
17 | androidx-lifecycle-runtime-ktx = { group = "androidx.lifecycle", name = "lifecycle-runtime-ktx", version.ref = "lifecycleRuntimeKtx" }
18 | androidx-activity-compose = { group = "androidx.activity", name = "activity-compose", version.ref = "activityCompose" }
19 | androidx-compose-bom = { group = "androidx.compose", name = "compose-bom", version.ref = "composeBom" }
20 | androidx-ui = { group = "androidx.compose.ui", name = "ui" }
21 | androidx-ui-graphics = { group = "androidx.compose.ui", name = "ui-graphics" }
22 | androidx-ui-tooling = { group = "androidx.compose.ui", name = "ui-tooling" }
23 | androidx-ui-tooling-preview = { group = "androidx.compose.ui", name = "ui-tooling-preview" }
24 | androidx-ui-test-manifest = { group = "androidx.compose.ui", name = "ui-test-manifest" }
25 | androidx-ui-test-junit4 = { group = "androidx.compose.ui", name = "ui-test-junit4" }
26 | androidx-material3 = { group = "androidx.compose.material3", name = "material3" }
27 | 
28 | [plugins]
29 | android-application = { id = "com.android.application", version.ref = "agp" }
30 | jetbrains-kotlin-android = { id = "org.jetbrains.kotlin.android", version.ref = "kotlin" }
31 | 
32 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/app/gradle/wrapper/gradle-wrapper.jar


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Thu Feb 20 15:31:08 CST 2025
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | distributionUrl=https\://services.gradle.org/distributions/gradle-8.6-bin.zip
5 | zipStoreBase=GRADLE_USER_HOME
6 | zipStorePath=wrapper/dists
7 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/gradlew:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env sh
  2 | 
  3 | #
  4 | # Copyright 2015 the original author or authors.
  5 | #
  6 | # Licensed under the Apache License, Version 2.0 (the "License");
  7 | # you may not use this file except in compliance with the License.
  8 | # You may obtain a copy of the License at
  9 | #
 10 | #      https://www.apache.org/licenses/LICENSE-2.0
 11 | #
 12 | # Unless required by applicable law or agreed to in writing, software
 13 | # distributed under the License is distributed on an "AS IS" BASIS,
 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 15 | # See the License for the specific language governing permissions and
 16 | # limitations under the License.
 17 | #
 18 | 
 19 | ##############################################################################
 20 | ##
 21 | ##  Gradle start up script for UN*X
 22 | ##
 23 | ##############################################################################
 24 | 
 25 | # Attempt to set APP_HOME
 26 | # Resolve links: $0 may be a link
 27 | PRG="$0"
 28 | # Need this for relative symlinks.
 29 | while [ -h "$PRG" ] ; do
 30 |     ls=`ls -ld "$PRG"`
 31 |     link=`expr "$ls" : '.*-> \(.*\)$'`
 32 |     if expr "$link" : '/.*' > /dev/null; then
 33 |         PRG="$link"
 34 |     else
 35 |         PRG=`dirname "$PRG"`"/$link"
 36 |     fi
 37 | done
 38 | SAVED="`pwd`"
 39 | cd "`dirname \"$PRG\"`/" >/dev/null
 40 | APP_HOME="`pwd -P`"
 41 | cd "$SAVED" >/dev/null
 42 | 
 43 | APP_NAME="Gradle"
 44 | APP_BASE_NAME=`basename "$0"`
 45 | 
 46 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
 47 | DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 48 | 
 49 | # Use the maximum available, or set MAX_FD != -1 to use that value.
 50 | MAX_FD="maximum"
 51 | 
 52 | warn () {
 53 |     echo "$*"
 54 | }
 55 | 
 56 | die () {
 57 |     echo
 58 |     echo "$*"
 59 |     echo
 60 |     exit 1
 61 | }
 62 | 
 63 | # OS specific support (must be 'true' or 'false').
 64 | cygwin=false
 65 | msys=false
 66 | darwin=false
 67 | nonstop=false
 68 | case "`uname`" in
 69 |   CYGWIN* )
 70 |     cygwin=true
 71 |     ;;
 72 |   Darwin* )
 73 |     darwin=true
 74 |     ;;
 75 |   MINGW* )
 76 |     msys=true
 77 |     ;;
 78 |   NONSTOP* )
 79 |     nonstop=true
 80 |     ;;
 81 | esac
 82 | 
 83 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 84 | 
 85 | 
 86 | # Determine the Java command to use to start the JVM.
 87 | if [ -n "$JAVA_HOME" ] ; then
 88 |     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
 89 |         # IBM's JDK on AIX uses strange locations for the executables
 90 |         JAVACMD="$JAVA_HOME/jre/sh/java"
 91 |     else
 92 |         JAVACMD="$JAVA_HOME/bin/java"
 93 |     fi
 94 |     if [ ! -x "$JAVACMD" ] ; then
 95 |         die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
 96 | 
 97 | Please set the JAVA_HOME variable in your environment to match the
 98 | location of your Java installation."
 99 |     fi
100 | else
101 |     JAVACMD="java"
102 |     which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
103 | 
104 | Please set the JAVA_HOME variable in your environment to match the
105 | location of your Java installation."
106 | fi
107 | 
108 | # Increase the maximum file descriptors if we can.
109 | if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
110 |     MAX_FD_LIMIT=`ulimit -H -n`
111 |     if [ $? -eq 0 ] ; then
112 |         if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
113 |             MAX_FD="$MAX_FD_LIMIT"
114 |         fi
115 |         ulimit -n $MAX_FD
116 |         if [ $? -ne 0 ] ; then
117 |             warn "Could not set maximum file descriptor limit: $MAX_FD"
118 |         fi
119 |     else
120 |         warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
121 |     fi
122 | fi
123 | 
124 | # For Darwin, add options to specify how the application appears in the dock
125 | if $darwin; then
126 |     GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
127 | fi
128 | 
129 | # For Cygwin or MSYS, switch paths to Windows format before running java
130 | if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
131 |     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
132 |     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
133 | 
134 |     JAVACMD=`cygpath --unix "$JAVACMD"`
135 | 
136 |     # We build the pattern for arguments to be converted via cygpath
137 |     ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
138 |     SEP=""
139 |     for dir in $ROOTDIRSRAW ; do
140 |         ROOTDIRS="$ROOTDIRS$SEP$dir"
141 |         SEP="|"
142 |     done
143 |     OURCYGPATTERN="(^($ROOTDIRS))"
144 |     # Add a user-defined pattern to the cygpath arguments
145 |     if [ "$GRADLE_CYGPATTERN" != "" ] ; then
146 |         OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
147 |     fi
148 |     # Now convert the arguments - kludge to limit ourselves to /bin/sh
149 |     i=0
150 |     for arg in "$@" ; do
151 |         CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
152 |         CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
153 | 
154 |         if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
155 |             eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
156 |         else
157 |             eval `echo args$i`="\"$arg\""
158 |         fi
159 |         i=`expr $i + 1`
160 |     done
161 |     case $i in
162 |         0) set -- ;;
163 |         1) set -- "$args0" ;;
164 |         2) set -- "$args0" "$args1" ;;
165 |         3) set -- "$args0" "$args1" "$args2" ;;
166 |         4) set -- "$args0" "$args1" "$args2" "$args3" ;;
167 |         5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
168 |         6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
169 |         7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
170 |         8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
171 |         9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
172 |     esac
173 | fi
174 | 
175 | # Escape application args
176 | save () {
177 |     for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
178 |     echo " "
179 | }
180 | APP_ARGS=`save "$@"`
181 | 
182 | # Collect all arguments for the java command, following the shell quoting and substitution rules
183 | eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
184 | 
185 | exec "$JAVACMD" "$@"
186 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/gradlew.bat:
--------------------------------------------------------------------------------
 1 | @rem
 2 | @rem Copyright 2015 the original author or authors.
 3 | @rem
 4 | @rem Licensed under the Apache License, Version 2.0 (the "License");
 5 | @rem you may not use this file except in compliance with the License.
 6 | @rem You may obtain a copy of the License at
 7 | @rem
 8 | @rem      https://www.apache.org/licenses/LICENSE-2.0
 9 | @rem
10 | @rem Unless required by applicable law or agreed to in writing, software
11 | @rem distributed under the License is distributed on an "AS IS" BASIS,
12 | @rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | @rem See the License for the specific language governing permissions and
14 | @rem limitations under the License.
15 | @rem
16 | 
17 | @if "%DEBUG%" == "" @echo off
18 | @rem ##########################################################################
19 | @rem
20 | @rem  Gradle startup script for Windows
21 | @rem
22 | @rem ##########################################################################
23 | 
24 | @rem Set local scope for the variables with windows NT shell
25 | if "%OS%"=="Windows_NT" setlocal
26 | 
27 | set DIRNAME=%~dp0
28 | if "%DIRNAME%" == "" set DIRNAME=.
29 | set APP_BASE_NAME=%~n0
30 | set APP_HOME=%DIRNAME%
31 | 
32 | @rem Resolve any "." and ".." in APP_HOME to make it shorter.
33 | for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
34 | 
35 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
36 | set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
37 | 
38 | @rem Find java.exe
39 | if defined JAVA_HOME goto findJavaFromJavaHome
40 | 
41 | set JAVA_EXE=java.exe
42 | %JAVA_EXE% -version >NUL 2>&1
43 | if "%ERRORLEVEL%" == "0" goto execute
44 | 
45 | echo.
46 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
47 | echo.
48 | echo Please set the JAVA_HOME variable in your environment to match the
49 | echo location of your Java installation.
50 | 
51 | goto fail
52 | 
53 | :findJavaFromJavaHome
54 | set JAVA_HOME=%JAVA_HOME:"=%
55 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe
56 | 
57 | if exist "%JAVA_EXE%" goto execute
58 | 
59 | echo.
60 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
61 | echo.
62 | echo Please set the JAVA_HOME variable in your environment to match the
63 | echo location of your Java installation.
64 | 
65 | goto fail
66 | 
67 | :execute
68 | @rem Setup the command line
69 | 
70 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
71 | 
72 | 
73 | @rem Execute Gradle
74 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
75 | 
76 | :end
77 | @rem End local scope for the variables with windows NT shell
78 | if "%ERRORLEVEL%"=="0" goto mainEnd
79 | 
80 | :fail
81 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
82 | rem the _cmd.exe /c_ return code!
83 | if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
84 | exit /b 1
85 | 
86 | :mainEnd
87 | if "%OS%"=="Windows_NT" endlocal
88 | 
89 | :omega
90 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/app/settings.gradle.kts:
--------------------------------------------------------------------------------
 1 | pluginManagement {
 2 |     repositories {
 3 |         google {
 4 |             content {
 5 |                 includeGroupByRegex("com\\.android.*")
 6 |                 includeGroupByRegex("com\\.google.*")
 7 |                 includeGroupByRegex("androidx.*")
 8 |             }
 9 |         }
10 |         mavenCentral()
11 |         gradlePluginPortal()
12 |     }
13 | }
14 | dependencyResolutionManagement {
15 |     repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
16 |     repositories {
17 |         google()
18 |         mavenCentral()
19 |     }
20 | }
21 | 
22 | rootProject.name = "frida-stalker-recompile-fix"
23 | include(":app")
24 |  


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/docs/001-正常执行.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/docs/001-正常执行.jpg


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/docs/002-frida-stalker原版.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/docs/002-frida-stalker原版.jpg


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/docs/003-frida-stalker修复.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/001_frida-stalker-recompile-fix/docs/003-frida-stalker修复.jpg


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/expect_run_server.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/expect -f
 2 | set timeout 30
 3 | set FRIDA_SERVER_BIN /data/local/tmp/frida-server
 4 | set SERVER_PORT 6666
 5 | 
 6 | exec adb forward tcp:$SERVER_PORT tcp:$SERVER_PORT
 7 | 
 8 | spawn adb shell
 9 | 
10 | expect -re {.*:\s*\/\s*[$#]} { 
11 |     send "su\r" 
12 | }
13 | expect -re {.*:\s*\/\s*[$#]} { 
14 |     send "$FRIDA_SERVER_BIN --version\r" 
15 | }
16 | expect -re {.*:\s*\/\s*[$#]} { 
17 |     send "$FRIDA_SERVER_BIN -l 0.0.0.0:$SERVER_PORT\r" 
18 | }
19 | expect {
20 |     -re {.*:\s*\/\s*[$#]} {}
21 |     eof {}
22 | }
23 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/index.ts:
--------------------------------------------------------------------------------
 1 | 
 2 | 
 3 | setImmediate(() => {
 4 |     Interceptor.attach(
 5 |         Module.getExportByName('libdl.so', 'android_dlopen_ext'), {
 6 |             onEnter(args) {
 7 |                 this.filename = args[0].readCString()
 8 |                 console.error(`[android_dlopen_ext] ${this.filename}`)
 9 |             },
10 |             onLeave(retval) {
11 |                 const filename: string = this.filename
12 |                 if(filename.includes('libtest_frida.so')) {
13 |                     attachMmapExec(Process.findModuleByName(filename)!)
14 |                 }
15 |             },
16 |         }
17 |     )
18 | 
19 |     function attachMmapExec(mod: Module) {
20 |         console.error(`[attachMmapExec] ${JSON.stringify(mod)}`)
21 |         const target = mod.getExportByName("Java_com_example_frida_1stalker_1recompile_1fix_MainActivity_mmapExec")
22 |         Interceptor.attach(target, {
23 |             onEnter(args) {
24 |                 console.log(`[mmap_exec] follow => tid[${Process.getCurrentThreadId()}]`)
25 |                 Stalker.follow(Process.getCurrentThreadId(), {
26 |                     transform(iterator: StalkerArm64Iterator) {
27 |                         let inst
28 |                         while((inst = iterator.next()) !== null) {
29 |                             // console.log(`[${Process.getCurrentThreadId()}] ${inst}`)
30 |                             iterator.keep()
31 |                         }
32 |                     }
33 |                 })
34 |             },
35 |             onLeave(retval) {
36 |                 Stalker.unfollow()
37 |                 console.error(`[mmap_exec] unfollow => tid[${Process.getCurrentThreadId()}]`)
38 |             },
39 |         })
40 |     }
41 | })


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "frida-stalker-recompile-fix",
 3 |   "version": "1.0.0",
 4 |   "description": "",
 5 |   "private": true,
 6 |   "main": "index.ts",
 7 |   "scripts": {},
 8 |   "devDependencies": {
 9 |     "@types/frida-gum": "^18.7.2",
10 |     "@types/node": "^18.19.3",
11 |     "frida-compile": "^16.4.1"
12 |   }
13 | }
14 | 


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/run_test_fix.sh:
--------------------------------------------------------------------------------
1 | 
2 | frida -H 127.0.0.1:6666 -f 'com.example.frida_stalker_recompile_fix' -l index.ts


--------------------------------------------------------------------------------
/001_frida-stalker-recompile-fix/tsconfig.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "compilerOptions": {
 3 |         "module": "es2022",
 4 |         "target": "es2021",
 5 |         "lib": [
 6 |             "es2021"
 7 |         ],
 8 |         "allowJs": true,
 9 |         "noEmit": true,
10 |         "strict": true,
11 |         "esModuleInterop": true,
12 |         "baseUrl": "."
13 |     }
14 | }


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/.gitignore:
--------------------------------------------------------------------------------
 1 | __pycache__
 2 | /frida-analykit
 3 | /data
 4 | /logs
 5 | /node_modules
 6 | /_agent.js
 7 | /config.yml
 8 | /package*.json
 9 | /ptpython_*.sh
10 | /tsconfig.json
11 | .DS_Store


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app-debug.apk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app-debug.apk


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/.gitignore:
--------------------------------------------------------------------------------
 1 | *.iml
 2 | .gradle
 3 | /local.properties
 4 | /.idea/
 5 | /.idea/assetWizardSettings.xml
 6 | .DS_Store
 7 | /build
 8 | /captures
 9 | .externalNativeBuild
10 | .cxx
11 | local.properties
12 | 


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/.gitignore:
--------------------------------------------------------------------------------
1 | /build


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/build.gradle.kts:
--------------------------------------------------------------------------------
 1 | plugins {
 2 |     alias(libs.plugins.android.application)
 3 |     alias(libs.plugins.kotlin.android)
 4 |     alias(libs.plugins.kotlin.compose)
 5 | }
 6 | 
 7 | android {
 8 |     namespace = "com.frida_analykit.ssl_log_secret"
 9 |     compileSdk = 35
10 | 
11 |     defaultConfig {
12 |         applicationId = "com.frida_analykit.ssl_log_secret"
13 |         minSdk = 26
14 |         targetSdk = 35
15 |         versionCode = 1
16 |         versionName = "1.0"
17 | 
18 |         testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
19 |     }
20 | 
21 |     buildTypes {
22 |         release {
23 |             isMinifyEnabled = false
24 |             proguardFiles(
25 |                 getDefaultProguardFile("proguard-android-optimize.txt"),
26 |                 "proguard-rules.pro"
27 |             )
28 |         }
29 | 
30 |         debug {
31 |             isMinifyEnabled = false  // ❗ 禁用 R8/D8 混淆 + 优化
32 |             isShrinkResources = false
33 |         }
34 | 
35 |     }
36 |     compileOptions {
37 |         sourceCompatibility = JavaVersion.VERSION_11
38 |         targetCompatibility = JavaVersion.VERSION_11
39 |     }
40 |     kotlinOptions {
41 |         jvmTarget = "11"
42 |     }
43 |     buildFeatures {
44 |         compose = true
45 |     }
46 | }
47 | 
48 | dependencies {
49 | 
50 |     implementation(libs.androidx.core.ktx)
51 |     implementation(libs.androidx.lifecycle.runtime.ktx)
52 |     implementation(libs.androidx.activity.compose)
53 |     implementation(platform(libs.androidx.compose.bom))
54 |     implementation(libs.androidx.ui)
55 |     implementation(libs.androidx.ui.graphics)
56 |     implementation(libs.androidx.ui.tooling.preview)
57 |     implementation(libs.androidx.material3)
58 |     implementation(libs.okhttp)
59 | 
60 |     testImplementation(libs.junit)
61 |     androidTestImplementation(libs.androidx.junit)
62 |     androidTestImplementation(libs.androidx.espresso.core)
63 |     androidTestImplementation(platform(libs.androidx.compose.bom))
64 |     androidTestImplementation(libs.androidx.ui.test.junit4)
65 |     debugImplementation(libs.androidx.ui.tooling)
66 |     debugImplementation(libs.androidx.ui.test.manifest)
67 | }


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/proguard-rules.pro:
--------------------------------------------------------------------------------
 1 | # Add project specific ProGuard rules here.
 2 | # You can control the set of applied configuration files using the
 3 | # proguardFiles setting in build.gradle.
 4 | #
 5 | # For more details, see
 6 | #   http://developer.android.com/guide/developing/tools/proguard.html
 7 | 
 8 | # If your project uses WebView with JS, uncomment the following
 9 | # and specify the fully qualified class name to the JavaScript interface
10 | # class:
11 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
12 | #   public *;
13 | #}
14 | 
15 | # Uncomment this to preserve the line number information for
16 | # debugging stack traces.
17 | #-keepattributes SourceFile,LineNumberTable
18 | 
19 | # If you keep the line number information, uncomment this to
20 | # hide the original source file name.
21 | #-renamesourcefileattribute SourceFile


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/androidTest/java/com/frida_analykit/ssl_log_secret/ExampleInstrumentedTest.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.ssl_log_secret
 2 | 
 3 | import androidx.test.platform.app.InstrumentationRegistry
 4 | import androidx.test.ext.junit.runners.AndroidJUnit4
 5 | 
 6 | import org.junit.Test
 7 | import org.junit.runner.RunWith
 8 | 
 9 | import org.junit.Assert.*
10 | 
11 | /**
12 |  * Instrumented test, which will execute on an Android device.
13 |  *
14 |  * See [testing documentation](http://d.android.com/tools/testing).
15 |  */
16 | @RunWith(AndroidJUnit4::class)
17 | class ExampleInstrumentedTest {
18 |     @Test
19 |     fun useAppContext() {
20 |         // Context of the app under test.
21 |         val appContext = InstrumentationRegistry.getInstrumentation().targetContext
22 |         assertEquals("com.frida_analykit.ssl_log_secret", appContext.packageName)
23 |     }
24 | }


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 3 |     xmlns:tools="http://schemas.android.com/tools" >
 4 |     <uses-permission android:name="android.permission.INTERNET" />
 5 | 
 6 |     <application
 7 |         android:allowBackup="true"
 8 |         android:dataExtractionRules="@xml/data_extraction_rules"
 9 |         android:fullBackupContent="@xml/backup_rules"
10 |         android:icon="@mipmap/ic_launcher"
11 |         android:label="@string/app_name"
12 |         android:roundIcon="@mipmap/ic_launcher_round"
13 |         android:supportsRtl="true"
14 |         android:theme="@style/Theme.Fridaanalykitssllogsecret"
15 |         tools:targetApi="31" >
16 |         <activity
17 |             android:name=".MainActivity"
18 |             android:exported="true"
19 |             android:label="@string/app_name"
20 |             android:theme="@style/Theme.Fridaanalykitssllogsecret" >
21 |             <intent-filter>
22 |                 <action android:name="android.intent.action.MAIN" />
23 | 
24 |                 <category android:name="android.intent.category.LAUNCHER" />
25 |             </intent-filter>
26 |         </activity>
27 |     </application>
28 | 
29 | </manifest>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/java/com/frida_analykit/ssl_log_secret/MainActivity.kt:
--------------------------------------------------------------------------------
  1 | package com.frida_analykit.ssl_log_secret
  2 | 
  3 | import android.annotation.SuppressLint
  4 | import android.content.Intent
  5 | import android.net.Uri
  6 | import android.os.Bundle
  7 | import android.util.Base64
  8 | import android.util.Log
  9 | import android.webkit.WebChromeClient
 10 | import android.webkit.WebResourceRequest
 11 | import android.webkit.WebSettings
 12 | import android.webkit.WebView
 13 | import android.webkit.WebViewClient
 14 | import android.widget.Toast
 15 | import androidx.activity.ComponentActivity
 16 | import androidx.activity.compose.setContent
 17 | import androidx.activity.enableEdgeToEdge
 18 | import androidx.compose.foundation.background
 19 | import androidx.compose.foundation.clickable
 20 | import androidx.compose.foundation.layout.*
 21 | import androidx.compose.material3.Button
 22 | import androidx.compose.material3.HorizontalDivider
 23 | import androidx.compose.material3.OutlinedTextField
 24 | import androidx.compose.material3.Switch
 25 | import androidx.compose.material3.SwitchDefaults
 26 | import androidx.compose.material3.Surface
 27 | import androidx.compose.material3.Text
 28 | import androidx.compose.material3.MaterialTheme
 29 | import androidx.compose.runtime.*
 30 | import androidx.compose.ui.Alignment
 31 | import androidx.compose.ui.Modifier
 32 | import androidx.compose.ui.graphics.Color
 33 | import androidx.compose.ui.unit.dp
 34 | import com.frida_analykit.ssl_log_secret.ui.theme.FridaanalykitssllogsecretTheme
 35 | import kotlinx.coroutines.Dispatchers
 36 | import kotlinx.coroutines.launch
 37 | import kotlinx.coroutines.withContext
 38 | import okhttp3.CertificatePinner
 39 | import okhttp3.OkHttpClient
 40 | import okhttp3.Request
 41 | import java.net.Proxy
 42 | import java.net.URL
 43 | import java.security.MessageDigest
 44 | import java.security.cert.X509Certificate
 45 | import javax.net.ssl.HttpsURLConnection
 46 | import androidx.compose.foundation.verticalScroll
 47 | import androidx.compose.foundation.rememberScrollState
 48 | import androidx.compose.material3.FloatingActionButton
 49 | import androidx.compose.material3.LinearProgressIndicator
 50 | import androidx.compose.ui.platform.LocalContext
 51 | import androidx.compose.ui.platform.LocalUriHandler
 52 | import androidx.compose.ui.text.TextStyle
 53 | import androidx.compose.ui.text.font.FontWeight
 54 | import androidx.compose.ui.text.style.TextAlign
 55 | import androidx.compose.ui.text.style.TextDecoration
 56 | import androidx.compose.ui.text.style.TextOverflow
 57 | import androidx.compose.ui.unit.Dp
 58 | import androidx.compose.ui.unit.TextUnit
 59 | import androidx.compose.ui.unit.sp
 60 | import androidx.compose.ui.viewinterop.AndroidView
 61 | import java.time.LocalDateTime
 62 | import java.time.format.DateTimeFormatter
 63 | 
 64 | const val GITHUB_URL = "https://github.com/zsa233/android-reverse-examples"
 65 | const val APP_TITLE = "002_frida-analykit-ssl-log-secret"
 66 | var globalOkHttpClient: OkHttpClient = OkHttpClient.Builder().build()
 67 | 
 68 | 
 69 | class MainActivity : ComponentActivity() {
 70 |     override fun onCreate(savedInstanceState: Bundle?) {
 71 |         super.onCreate(savedInstanceState)
 72 |         enableEdgeToEdge()
 73 |         setContent {
 74 |             FridaanalykitssllogsecretTheme {
 75 |                 Surface(modifier = Modifier.fillMaxSize(), color = MaterialTheme.colorScheme.background) {
 76 |                     CertificatePinningScreen()
 77 |                 }
 78 |             }
 79 |         }
 80 |     }
 81 | }
 82 | 
 83 | @Composable
 84 | fun CertificatePinningScreen() {
 85 |     val coroutineScope = rememberCoroutineScope()
 86 | 
 87 |     var urlInput by remember { mutableStateOf("https://www.qq.com/") }
 88 |     var editableFingerprint by remember { mutableStateOf("") }
 89 |     var savedFingerprint by remember { mutableStateOf("") }
 90 |     var sslPinningEnabled by remember { mutableStateOf(false) }
 91 |     var requestResult by remember { mutableStateOf("") }
 92 |     val resultTextScrollState = rememberScrollState()
 93 | 
 94 |     var openWebView by remember { mutableStateOf(false) }
 95 |     var currentUrlForWebView by remember { mutableStateOf("") }
 96 | 
 97 |     LaunchedEffect(savedFingerprint, sslPinningEnabled) {
 98 |         globalOkHttpClient = if (sslPinningEnabled && savedFingerprint.isNotEmpty()) {
 99 |             val host = URL(urlInput).host
100 |             val certificatePinner = CertificatePinner.Builder()
101 |                 .add(host, savedFingerprint).build()
102 |             Log.i("okhttp-client", "生成ssl pinning的client $host")
103 |             OkHttpClient.Builder().certificatePinner(certificatePinner).build()
104 |         } else {
105 |             Log.i("okhttp-client", "无ssl pinning的client")
106 |             OkHttpClient.Builder().build()
107 |         }
108 |     }
109 | 
110 |     Box(
111 |         modifier = Modifier
112 |             .fillMaxSize()
113 |             .padding(WindowInsets.statusBars.asPaddingValues())
114 |             .padding(horizontal = 6.dp)) {
115 |             Column(
116 |                 modifier = Modifier.fillMaxSize(),
117 |                 verticalArrangement = Arrangement.spacedBy(16.dp)
118 |             ) {
119 |                 AppProjectTitle(APP_TITLE, GITHUB_URL)
120 | 
121 |                 Text(text = "通过 HTTPS URL 获取证书/发起请求：")
122 | 
123 |                 OutlinedTextField(
124 |                     value = urlInput,
125 |                     onValueChange = { urlInput = it },
126 |                     label = { Text("输入 HTTPS URL") },
127 |                     modifier = Modifier.fillMaxWidth()
128 |                 )
129 | 
130 |                 Row(
131 |                     modifier = Modifier.fillMaxWidth(),
132 |                     horizontalArrangement = Arrangement.spacedBy(8.dp),
133 |                     verticalAlignment = Alignment.CenterVertically
134 |                 ) {
135 |                     Button(onClick = {
136 |                         coroutineScope.launch {
137 |                             try {
138 |                                 requestResult = fetchCertificateFingerprintFromUrl(urlInput)
139 |                                 editableFingerprint = requestResult
140 |                             } catch (e: Exception) {
141 |                                 requestResult = "Error: ${e.localizedMessage}"
142 |                             }
143 |                         }
144 |                     }) {
145 |                         Text(text = "获取证书")
146 |                     }
147 |                     Button(onClick = {
148 |                         coroutineScope.launch {
149 |                             try {
150 |                                 requestResult = performRequestUsingOkHttp(urlInput)
151 |                             } catch (e: Exception) {
152 |                                 requestResult = "Error: ${e.localizedMessage}"
153 |                             }
154 |                         }
155 |                     }) {
156 |                         Text(text = "发起请求")
157 |                     }
158 |                 }
159 |                 if (sslPinningEnabled) {
160 |                     Text(text = "当前处于 SSL Pinning 模式", color = Color.Red)
161 |                 }
162 |                 HorizontalDivider()
163 | 
164 |                 OutlinedTextField(
165 |                     value = editableFingerprint,
166 |                     onValueChange = { editableFingerprint = it },
167 |                     label = { Text("证书公钥 SHA256 指纹") },
168 |                     modifier = Modifier.fillMaxWidth()
169 |                 )
170 |                 Row(
171 |                     modifier = Modifier.fillMaxWidth(),
172 |                     horizontalArrangement = Arrangement.SpaceBetween,
173 |                     verticalAlignment = Alignment.CenterVertically
174 |                 ) {
175 |                     Button(onClick = {
176 |                         savedFingerprint = editableFingerprint
177 |                     }) {
178 |                         Text("保存")
179 |                     }
180 |                     Button(onClick = {
181 |                         editableFingerprint = ""
182 |                         savedFingerprint = ""
183 |                     }) {
184 |                         Text("清空")
185 |                     }
186 |                     Row(verticalAlignment = Alignment.CenterVertically) {
187 |                         Text(text = "SSL Pinning")
188 |                         Spacer(modifier = Modifier.width(4.dp))
189 |                         Switch(
190 |                             checked = sslPinningEnabled,
191 |                             onCheckedChange = { sslPinningEnabled = it },
192 |                             colors = SwitchDefaults.colors(checkedThumbColor = Color.Green)
193 |                         )
194 |                     }
195 |                 }
196 | 
197 |                 Text(
198 |                     text = "当前已保存指纹信息：$savedFingerprint",
199 |                     color = Color.Blue,
200 |                     modifier = Modifier.padding(top = 8.dp)
201 |                 )
202 |                 HorizontalDivider()
203 | 
204 |                 Box(
205 |                     modifier = Modifier
206 |                         .fillMaxWidth()
207 |                         .verticalScroll(resultTextScrollState)
208 |                 ) {
209 |                     Text(text = "请求结果：$requestResult")
210 |                 }
211 | 
212 |             }
213 |         }
214 | }
215 | 
216 | 
217 | @Composable
218 | fun AppProjectTitle(
219 |     title: String,
220 |     githubUrl: String,
221 |     fontSize: TextUnit = 20.sp,
222 |     paddingVertical: Dp = 16.dp
223 | ) {
224 |     val uriHandler = LocalUriHandler.current
225 | 
226 | 
227 |     Box(
228 |         modifier = Modifier
229 |             .fillMaxWidth()
230 |             .background(MaterialTheme.colorScheme.primaryContainer)
231 |             .padding(horizontal = 16.dp, vertical = paddingVertical)
232 |     ) {
233 |         Column(
234 |             modifier = Modifier.fillMaxWidth()
235 |         ) {
236 |             Text(
237 |                 text = title,
238 |                 modifier = Modifier.align(Alignment.CenterHorizontally),
239 |                 style = TextStyle(
240 |                     fontSize = fontSize,
241 |                     fontWeight = FontWeight.Bold,
242 |                     color = MaterialTheme.colorScheme.onPrimaryContainer,
243 |                     textAlign = TextAlign.Center
244 |                 )
245 |             )
246 |             Text(
247 |                 text = "GitHub",
248 |                 modifier = Modifier
249 |                     .align(Alignment.End)
250 |                     .clickable { uriHandler.openUri(githubUrl) },
251 |                 style = TextStyle(
252 |                     color = MaterialTheme.colorScheme.primary,
253 |                     fontSize = 12.sp,
254 |                     textDecoration = TextDecoration.Underline,
255 |                     fontWeight = FontWeight.Medium
256 |                 )
257 |             )
258 |         }
259 |     }
260 | }
261 | 
262 | 
263 | 
264 | suspend fun fetchCertificateFingerprintFromUrl(urlString: String): String = withContext(Dispatchers.IO) {
265 |     val url = URL(urlString)
266 |     // 请求真实服务证书指纹时不走代理
267 |     val connection = url.openConnection(Proxy.NO_PROXY) as HttpsURLConnection
268 |     connection.connectTimeout = 5000
269 |     connection.readTimeout = 5000
270 |     connection.connect()
271 |     val certificates = connection.serverCertificates
272 |     if (certificates.isNotEmpty()) {
273 |         val certificate = certificates[0] as X509Certificate
274 |         val publicKeyEncoded = certificate.publicKey.encoded
275 |         val digest = MessageDigest.getInstance("SHA-256")
276 |         val hash = digest.digest(publicKeyEncoded)
277 |         val base64Hash = Base64.encodeToString(hash, Base64.NO_WRAP)
278 |         "sha256/$base64Hash"
279 |     } else {
280 |         throw Exception("未获取到服务器证书")
281 |     }
282 | }
283 | 
284 | 
285 | suspend fun performRequestUsingOkHttp(urlString: String): String = withContext(Dispatchers.IO) {
286 |     val userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) " +
287 |             "AppleWebKit/537.36 (KHTML, like Gecko) " +
288 |             "Chrome/122.0.0.0 Safari/537.36"
289 | 
290 |     val request = Request.Builder()
291 |         .url(urlString)
292 |         .header("User-Agent", userAgent)
293 |         .build()
294 |     val response = globalOkHttpClient.newCall(request).execute()
295 |     val result = response.body?.string()
296 |     val currentTime = LocalDateTime.now().format(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"))
297 |     if (response.isSuccessful) {
298 |         "<$currentTime>\nOK - code[${response.code}]: ${(result?.length)} bytes"
299 |     } else {
300 |         "<$currentTime>\nERROR - code[${response.code}]: ${result?.length} bytes"
301 |     }
302 | }
303 | 


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/java/com/frida_analykit/ssl_log_secret/ui/theme/Color.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.ssl_log_secret.ui.theme
 2 | 
 3 | import androidx.compose.ui.graphics.Color
 4 | 
 5 | val Purple80 = Color(0xFFD0BCFF)
 6 | val PurpleGrey80 = Color(0xFFCCC2DC)
 7 | val Pink80 = Color(0xFFEFB8C8)
 8 | 
 9 | val Purple40 = Color(0xFF6650a4)
10 | val PurpleGrey40 = Color(0xFF625b71)
11 | val Pink40 = Color(0xFF7D5260)


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/java/com/frida_analykit/ssl_log_secret/ui/theme/Theme.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.ssl_log_secret.ui.theme
 2 | 
 3 | import android.app.Activity
 4 | import android.os.Build
 5 | import androidx.compose.foundation.isSystemInDarkTheme
 6 | import androidx.compose.material3.MaterialTheme
 7 | import androidx.compose.material3.darkColorScheme
 8 | import androidx.compose.material3.dynamicDarkColorScheme
 9 | import androidx.compose.material3.dynamicLightColorScheme
10 | import androidx.compose.material3.lightColorScheme
11 | import androidx.compose.runtime.Composable
12 | import androidx.compose.ui.platform.LocalContext
13 | 
14 | private val DarkColorScheme = darkColorScheme(
15 |     primary = Purple80,
16 |     secondary = PurpleGrey80,
17 |     tertiary = Pink80
18 | )
19 | 
20 | private val LightColorScheme = lightColorScheme(
21 |     primary = Purple40,
22 |     secondary = PurpleGrey40,
23 |     tertiary = Pink40
24 | 
25 |     /* Other default colors to override
26 |     background = Color(0xFFFFFBFE),
27 |     surface = Color(0xFFFFFBFE),
28 |     onPrimary = Color.White,
29 |     onSecondary = Color.White,
30 |     onTertiary = Color.White,
31 |     onBackground = Color(0xFF1C1B1F),
32 |     onSurface = Color(0xFF1C1B1F),
33 |     */
34 | )
35 | 
36 | @Composable
37 | fun FridaanalykitssllogsecretTheme(
38 |     darkTheme: Boolean = isSystemInDarkTheme(),
39 |     // Dynamic color is available on Android 12+
40 |     dynamicColor: Boolean = true,
41 |     content: @Composable () -> Unit
42 | ) {
43 |     val colorScheme = when {
44 |       dynamicColor && Build.VERSION.SDK_INT >= Build.VERSION_CODES.S -> {
45 |         val context = LocalContext.current
46 |         if (darkTheme) dynamicDarkColorScheme(context) else dynamicLightColorScheme(context)
47 |       }
48 |       darkTheme -> DarkColorScheme
49 |       else -> LightColorScheme
50 |     }
51 | 
52 |     MaterialTheme(
53 |       colorScheme = colorScheme,
54 |       typography = Typography,
55 |       content = content
56 |     )
57 | }


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/java/com/frida_analykit/ssl_log_secret/ui/theme/Type.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.ssl_log_secret.ui.theme
 2 | 
 3 | import androidx.compose.material3.Typography
 4 | import androidx.compose.ui.text.TextStyle
 5 | import androidx.compose.ui.text.font.FontFamily
 6 | import androidx.compose.ui.text.font.FontWeight
 7 | import androidx.compose.ui.unit.sp
 8 | 
 9 | // Set of Material typography styles to start with
10 | val Typography = Typography(
11 |     bodyLarge = TextStyle(
12 |         fontFamily = FontFamily.Default,
13 |         fontWeight = FontWeight.Normal,
14 |         fontSize = 16.sp,
15 |         lineHeight = 24.sp,
16 |         letterSpacing = 0.5.sp
17 |     )
18 |     /* Other default text styles to override
19 |     titleLarge = TextStyle(
20 |         fontFamily = FontFamily.Default,
21 |         fontWeight = FontWeight.Normal,
22 |         fontSize = 22.sp,
23 |         lineHeight = 28.sp,
24 |         letterSpacing = 0.sp
25 |     ),
26 |     labelSmall = TextStyle(
27 |         fontFamily = FontFamily.Default,
28 |         fontWeight = FontWeight.Medium,
29 |         fontSize = 11.sp,
30 |         lineHeight = 16.sp,
31 |         letterSpacing = 0.5.sp
32 |     )
33 |     */
34 | )


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/drawable/ic_launcher_background.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
  3 |     android:width="108dp"
  4 |     android:height="108dp"
  5 |     android:viewportWidth="108"
  6 |     android:viewportHeight="108">
  7 |     <path
  8 |         android:fillColor="#3DDC84"
  9 |         android:pathData="M0,0h108v108h-108z" />
 10 |     <path
 11 |         android:fillColor="#00000000"
 12 |         android:pathData="M9,0L9,108"
 13 |         android:strokeWidth="0.8"
 14 |         android:strokeColor="#33FFFFFF" />
 15 |     <path
 16 |         android:fillColor="#00000000"
 17 |         android:pathData="M19,0L19,108"
 18 |         android:strokeWidth="0.8"
 19 |         android:strokeColor="#33FFFFFF" />
 20 |     <path
 21 |         android:fillColor="#00000000"
 22 |         android:pathData="M29,0L29,108"
 23 |         android:strokeWidth="0.8"
 24 |         android:strokeColor="#33FFFFFF" />
 25 |     <path
 26 |         android:fillColor="#00000000"
 27 |         android:pathData="M39,0L39,108"
 28 |         android:strokeWidth="0.8"
 29 |         android:strokeColor="#33FFFFFF" />
 30 |     <path
 31 |         android:fillColor="#00000000"
 32 |         android:pathData="M49,0L49,108"
 33 |         android:strokeWidth="0.8"
 34 |         android:strokeColor="#33FFFFFF" />
 35 |     <path
 36 |         android:fillColor="#00000000"
 37 |         android:pathData="M59,0L59,108"
 38 |         android:strokeWidth="0.8"
 39 |         android:strokeColor="#33FFFFFF" />
 40 |     <path
 41 |         android:fillColor="#00000000"
 42 |         android:pathData="M69,0L69,108"
 43 |         android:strokeWidth="0.8"
 44 |         android:strokeColor="#33FFFFFF" />
 45 |     <path
 46 |         android:fillColor="#00000000"
 47 |         android:pathData="M79,0L79,108"
 48 |         android:strokeWidth="0.8"
 49 |         android:strokeColor="#33FFFFFF" />
 50 |     <path
 51 |         android:fillColor="#00000000"
 52 |         android:pathData="M89,0L89,108"
 53 |         android:strokeWidth="0.8"
 54 |         android:strokeColor="#33FFFFFF" />
 55 |     <path
 56 |         android:fillColor="#00000000"
 57 |         android:pathData="M99,0L99,108"
 58 |         android:strokeWidth="0.8"
 59 |         android:strokeColor="#33FFFFFF" />
 60 |     <path
 61 |         android:fillColor="#00000000"
 62 |         android:pathData="M0,9L108,9"
 63 |         android:strokeWidth="0.8"
 64 |         android:strokeColor="#33FFFFFF" />
 65 |     <path
 66 |         android:fillColor="#00000000"
 67 |         android:pathData="M0,19L108,19"
 68 |         android:strokeWidth="0.8"
 69 |         android:strokeColor="#33FFFFFF" />
 70 |     <path
 71 |         android:fillColor="#00000000"
 72 |         android:pathData="M0,29L108,29"
 73 |         android:strokeWidth="0.8"
 74 |         android:strokeColor="#33FFFFFF" />
 75 |     <path
 76 |         android:fillColor="#00000000"
 77 |         android:pathData="M0,39L108,39"
 78 |         android:strokeWidth="0.8"
 79 |         android:strokeColor="#33FFFFFF" />
 80 |     <path
 81 |         android:fillColor="#00000000"
 82 |         android:pathData="M0,49L108,49"
 83 |         android:strokeWidth="0.8"
 84 |         android:strokeColor="#33FFFFFF" />
 85 |     <path
 86 |         android:fillColor="#00000000"
 87 |         android:pathData="M0,59L108,59"
 88 |         android:strokeWidth="0.8"
 89 |         android:strokeColor="#33FFFFFF" />
 90 |     <path
 91 |         android:fillColor="#00000000"
 92 |         android:pathData="M0,69L108,69"
 93 |         android:strokeWidth="0.8"
 94 |         android:strokeColor="#33FFFFFF" />
 95 |     <path
 96 |         android:fillColor="#00000000"
 97 |         android:pathData="M0,79L108,79"
 98 |         android:strokeWidth="0.8"
 99 |         android:strokeColor="#33FFFFFF" />
100 |     <path
101 |         android:fillColor="#00000000"
102 |         android:pathData="M0,89L108,89"
103 |         android:strokeWidth="0.8"
104 |         android:strokeColor="#33FFFFFF" />
105 |     <path
106 |         android:fillColor="#00000000"
107 |         android:pathData="M0,99L108,99"
108 |         android:strokeWidth="0.8"
109 |         android:strokeColor="#33FFFFFF" />
110 |     <path
111 |         android:fillColor="#00000000"
112 |         android:pathData="M19,29L89,29"
113 |         android:strokeWidth="0.8"
114 |         android:strokeColor="#33FFFFFF" />
115 |     <path
116 |         android:fillColor="#00000000"
117 |         android:pathData="M19,39L89,39"
118 |         android:strokeWidth="0.8"
119 |         android:strokeColor="#33FFFFFF" />
120 |     <path
121 |         android:fillColor="#00000000"
122 |         android:pathData="M19,49L89,49"
123 |         android:strokeWidth="0.8"
124 |         android:strokeColor="#33FFFFFF" />
125 |     <path
126 |         android:fillColor="#00000000"
127 |         android:pathData="M19,59L89,59"
128 |         android:strokeWidth="0.8"
129 |         android:strokeColor="#33FFFFFF" />
130 |     <path
131 |         android:fillColor="#00000000"
132 |         android:pathData="M19,69L89,69"
133 |         android:strokeWidth="0.8"
134 |         android:strokeColor="#33FFFFFF" />
135 |     <path
136 |         android:fillColor="#00000000"
137 |         android:pathData="M19,79L89,79"
138 |         android:strokeWidth="0.8"
139 |         android:strokeColor="#33FFFFFF" />
140 |     <path
141 |         android:fillColor="#00000000"
142 |         android:pathData="M29,19L29,89"
143 |         android:strokeWidth="0.8"
144 |         android:strokeColor="#33FFFFFF" />
145 |     <path
146 |         android:fillColor="#00000000"
147 |         android:pathData="M39,19L39,89"
148 |         android:strokeWidth="0.8"
149 |         android:strokeColor="#33FFFFFF" />
150 |     <path
151 |         android:fillColor="#00000000"
152 |         android:pathData="M49,19L49,89"
153 |         android:strokeWidth="0.8"
154 |         android:strokeColor="#33FFFFFF" />
155 |     <path
156 |         android:fillColor="#00000000"
157 |         android:pathData="M59,19L59,89"
158 |         android:strokeWidth="0.8"
159 |         android:strokeColor="#33FFFFFF" />
160 |     <path
161 |         android:fillColor="#00000000"
162 |         android:pathData="M69,19L69,89"
163 |         android:strokeWidth="0.8"
164 |         android:strokeColor="#33FFFFFF" />
165 |     <path
166 |         android:fillColor="#00000000"
167 |         android:pathData="M79,19L79,89"
168 |         android:strokeWidth="0.8"
169 |         android:strokeColor="#33FFFFFF" />
170 | </vector>
171 | 


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/drawable/ic_launcher_foreground.xml:
--------------------------------------------------------------------------------
 1 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
 2 |     xmlns:aapt="http://schemas.android.com/aapt"
 3 |     android:width="108dp"
 4 |     android:height="108dp"
 5 |     android:viewportWidth="108"
 6 |     android:viewportHeight="108">
 7 |     <path android:pathData="M31,63.928c0,0 6.4,-11 12.1,-13.1c7.2,-2.6 26,-1.4 26,-1.4l38.1,38.1L107,108.928l-32,-1L31,63.928z">
 8 |         <aapt:attr name="android:fillColor">
 9 |             <gradient
10 |                 android:endX="85.84757"
11 |                 android:endY="92.4963"
12 |                 android:startX="42.9492"
13 |                 android:startY="49.59793"
14 |                 android:type="linear">
15 |                 <item
16 |                     android:color="#44000000"
17 |                     android:offset="0.0" />
18 |                 <item
19 |                     android:color="#00000000"
20 |                     android:offset="1.0" />
21 |             </gradient>
22 |         </aapt:attr>
23 |     </path>
24 |     <path
25 |         android:fillColor="#FFFFFF"
26 |         android:fillType="nonZero"
27 |         android:pathData="M65.3,45.828l3.8,-6.6c0.2,-0.4 0.1,-0.9 -0.3,-1.1c-0.4,-0.2 -0.9,-0.1 -1.1,0.3l-3.9,6.7c-6.3,-2.8 -13.4,-2.8 -19.7,0l-3.9,-6.7c-0.2,-0.4 -0.7,-0.5 -1.1,-0.3C38.8,38.328 38.7,38.828 38.9,39.228l3.8,6.6C36.2,49.428 31.7,56.028 31,63.928h46C76.3,56.028 71.8,49.428 65.3,45.828zM43.4,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2c-0.3,-0.7 -0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C45.3,56.528 44.5,57.328 43.4,57.328L43.4,57.328zM64.6,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2s-0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C66.5,56.528 65.6,57.328 64.6,57.328L64.6,57.328z"
28 |         android:strokeWidth="1"
29 |         android:strokeColor="#00000000" />
30 | </vector>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-anydpi-v26/ic_launcher.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background" />
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground" />
5 |     <monochrome android:drawable="@drawable/ic_launcher_foreground" />
6 | </adaptive-icon>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-anydpi-v26/ic_launcher_round.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background" />
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground" />
5 |     <monochrome android:drawable="@drawable/ic_launcher_foreground" />
6 | </adaptive-icon>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-hdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-hdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-hdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-hdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-mdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-mdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-mdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-mdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/values/colors.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <resources>
 3 |     <color name="purple_200">#FFBB86FC</color>
 4 |     <color name="purple_500">#FF6200EE</color>
 5 |     <color name="purple_700">#FF3700B3</color>
 6 |     <color name="teal_200">#FF03DAC5</color>
 7 |     <color name="teal_700">#FF018786</color>
 8 |     <color name="black">#FF000000</color>
 9 |     <color name="white">#FFFFFFFF</color>
10 | </resources>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/values/strings.xml:
--------------------------------------------------------------------------------
1 | <resources>
2 |     <string name="app_name">frida-analykit-ssl-log-secret</string>
3 | </resources>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/values/themes.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <resources>
3 |     <style name="Theme.Fridaanalykitssllogsecret" parent="android:Theme.Material.Light.NoActionBar" />
4 | </resources>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/xml/backup_rules.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?><!--
 2 |    Sample backup rules file; uncomment and customize as necessary.
 3 |    See https://developer.android.com/guide/topics/data/autobackup
 4 |    for details.
 5 |    Note: This file is ignored for devices older that API 31
 6 |    See https://developer.android.com/about/versions/12/backup-restore
 7 | -->
 8 | <full-backup-content>
 9 |     <!--
10 |    <include domain="sharedpref" path="."/>
11 |    <exclude domain="sharedpref" path="device.xml"/>
12 | -->
13 | </full-backup-content>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/xml/data_extraction_rules.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?><!--
 2 |    Sample data extraction rules file; uncomment and customize as necessary.
 3 |    See https://developer.android.com/about/versions/12/backup-restore#xml-changes
 4 |    for details.
 5 | -->
 6 | <data-extraction-rules>
 7 |     <cloud-backup>
 8 |         <!-- TODO: Use <include> and <exclude> to control what is backed up.
 9 |         <include .../>
10 |         <exclude .../>
11 |         -->
12 |     </cloud-backup>
13 |     <!--
14 |     <device-transfer>
15 |         <include .../>
16 |         <exclude .../>
17 |     </device-transfer>
18 |     -->
19 | </data-extraction-rules>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/main/res/xml/network_security_config.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <network-security-config>
 3 |     <base-config>
 4 |         <trust-anchors>
 5 |             <certificates src="system"/>
 6 |         </trust-anchors>
 7 |     </base-config>
 8 |     <debug-overrides>
 9 |         <trust-anchors>
10 |             <certificates src="system"/>
11 |             <certificates src="user"/>
12 |         </trust-anchors>
13 |     </debug-overrides>
14 | </network-security-config>


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/app/src/test/java/com/frida_analykit/ssl_log_secret/ExampleUnitTest.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.ssl_log_secret
 2 | 
 3 | import org.junit.Test
 4 | 
 5 | import org.junit.Assert.*
 6 | 
 7 | /**
 8 |  * Example local unit test, which will execute on the development machine (host).
 9 |  *
10 |  * See [testing documentation](http://d.android.com/tools/testing).
11 |  */
12 | class ExampleUnitTest {
13 |     @Test
14 |     fun addition_isCorrect() {
15 |         assertEquals(4, 2 + 2)
16 |     }
17 | }


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/build.gradle.kts:
--------------------------------------------------------------------------------
1 | // Top-level build file where you can add configuration options common to all sub-projects/modules.
2 | plugins {
3 |     alias(libs.plugins.android.application) apply false
4 |     alias(libs.plugins.kotlin.android) apply false
5 |     alias(libs.plugins.kotlin.compose) apply false
6 | }


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/gradle.properties:
--------------------------------------------------------------------------------
 1 | # Project-wide Gradle settings.
 2 | # IDE (e.g. Android Studio) users:
 3 | # Gradle settings configured through the IDE *will override*
 4 | # any settings specified in this file.
 5 | # For more details on how to configure your build environment visit
 6 | # http://www.gradle.org/docs/current/userguide/build_environment.html
 7 | # Specifies the JVM arguments used for the daemon process.
 8 | # The setting is particularly useful for tweaking memory settings.
 9 | org.gradle.jvmargs=-Xmx2048m -Dfile.encoding=UTF-8
10 | # When configured, Gradle will run in incubating parallel mode.
11 | # This option should only be used with decoupled projects. For more details, visit
12 | # https://developer.android.com/r/tools/gradle-multi-project-decoupled-projects
13 | # org.gradle.parallel=true
14 | # AndroidX package structure to make it clearer which packages are bundled with the
15 | # Android operating system, and which are packaged with your app's APK
16 | # https://developer.android.com/topic/libraries/support-library/androidx-rn
17 | android.useAndroidX=true
18 | # Kotlin code style for this project: "official" or "obsolete":
19 | kotlin.code.style=official
20 | # Enables namespacing of each library's R class so that its R class includes only the
21 | # resources declared in the library itself and none from the library's dependencies,
22 | # thereby reducing the size of the R class for that library
23 | android.nonTransitiveRClass=true


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/gradle/libs.versions.toml:
--------------------------------------------------------------------------------
 1 | [versions]
 2 | agp = "8.8.0"
 3 | kotlin = "2.0.0"
 4 | coreKtx = "1.15.0"
 5 | junit = "4.13.2"
 6 | junitVersion = "1.2.1"
 7 | espressoCore = "3.6.1"
 8 | lifecycleRuntimeKtx = "2.6.1"
 9 | activityCompose = "1.8.0"
10 | composeBom = "2024.04.01"
11 | okhttp = "4.10.0"
12 | 
13 | [libraries]
14 | androidx-core-ktx = { group = "androidx.core", name = "core-ktx", version.ref = "coreKtx" }
15 | junit = { group = "junit", name = "junit", version.ref = "junit" }
16 | androidx-junit = { group = "androidx.test.ext", name = "junit", version.ref = "junitVersion" }
17 | androidx-espresso-core = { group = "androidx.test.espresso", name = "espresso-core", version.ref = "espressoCore" }
18 | androidx-lifecycle-runtime-ktx = { group = "androidx.lifecycle", name = "lifecycle-runtime-ktx", version.ref = "lifecycleRuntimeKtx" }
19 | androidx-activity-compose = { group = "androidx.activity", name = "activity-compose", version.ref = "activityCompose" }
20 | androidx-compose-bom = { group = "androidx.compose", name = "compose-bom", version.ref = "composeBom" }
21 | androidx-ui = { group = "androidx.compose.ui", name = "ui" }
22 | androidx-ui-graphics = { group = "androidx.compose.ui", name = "ui-graphics" }
23 | androidx-ui-tooling = { group = "androidx.compose.ui", name = "ui-tooling" }
24 | androidx-ui-tooling-preview = { group = "androidx.compose.ui", name = "ui-tooling-preview" }
25 | androidx-ui-test-manifest = { group = "androidx.compose.ui", name = "ui-test-manifest" }
26 | androidx-ui-test-junit4 = { group = "androidx.compose.ui", name = "ui-test-junit4" }
27 | androidx-material3 = { group = "androidx.compose.material3", name = "material3" }
28 | okhttp = { module = "com.squareup.okhttp3:okhttp", version.ref = "okhttp" }
29 | 
30 | [plugins]
31 | android-application = { id = "com.android.application", version.ref = "agp" }
32 | kotlin-android = { id = "org.jetbrains.kotlin.android", version.ref = "kotlin" }
33 | kotlin-compose = { id = "org.jetbrains.kotlin.plugin.compose", version.ref = "kotlin" }
34 | 
35 | 


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/app/gradle/wrapper/gradle-wrapper.jar


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Thu Apr 10 23:55:11 CST 2025
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip
5 | zipStoreBase=GRADLE_USER_HOME
6 | zipStorePath=wrapper/dists
7 | 


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/gradlew:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env sh
  2 | 
  3 | #
  4 | # Copyright 2015 the original author or authors.
  5 | #
  6 | # Licensed under the Apache License, Version 2.0 (the "License");
  7 | # you may not use this file except in compliance with the License.
  8 | # You may obtain a copy of the License at
  9 | #
 10 | #      https://www.apache.org/licenses/LICENSE-2.0
 11 | #
 12 | # Unless required by applicable law or agreed to in writing, software
 13 | # distributed under the License is distributed on an "AS IS" BASIS,
 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 15 | # See the License for the specific language governing permissions and
 16 | # limitations under the License.
 17 | #
 18 | 
 19 | ##############################################################################
 20 | ##
 21 | ##  Gradle start up script for UN*X
 22 | ##
 23 | ##############################################################################
 24 | 
 25 | # Attempt to set APP_HOME
 26 | # Resolve links: $0 may be a link
 27 | PRG="$0"
 28 | # Need this for relative symlinks.
 29 | while [ -h "$PRG" ] ; do
 30 |     ls=`ls -ld "$PRG"`
 31 |     link=`expr "$ls" : '.*-> \(.*\)$'`
 32 |     if expr "$link" : '/.*' > /dev/null; then
 33 |         PRG="$link"
 34 |     else
 35 |         PRG=`dirname "$PRG"`"/$link"
 36 |     fi
 37 | done
 38 | SAVED="`pwd`"
 39 | cd "`dirname \"$PRG\"`/" >/dev/null
 40 | APP_HOME="`pwd -P`"
 41 | cd "$SAVED" >/dev/null
 42 | 
 43 | APP_NAME="Gradle"
 44 | APP_BASE_NAME=`basename "$0"`
 45 | 
 46 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
 47 | DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 48 | 
 49 | # Use the maximum available, or set MAX_FD != -1 to use that value.
 50 | MAX_FD="maximum"
 51 | 
 52 | warn () {
 53 |     echo "$*"
 54 | }
 55 | 
 56 | die () {
 57 |     echo
 58 |     echo "$*"
 59 |     echo
 60 |     exit 1
 61 | }
 62 | 
 63 | # OS specific support (must be 'true' or 'false').
 64 | cygwin=false
 65 | msys=false
 66 | darwin=false
 67 | nonstop=false
 68 | case "`uname`" in
 69 |   CYGWIN* )
 70 |     cygwin=true
 71 |     ;;
 72 |   Darwin* )
 73 |     darwin=true
 74 |     ;;
 75 |   MINGW* )
 76 |     msys=true
 77 |     ;;
 78 |   NONSTOP* )
 79 |     nonstop=true
 80 |     ;;
 81 | esac
 82 | 
 83 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 84 | 
 85 | 
 86 | # Determine the Java command to use to start the JVM.
 87 | if [ -n "$JAVA_HOME" ] ; then
 88 |     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
 89 |         # IBM's JDK on AIX uses strange locations for the executables
 90 |         JAVACMD="$JAVA_HOME/jre/sh/java"
 91 |     else
 92 |         JAVACMD="$JAVA_HOME/bin/java"
 93 |     fi
 94 |     if [ ! -x "$JAVACMD" ] ; then
 95 |         die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
 96 | 
 97 | Please set the JAVA_HOME variable in your environment to match the
 98 | location of your Java installation."
 99 |     fi
100 | else
101 |     JAVACMD="java"
102 |     which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
103 | 
104 | Please set the JAVA_HOME variable in your environment to match the
105 | location of your Java installation."
106 | fi
107 | 
108 | # Increase the maximum file descriptors if we can.
109 | if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
110 |     MAX_FD_LIMIT=`ulimit -H -n`
111 |     if [ $? -eq 0 ] ; then
112 |         if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
113 |             MAX_FD="$MAX_FD_LIMIT"
114 |         fi
115 |         ulimit -n $MAX_FD
116 |         if [ $? -ne 0 ] ; then
117 |             warn "Could not set maximum file descriptor limit: $MAX_FD"
118 |         fi
119 |     else
120 |         warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
121 |     fi
122 | fi
123 | 
124 | # For Darwin, add options to specify how the application appears in the dock
125 | if $darwin; then
126 |     GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
127 | fi
128 | 
129 | # For Cygwin or MSYS, switch paths to Windows format before running java
130 | if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
131 |     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
132 |     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
133 | 
134 |     JAVACMD=`cygpath --unix "$JAVACMD"`
135 | 
136 |     # We build the pattern for arguments to be converted via cygpath
137 |     ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
138 |     SEP=""
139 |     for dir in $ROOTDIRSRAW ; do
140 |         ROOTDIRS="$ROOTDIRS$SEP$dir"
141 |         SEP="|"
142 |     done
143 |     OURCYGPATTERN="(^($ROOTDIRS))"
144 |     # Add a user-defined pattern to the cygpath arguments
145 |     if [ "$GRADLE_CYGPATTERN" != "" ] ; then
146 |         OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
147 |     fi
148 |     # Now convert the arguments - kludge to limit ourselves to /bin/sh
149 |     i=0
150 |     for arg in "$@" ; do
151 |         CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
152 |         CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
153 | 
154 |         if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
155 |             eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
156 |         else
157 |             eval `echo args$i`="\"$arg\""
158 |         fi
159 |         i=`expr $i + 1`
160 |     done
161 |     case $i in
162 |         0) set -- ;;
163 |         1) set -- "$args0" ;;
164 |         2) set -- "$args0" "$args1" ;;
165 |         3) set -- "$args0" "$args1" "$args2" ;;
166 |         4) set -- "$args0" "$args1" "$args2" "$args3" ;;
167 |         5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
168 |         6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
169 |         7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
170 |         8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
171 |         9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
172 |     esac
173 | fi
174 | 
175 | # Escape application args
176 | save () {
177 |     for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
178 |     echo " "
179 | }
180 | APP_ARGS=`save "$@"`
181 | 
182 | # Collect all arguments for the java command, following the shell quoting and substitution rules
183 | eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
184 | 
185 | exec "$JAVACMD" "$@"
186 | 


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/gradlew.bat:
--------------------------------------------------------------------------------
 1 | @rem
 2 | @rem Copyright 2015 the original author or authors.
 3 | @rem
 4 | @rem Licensed under the Apache License, Version 2.0 (the "License");
 5 | @rem you may not use this file except in compliance with the License.
 6 | @rem You may obtain a copy of the License at
 7 | @rem
 8 | @rem      https://www.apache.org/licenses/LICENSE-2.0
 9 | @rem
10 | @rem Unless required by applicable law or agreed to in writing, software
11 | @rem distributed under the License is distributed on an "AS IS" BASIS,
12 | @rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | @rem See the License for the specific language governing permissions and
14 | @rem limitations under the License.
15 | @rem
16 | 
17 | @if "%DEBUG%" == "" @echo off
18 | @rem ##########################################################################
19 | @rem
20 | @rem  Gradle startup script for Windows
21 | @rem
22 | @rem ##########################################################################
23 | 
24 | @rem Set local scope for the variables with windows NT shell
25 | if "%OS%"=="Windows_NT" setlocal
26 | 
27 | set DIRNAME=%~dp0
28 | if "%DIRNAME%" == "" set DIRNAME=.
29 | set APP_BASE_NAME=%~n0
30 | set APP_HOME=%DIRNAME%
31 | 
32 | @rem Resolve any "." and ".." in APP_HOME to make it shorter.
33 | for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
34 | 
35 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
36 | set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
37 | 
38 | @rem Find java.exe
39 | if defined JAVA_HOME goto findJavaFromJavaHome
40 | 
41 | set JAVA_EXE=java.exe
42 | %JAVA_EXE% -version >NUL 2>&1
43 | if "%ERRORLEVEL%" == "0" goto execute
44 | 
45 | echo.
46 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
47 | echo.
48 | echo Please set the JAVA_HOME variable in your environment to match the
49 | echo location of your Java installation.
50 | 
51 | goto fail
52 | 
53 | :findJavaFromJavaHome
54 | set JAVA_HOME=%JAVA_HOME:"=%
55 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe
56 | 
57 | if exist "%JAVA_EXE%" goto execute
58 | 
59 | echo.
60 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
61 | echo.
62 | echo Please set the JAVA_HOME variable in your environment to match the
63 | echo location of your Java installation.
64 | 
65 | goto fail
66 | 
67 | :execute
68 | @rem Setup the command line
69 | 
70 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
71 | 
72 | 
73 | @rem Execute Gradle
74 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
75 | 
76 | :end
77 | @rem End local scope for the variables with windows NT shell
78 | if "%ERRORLEVEL%"=="0" goto mainEnd
79 | 
80 | :fail
81 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
82 | rem the _cmd.exe /c_ return code!
83 | if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
84 | exit /b 1
85 | 
86 | :mainEnd
87 | if "%OS%"=="Windows_NT" endlocal
88 | 
89 | :omega
90 | 


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/app/settings.gradle.kts:
--------------------------------------------------------------------------------
 1 | pluginManagement {
 2 |     repositories {
 3 |         google {
 4 |             content {
 5 |                 includeGroupByRegex("com\\.android.*")
 6 |                 includeGroupByRegex("com\\.google.*")
 7 |                 includeGroupByRegex("androidx.*")
 8 |             }
 9 |         }
10 |         mavenCentral()
11 |         gradlePluginPortal()
12 |     }
13 | }
14 | dependencyResolutionManagement {
15 |     repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
16 |     repositories {
17 |         google()
18 |         mavenCentral()
19 |     }
20 | }
21 | 
22 | rootProject.name = "frida-analykit-ssl-log-secret"
23 | include(":app")
24 |  


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/001-wireshark中配置sslkey_log文件的位置.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/001-wireshark中配置sslkey_log文件的位置.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/002-wireshark中的client_random位置.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/002-wireshark中的client_random位置.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/003-测试样本app功能说明.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/003-测试样本app功能说明.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/004-wireshark选择捕获热点网卡的流量.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/004-wireshark选择捕获热点网卡的流量.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/005-wireshark抓包解密后的http协议流量.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/005-wireshark抓包解密后的http协议流量.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/006-发起请求.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/006-发起请求.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/007-frida-analykit注入控制台输出.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/007-frida-analykit注入控制台输出.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/008-wireshark抓包开启了ssl-pinning的流量.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/008-wireshark抓包开启了ssl-pinning的流量.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/009-charles中间人代理抓包开启了ssl-pinning的客户端.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/009-charles中间人代理抓包开启了ssl-pinning的客户端.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/docs/010-中间人代理抓包开启了ssl-pinning的客户端.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/002_frida-analykit-ssl-log-secret/docs/010-中间人代理抓包开启了ssl-pinning的客户端.png


--------------------------------------------------------------------------------
/002_frida-analykit-ssl-log-secret/index.ts:
--------------------------------------------------------------------------------
 1 | import './frida-analykit/script/rpc.js'
 2 | 
 3 | import { SSLTools } from './frida-analykit/script/net/ssl.js'
 4 | import { help } from './frida-analykit/script/helper.js'
 5 | 
 6 | 
 7 | setImmediate(() => {
 8 |     SSLTools.attachLogSecret()
 9 |     help.$error(`[SSLTools.attachLogSecret] ok`)
10 | })


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/.gitignore:
--------------------------------------------------------------------------------
 1 | __pycache__
 2 | /frida-analykit
 3 | /data
 4 | /logs
 5 | /node_modules
 6 | /_agent.js
 7 | /config.yml
 8 | /package*.json
 9 | /ptpython_*.sh
10 | /tsconfig.json
11 | .DS_Store


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/.gitignore:
--------------------------------------------------------------------------------
 1 | *.iml
 2 | .gradle
 3 | /local.properties
 4 | /.idea/
 5 | /.idea/assetWizardSettings.xml
 6 | .DS_Store
 7 | /build
 8 | /captures
 9 | .externalNativeBuild
10 | .cxx
11 | local.properties
12 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/.gitignore:
--------------------------------------------------------------------------------
1 | /build


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/build.gradle.kts:
--------------------------------------------------------------------------------
 1 | plugins {
 2 |     alias(libs.plugins.android.application)
 3 |     alias(libs.plugins.kotlin.android)
 4 |     alias(libs.plugins.kotlin.compose)
 5 | }
 6 | 
 7 | android {
 8 |     namespace = "com.frida_analykit.static_linked_boringssl"
 9 |     compileSdk = 35
10 | 
11 |     defaultConfig {
12 |         applicationId = "com.frida_analykit.static_linked_boringssl"
13 |         minSdk = 26
14 |         targetSdk = 35
15 |         versionCode = 1
16 |         versionName = "1.0"
17 | 
18 |         testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
19 |     }
20 | 
21 |     buildTypes {
22 |         release {
23 |             isMinifyEnabled = false
24 |             proguardFiles(
25 |                 getDefaultProguardFile("proguard-android-optimize.txt"),
26 |                 "proguard-rules.pro"
27 |             )
28 |         }
29 | 
30 |     }
31 |     compileOptions {
32 |         sourceCompatibility = JavaVersion.VERSION_11
33 |         targetCompatibility = JavaVersion.VERSION_11
34 |     }
35 |     kotlinOptions {
36 |         jvmTarget = "11"
37 |     }
38 |     buildFeatures {
39 |         compose = true
40 |     }
41 | }
42 | 
43 | dependencies {
44 | 
45 |     implementation(libs.androidx.core.ktx)
46 |     implementation(libs.androidx.lifecycle.runtime.ktx)
47 |     implementation(libs.androidx.activity.compose)
48 |     implementation(platform(libs.androidx.compose.bom))
49 |     implementation(libs.androidx.ui)
50 |     implementation(libs.androidx.ui.graphics)
51 |     implementation(libs.androidx.ui.tooling.preview)
52 |     implementation(libs.androidx.material3)
53 |     implementation(libs.okhttp)
54 | 
55 |     testImplementation(libs.junit)
56 |     androidTestImplementation(libs.androidx.junit)
57 |     androidTestImplementation(libs.androidx.espresso.core)
58 |     androidTestImplementation(platform(libs.androidx.compose.bom))
59 |     androidTestImplementation(libs.androidx.ui.test.junit4)
60 |     debugImplementation(libs.androidx.ui.tooling)
61 |     debugImplementation(libs.androidx.ui.test.manifest)
62 | 
63 |     implementation(project(":flutter"))
64 | }


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/proguard-rules.pro:
--------------------------------------------------------------------------------
 1 | # Add project specific ProGuard rules here.
 2 | # You can control the set of applied configuration files using the
 3 | # proguardFiles setting in build.gradle.
 4 | #
 5 | # For more details, see
 6 | #   http://developer.android.com/guide/developing/tools/proguard.html
 7 | 
 8 | # If your project uses WebView with JS, uncomment the following
 9 | # and specify the fully qualified class name to the JavaScript interface
10 | # class:
11 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
12 | #   public *;
13 | #}
14 | 
15 | # Uncomment this to preserve the line number information for
16 | # debugging stack traces.
17 | #-keepattributes SourceFile,LineNumberTable
18 | 
19 | # If you keep the line number information, uncomment this to
20 | # hide the original source file name.
21 | #-renamesourcefileattribute SourceFile


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/release/baselineProfiles/0/app-release.dm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/release/baselineProfiles/0/app-release.dm


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/release/baselineProfiles/1/app-release.dm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/release/baselineProfiles/1/app-release.dm


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/release/output-metadata.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "version": 3,
 3 |   "artifactType": {
 4 |     "type": "APK",
 5 |     "kind": "Directory"
 6 |   },
 7 |   "applicationId": "com.frida_analykit.static_linked_boringssl",
 8 |   "variantName": "release",
 9 |   "elements": [
10 |     {
11 |       "type": "SINGLE",
12 |       "filters": [],
13 |       "attributes": [],
14 |       "versionCode": 1,
15 |       "versionName": "1.0",
16 |       "outputFile": "app-release.apk"
17 |     }
18 |   ],
19 |   "elementType": "File",
20 |   "baselineProfiles": [
21 |     {
22 |       "minApi": 28,
23 |       "maxApi": 30,
24 |       "baselineProfiles": [
25 |         "baselineProfiles/1/app-release.dm"
26 |       ]
27 |     },
28 |     {
29 |       "minApi": 31,
30 |       "maxApi": 2147483647,
31 |       "baselineProfiles": [
32 |         "baselineProfiles/0/app-release.dm"
33 |       ]
34 |     }
35 |   ],
36 |   "minSdkVersionForDexing": 26
37 | }


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/androidTest/java/com/frida_analykit/static_linked_boringssl/ExampleInstrumentedTest.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.static_linked_boringssl
 2 | 
 3 | import androidx.test.platform.app.InstrumentationRegistry
 4 | import androidx.test.ext.junit.runners.AndroidJUnit4
 5 | 
 6 | import org.junit.Test
 7 | import org.junit.runner.RunWith
 8 | 
 9 | import org.junit.Assert.*
10 | 
11 | /**
12 |  * Instrumented test, which will execute on an Android device.
13 |  *
14 |  * See [testing documentation](http://d.android.com/tools/testing).
15 |  */
16 | @RunWith(AndroidJUnit4::class)
17 | class ExampleInstrumentedTest {
18 |     @Test
19 |     fun useAppContext() {
20 |         // Context of the app under test.
21 |         val appContext = InstrumentationRegistry.getInstrumentation().targetContext
22 |         assertEquals("com.frida_analykit.static_linked_boringssl", appContext.packageName)
23 |     }
24 | }


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 3 |     xmlns:tools="http://schemas.android.com/tools" >
 4 |     <uses-permission android:name="android.permission.INTERNET" />
 5 | 
 6 |     <application
 7 |         android:allowBackup="true"
 8 |         android:dataExtractionRules="@xml/data_extraction_rules"
 9 |         android:fullBackupContent="@xml/backup_rules"
10 |         android:icon="@mipmap/ic_launcher"
11 |         android:label="@string/app_name"
12 |         android:roundIcon="@mipmap/ic_launcher_round"
13 |         android:supportsRtl="true"
14 |         android:theme="@style/Theme.Fridaanalykitssllogsecret"
15 |         tools:targetApi="31" >
16 |         <activity
17 |             android:name=".MainActivity"
18 |             android:exported="true"
19 |             android:label="@string/app_name"
20 |             android:theme="@style/Theme.Fridaanalykitssllogsecret" >
21 |             <intent-filter>
22 |                 <action android:name="android.intent.action.MAIN" />
23 | 
24 |                 <category android:name="android.intent.category.LAUNCHER" />
25 |             </intent-filter>
26 |         </activity>
27 |         <activity
28 |             android:name=".WebViewActivity"
29 |             android:exported="true"/>
30 |     </application>
31 | 
32 | </manifest>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/java/com/frida_analykit/static_linked_boringssl/MainActivity.kt:
--------------------------------------------------------------------------------
  1 | package com.frida_analykit.static_linked_boringssl
  2 | 
  3 | import android.annotation.SuppressLint
  4 | import android.content.Intent
  5 | import android.net.Uri
  6 | import android.os.Bundle
  7 | import android.util.Base64
  8 | import android.util.Log
  9 | import android.webkit.WebChromeClient
 10 | import android.webkit.WebResourceRequest
 11 | import android.webkit.WebSettings
 12 | import android.webkit.WebView
 13 | import android.webkit.WebViewClient
 14 | import android.widget.Toast
 15 | import androidx.activity.ComponentActivity
 16 | import androidx.activity.compose.setContent
 17 | import androidx.activity.enableEdgeToEdge
 18 | import androidx.compose.foundation.background
 19 | import androidx.compose.foundation.clickable
 20 | import androidx.compose.foundation.layout.*
 21 | import androidx.compose.material3.Button
 22 | import androidx.compose.material3.HorizontalDivider
 23 | import androidx.compose.material3.OutlinedTextField
 24 | import androidx.compose.material3.Switch
 25 | import androidx.compose.material3.SwitchDefaults
 26 | import androidx.compose.material3.Surface
 27 | import androidx.compose.material3.Text
 28 | import androidx.compose.material3.MaterialTheme
 29 | import androidx.compose.runtime.*
 30 | import androidx.compose.ui.Alignment
 31 | import androidx.compose.ui.Modifier
 32 | import androidx.compose.ui.graphics.Color
 33 | import androidx.compose.ui.unit.dp
 34 | import com.frida_analykit.static_linked_boringssl.ui.theme.FridaanalykitstaticlinkedboringsslTheme
 35 | import kotlinx.coroutines.Dispatchers
 36 | import kotlinx.coroutines.launch
 37 | import kotlinx.coroutines.withContext
 38 | import okhttp3.CertificatePinner
 39 | import okhttp3.OkHttpClient
 40 | import okhttp3.Request
 41 | import java.net.Proxy
 42 | import java.net.URL
 43 | import java.security.MessageDigest
 44 | import java.security.cert.X509Certificate
 45 | import javax.net.ssl.HttpsURLConnection
 46 | import androidx.compose.foundation.verticalScroll
 47 | import androidx.compose.foundation.rememberScrollState
 48 | import androidx.compose.material3.FloatingActionButton
 49 | import androidx.compose.material3.LinearProgressIndicator
 50 | import androidx.compose.ui.platform.LocalContext
 51 | import androidx.compose.ui.platform.LocalUriHandler
 52 | import androidx.compose.ui.text.TextStyle
 53 | import androidx.compose.ui.text.font.FontWeight
 54 | import androidx.compose.ui.text.style.TextAlign
 55 | import androidx.compose.ui.text.style.TextDecoration
 56 | import androidx.compose.ui.text.style.TextOverflow
 57 | import androidx.compose.ui.unit.Dp
 58 | import androidx.compose.ui.unit.TextUnit
 59 | import androidx.compose.ui.unit.sp
 60 | import androidx.compose.ui.viewinterop.AndroidView
 61 | import io.flutter.embedding.engine.FlutterEngine
 62 | import io.flutter.embedding.engine.FlutterEngineCache
 63 | import io.flutter.embedding.engine.dart.DartExecutor
 64 | import io.flutter.plugin.common.MethodChannel
 65 | import java.time.LocalDateTime
 66 | import java.time.format.DateTimeFormatter
 67 | 
 68 | const val GITHUB_URL = "https://github.com/zsa233/android-reverse-examples"
 69 | const val APP_TITLE = "003_frida-analykit-static-linked-boringssl"
 70 | var globalOkHttpClient: OkHttpClient = OkHttpClient.Builder().build()
 71 | 
 72 | 
 73 | class MainActivity : ComponentActivity() {
 74 |     private lateinit var methodChannel: MethodChannel
 75 | 
 76 |     override fun onCreate(savedInstanceState: Bundle?) {
 77 |         super.onCreate(savedInstanceState)
 78 | 
 79 |         val flutterEngine = FlutterEngine(this)
 80 |         flutterEngine.dartExecutor.executeDartEntrypoint(
 81 |             DartExecutor.DartEntrypoint.createDefault()
 82 |         )
 83 |         FlutterEngineCache.getInstance().put("my_engine", flutterEngine)
 84 | 
 85 |         methodChannel = MethodChannel(
 86 |             flutterEngine.dartExecutor.binaryMessenger,
 87 |             "com.frida_analykit.static_linked_boringssl-demo"
 88 |         )
 89 | 
 90 |         enableEdgeToEdge()
 91 |         setContent {
 92 | 
 93 | 
 94 |             FridaanalykitstaticlinkedboringsslTheme {
 95 |                 Surface(modifier = Modifier.fillMaxSize(), color = MaterialTheme.colorScheme.background) {
 96 |                     CertificatePinningScreen(
 97 |                         onOpenWebView    = { url -> startActivity(WebViewActivity.createIntent(this, url)) },
 98 |                         methodChannel    = methodChannel
 99 |                     )
100 |                 }
101 |             }
102 |         }
103 |     }
104 | }
105 | 
106 | @Composable
107 | fun CertificatePinningScreen(
108 |     onOpenWebView: (String) -> Unit,
109 |     methodChannel: MethodChannel,
110 | ) {
111 |     val coroutineScope = rememberCoroutineScope()
112 | 
113 |     var urlInput by remember { mutableStateOf("https://www.qq.com/") }
114 |     val resultTextScrollState = rememberScrollState()
115 |     var useFlutter by remember { mutableStateOf(true) }
116 |     var requestResult by remember { mutableStateOf("") }
117 | 
118 | 
119 |     Box(
120 |         modifier = Modifier
121 |             .fillMaxSize()
122 |             .padding(WindowInsets.statusBars.asPaddingValues())
123 |             .padding(horizontal = 6.dp)) {
124 | 
125 |         Column(
126 |             modifier = Modifier.fillMaxSize(),
127 |             verticalArrangement = Arrangement.spacedBy(16.dp)
128 |         ) {
129 |             AppProjectTitle(APP_TITLE, GITHUB_URL)
130 | 
131 |             OutlinedTextField(
132 |                 value = urlInput,
133 |                 onValueChange = { urlInput = it },
134 |                 label = { Text("输入 HTTPS URL") },
135 |                 modifier = Modifier.fillMaxWidth()
136 |             )
137 | 
138 |             Row(
139 |                 modifier = Modifier.fillMaxWidth(),
140 |                 horizontalArrangement = Arrangement.spacedBy(8.dp),
141 |                 verticalAlignment = Alignment.CenterVertically
142 |             ) {
143 |                 Button(onClick = {
144 |                     coroutineScope.launch {
145 |                         if (urlInput.isNotBlank()) {
146 |                             onOpenWebView(urlInput)
147 |                         }
148 |                     }
149 |                 }) {
150 |                     Text(text = "WebView打开")
151 |                 }
152 |                 Button(onClick = {
153 |                     coroutineScope.launch {
154 |                         if (useFlutter) {
155 |                             val currentTime = LocalDateTime.now().format(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"))
156 |                             methodChannel.invokeMethod(
157 |                                 "performRequest", mapOf("url" to urlInput),
158 |                                 object : MethodChannel.Result {
159 |                                     override fun success(result: Any?) {
160 |                                         requestResult = "<${currentTime}>\n${result as? String ?: "Dart 返回非字符串"}"
161 |                                     }
162 |                                     override fun error(code: String, msg: String?, details: Any?) {
163 |                                         requestResult = "<${currentTime}>\nError: $msg"
164 |                                     }
165 |                                     override fun notImplemented() {
166 |                                         requestResult = "Method not implemented."
167 |                                     }
168 |                                 }
169 |                             )
170 |                         } else {
171 |                             coroutineScope.launch(Dispatchers.IO) {
172 |                                 val res = performRequestUsingOkHttp(urlInput)
173 |                                 requestResult = res
174 |                             }
175 |                         }
176 |                     }
177 |                 }) {
178 |                     Text(text = "发起请求")
179 |                 }
180 |                 Row(verticalAlignment = Alignment.CenterVertically) {
181 |                     Text("Flutter")
182 |                     Switch(checked = useFlutter, onCheckedChange = { useFlutter = it })
183 |                 }
184 |             }
185 | 
186 | 
187 |             HorizontalDivider()
188 | 
189 |             Box(
190 |                 modifier = Modifier
191 |                     .fillMaxWidth()
192 |                     .verticalScroll(resultTextScrollState)
193 |             ) {
194 |                 Text(text = "请求结果：$requestResult")
195 |             }
196 | 
197 | 
198 |         }
199 |     }
200 | }
201 | 
202 | 
203 | @Composable
204 | fun AppProjectTitle(
205 |     title: String,
206 |     githubUrl: String,
207 |     fontSize: TextUnit = 18.sp,
208 |     paddingVertical: Dp = 16.dp
209 | ) {
210 |     val uriHandler = LocalUriHandler.current
211 | 
212 | 
213 |     Box(
214 |         modifier = Modifier
215 |             .fillMaxWidth()
216 |             .background(MaterialTheme.colorScheme.primaryContainer)
217 |             .padding(horizontal = 16.dp, vertical = paddingVertical)
218 |     ) {
219 |         Column(
220 |             modifier = Modifier.fillMaxWidth()
221 |         ) {
222 |             Text(
223 |                 text = title,
224 |                 modifier = Modifier.align(Alignment.CenterHorizontally),
225 |                 style = TextStyle(
226 |                     fontSize = fontSize,
227 |                     fontWeight = FontWeight.Bold,
228 |                     color = MaterialTheme.colorScheme.onPrimaryContainer,
229 |                     textAlign = TextAlign.Center
230 |                 )
231 |             )
232 |             Text(
233 |                 text = "GitHub",
234 |                 modifier = Modifier
235 |                     .align(Alignment.End)
236 |                     .clickable { uriHandler.openUri(githubUrl) },
237 |                 style = TextStyle(
238 |                     color = MaterialTheme.colorScheme.primary,
239 |                     fontSize = 12.sp,
240 |                     textDecoration = TextDecoration.Underline,
241 |                     fontWeight = FontWeight.Medium
242 |                 )
243 |             )
244 |         }
245 |     }
246 | }
247 | 
248 | 
249 | suspend fun performRequestUsingOkHttp(urlString: String): String = withContext(Dispatchers.IO) {
250 |     val userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) " +
251 |             "AppleWebKit/537.36 (KHTML, like Gecko) " +
252 |             "Chrome/122.0.0.0 Safari/537.36"
253 | 
254 |     val currentTime = LocalDateTime.now().format(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"))
255 |     val request = Request.Builder()
256 |         .url(urlString)
257 |         .header("User-Agent", userAgent)
258 |         .header("X", "okhttp")
259 |         .build()
260 |     val response = globalOkHttpClient.newCall(request).execute()
261 |     val result = response.body?.string()
262 |     if (response.isSuccessful) {
263 |         "<$currentTime>\nOK - code[${response.code}]: ${(result?.length)} bytes"
264 |     } else {
265 |         "<$currentTime>\nERROR - code[${response.code}]: ${result?.length} bytes"
266 |     }
267 | }
268 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/java/com/frida_analykit/static_linked_boringssl/WebViewActivity.kt:
--------------------------------------------------------------------------------
  1 | package com.frida_analykit.static_linked_boringssl
  2 | 
  3 | import android.annotation.SuppressLint
  4 | import android.content.Context
  5 | import android.content.Intent
  6 | import android.net.Uri
  7 | import android.os.Bundle
  8 | import android.util.Log
  9 | import android.view.GestureDetector
 10 | import android.view.MotionEvent
 11 | import android.webkit.*
 12 | import android.widget.Toast
 13 | import androidx.activity.ComponentActivity
 14 | import androidx.activity.addCallback
 15 | import androidx.activity.compose.setContent
 16 | import androidx.compose.foundation.background
 17 | import androidx.compose.foundation.clickable
 18 | import androidx.compose.foundation.layout.*
 19 | import androidx.compose.material3.LinearProgressIndicator
 20 | import androidx.compose.material3.Text
 21 | import androidx.compose.runtime.*
 22 | import androidx.compose.ui.Alignment
 23 | import androidx.compose.ui.Modifier
 24 | import androidx.compose.ui.graphics.Color
 25 | import androidx.compose.ui.platform.LocalContext
 26 | import androidx.compose.ui.platform.LocalDensity
 27 | import androidx.compose.ui.unit.dp
 28 | import androidx.compose.ui.viewinterop.AndroidView
 29 | import kotlin.math.abs
 30 | 
 31 | private const val EXTRA_URL = "extra_url"
 32 | 
 33 | 
 34 | class WebViewActivity : ComponentActivity() {
 35 |     private lateinit var webView: WebView
 36 | 
 37 |     companion object {
 38 |         fun createIntent(context: Context, url: String): Intent {
 39 |             return Intent(context, WebViewActivity::class.java).apply {
 40 |                 putExtra(EXTRA_URL, url)
 41 |             }
 42 |         }
 43 |     }
 44 | 
 45 |     override fun onCreate(savedInstanceState: Bundle?) {
 46 |         super.onCreate(savedInstanceState)
 47 | 
 48 |         val url = intent.getStringExtra(EXTRA_URL) ?: run {
 49 |             finish()
 50 |             return
 51 |         }
 52 | 
 53 |         webView = WebView(this)
 54 |         setContent {
 55 |             Box(modifier = Modifier.fillMaxSize()) {
 56 |                 WebViewScreen(
 57 |                     webView = webView,
 58 |                     url = url,
 59 |                     onBack = { finish() }
 60 |                 )
 61 |             }
 62 |         }
 63 | 
 64 |         onBackPressedDispatcher.addCallback(this) {
 65 |             if (::webView.isInitialized && webView.canGoBack()) {
 66 |                 webView.goBack()
 67 |             } else {
 68 |                 finish()
 69 |             }
 70 |         }
 71 | 
 72 |     }
 73 | }
 74 | 
 75 | @SuppressLint("SetJavaScriptEnabled")
 76 | @Composable
 77 | fun WebViewScreen(webView: WebView, url: String, onBack: () -> Unit) {
 78 |     val context = LocalContext.current
 79 |     var progress by remember { mutableStateOf(0) }
 80 |     var title by remember { mutableStateOf("") }
 81 | 
 82 |     DisposableEffect(Unit) {
 83 |         onDispose { webView.destroy() }
 84 |     }
 85 | 
 86 |     Column(modifier = Modifier.fillMaxSize()) {
 87 |         // 顶部导航栏
 88 |         Row(
 89 |             modifier = Modifier
 90 |                 .fillMaxWidth()
 91 |                 .background(Color.LightGray)
 92 |                 .padding(8.dp),
 93 |             verticalAlignment = Alignment.CenterVertically
 94 |         ) {
 95 |             Text(
 96 |                 text = "✕",
 97 |                 modifier = Modifier
 98 |                     .clickable { onBack() }
 99 |                     .padding(8.dp)
100 |             )
101 |             Spacer(modifier = Modifier.width(8.dp))
102 |             Text(text = title, maxLines = 1, modifier = Modifier.weight(1f))
103 |         }
104 | 
105 |         // 进度条
106 |         if (progress in 1..99) {
107 |             LinearProgressIndicator(
108 |                 progress = { progress / 100f },
109 |                 modifier = Modifier.fillMaxWidth(),
110 |             )
111 |         }
112 | 
113 |         // WebView
114 |         AndroidView(factory = {
115 |             webView.apply {
116 |                 settings.javaScriptEnabled = true
117 |                 settings.domStorageEnabled = true
118 |                 settings.mixedContentMode = WebSettings.MIXED_CONTENT_ALWAYS_ALLOW
119 |                 WebView.setWebContentsDebuggingEnabled(true)
120 | 
121 |                 webChromeClient = object : WebChromeClient() {
122 |                     override fun onProgressChanged(view: WebView?, newProgress: Int) {
123 |                         progress = newProgress
124 |                     }
125 |                     override fun onReceivedTitle(view: WebView?, t: String?) {
126 |                         title = t ?: ""
127 |                     }
128 |                 }
129 |                 webViewClient = object : WebViewClient() {
130 |                     override fun shouldOverrideUrlLoading(
131 |                         view: WebView, request: WebResourceRequest
132 |                     ): Boolean {
133 |                         val reqUrl = request.url.toString()
134 |                         return if (reqUrl.startsWith("http")) {
135 |                             false
136 |                         } else {
137 |                             try {
138 |                                 context.startActivity(Intent(Intent.ACTION_VIEW, Uri.parse(reqUrl)))
139 |                             } catch (e: Exception) {
140 |                                 Toast.makeText(context, "无法打开链接: $reqUrl", Toast.LENGTH_SHORT).show()
141 |                             }
142 |                             true
143 |                         }
144 |                     }
145 |                 }
146 | 
147 |                 loadUrl(url)
148 |             }
149 |         }, modifier = Modifier.fillMaxSize())
150 |     }
151 | }


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/java/com/frida_analykit/static_linked_boringssl/ui/theme/Color.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.static_linked_boringssl.ui.theme
 2 | 
 3 | import androidx.compose.ui.graphics.Color
 4 | 
 5 | val Purple80 = Color(0xFFD0BCFF)
 6 | val PurpleGrey80 = Color(0xFFCCC2DC)
 7 | val Pink80 = Color(0xFFEFB8C8)
 8 | 
 9 | val Purple40 = Color(0xFF6650a4)
10 | val PurpleGrey40 = Color(0xFF625b71)
11 | val Pink40 = Color(0xFF7D5260)


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/java/com/frida_analykit/static_linked_boringssl/ui/theme/Theme.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.static_linked_boringssl.ui.theme
 2 | 
 3 | import android.os.Build
 4 | import androidx.compose.foundation.isSystemInDarkTheme
 5 | import androidx.compose.material3.MaterialTheme
 6 | import androidx.compose.material3.darkColorScheme
 7 | import androidx.compose.material3.dynamicDarkColorScheme
 8 | import androidx.compose.material3.dynamicLightColorScheme
 9 | import androidx.compose.material3.lightColorScheme
10 | import androidx.compose.runtime.Composable
11 | import androidx.compose.ui.platform.LocalContext
12 | 
13 | private val DarkColorScheme = darkColorScheme(
14 |     primary = Purple80,
15 |     secondary = PurpleGrey80,
16 |     tertiary = Pink80
17 | )
18 | 
19 | private val LightColorScheme = lightColorScheme(
20 |     primary = Purple40,
21 |     secondary = PurpleGrey40,
22 |     tertiary = Pink40
23 | 
24 |     /* Other default colors to override
25 |     background = Color(0xFFFFFBFE),
26 |     surface = Color(0xFFFFFBFE),
27 |     onPrimary = Color.White,
28 |     onSecondary = Color.White,
29 |     onTertiary = Color.White,
30 |     onBackground = Color(0xFF1C1B1F),
31 |     onSurface = Color(0xFF1C1B1F),
32 |     */
33 | )
34 | 
35 | @Composable
36 | fun FridaanalykitstaticlinkedboringsslTheme(
37 |     darkTheme: Boolean = isSystemInDarkTheme(),
38 |     // Dynamic color is available on Android 12+
39 |     dynamicColor: Boolean = true,
40 |     content: @Composable () -> Unit
41 | ) {
42 |     val colorScheme = when {
43 |       dynamicColor && Build.VERSION.SDK_INT >= Build.VERSION_CODES.S -> {
44 |         val context = LocalContext.current
45 |         if (darkTheme) dynamicDarkColorScheme(context) else dynamicLightColorScheme(context)
46 |       }
47 |       darkTheme -> DarkColorScheme
48 |       else -> LightColorScheme
49 |     }
50 | 
51 |     MaterialTheme(
52 |       colorScheme = colorScheme,
53 |       typography = Typography,
54 |       content = content
55 |     )
56 | }


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/java/com/frida_analykit/static_linked_boringssl/ui/theme/Type.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.static_linked_boringssl.ui.theme
 2 | 
 3 | import androidx.compose.material3.Typography
 4 | import androidx.compose.ui.text.TextStyle
 5 | import androidx.compose.ui.text.font.FontFamily
 6 | import androidx.compose.ui.text.font.FontWeight
 7 | import androidx.compose.ui.unit.sp
 8 | 
 9 | // Set of Material typography styles to start with
10 | val Typography = Typography(
11 |     bodyLarge = TextStyle(
12 |         fontFamily = FontFamily.Default,
13 |         fontWeight = FontWeight.Normal,
14 |         fontSize = 16.sp,
15 |         lineHeight = 24.sp,
16 |         letterSpacing = 0.5.sp
17 |     )
18 |     /* Other default text styles to override
19 |     titleLarge = TextStyle(
20 |         fontFamily = FontFamily.Default,
21 |         fontWeight = FontWeight.Normal,
22 |         fontSize = 22.sp,
23 |         lineHeight = 28.sp,
24 |         letterSpacing = 0.sp
25 |     ),
26 |     labelSmall = TextStyle(
27 |         fontFamily = FontFamily.Default,
28 |         fontWeight = FontWeight.Medium,
29 |         fontSize = 11.sp,
30 |         lineHeight = 16.sp,
31 |         letterSpacing = 0.5.sp
32 |     )
33 |     */
34 | )


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/drawable/ic_launcher_background.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
  3 |     android:width="108dp"
  4 |     android:height="108dp"
  5 |     android:viewportWidth="108"
  6 |     android:viewportHeight="108">
  7 |     <path
  8 |         android:fillColor="#3DDC84"
  9 |         android:pathData="M0,0h108v108h-108z" />
 10 |     <path
 11 |         android:fillColor="#00000000"
 12 |         android:pathData="M9,0L9,108"
 13 |         android:strokeWidth="0.8"
 14 |         android:strokeColor="#33FFFFFF" />
 15 |     <path
 16 |         android:fillColor="#00000000"
 17 |         android:pathData="M19,0L19,108"
 18 |         android:strokeWidth="0.8"
 19 |         android:strokeColor="#33FFFFFF" />
 20 |     <path
 21 |         android:fillColor="#00000000"
 22 |         android:pathData="M29,0L29,108"
 23 |         android:strokeWidth="0.8"
 24 |         android:strokeColor="#33FFFFFF" />
 25 |     <path
 26 |         android:fillColor="#00000000"
 27 |         android:pathData="M39,0L39,108"
 28 |         android:strokeWidth="0.8"
 29 |         android:strokeColor="#33FFFFFF" />
 30 |     <path
 31 |         android:fillColor="#00000000"
 32 |         android:pathData="M49,0L49,108"
 33 |         android:strokeWidth="0.8"
 34 |         android:strokeColor="#33FFFFFF" />
 35 |     <path
 36 |         android:fillColor="#00000000"
 37 |         android:pathData="M59,0L59,108"
 38 |         android:strokeWidth="0.8"
 39 |         android:strokeColor="#33FFFFFF" />
 40 |     <path
 41 |         android:fillColor="#00000000"
 42 |         android:pathData="M69,0L69,108"
 43 |         android:strokeWidth="0.8"
 44 |         android:strokeColor="#33FFFFFF" />
 45 |     <path
 46 |         android:fillColor="#00000000"
 47 |         android:pathData="M79,0L79,108"
 48 |         android:strokeWidth="0.8"
 49 |         android:strokeColor="#33FFFFFF" />
 50 |     <path
 51 |         android:fillColor="#00000000"
 52 |         android:pathData="M89,0L89,108"
 53 |         android:strokeWidth="0.8"
 54 |         android:strokeColor="#33FFFFFF" />
 55 |     <path
 56 |         android:fillColor="#00000000"
 57 |         android:pathData="M99,0L99,108"
 58 |         android:strokeWidth="0.8"
 59 |         android:strokeColor="#33FFFFFF" />
 60 |     <path
 61 |         android:fillColor="#00000000"
 62 |         android:pathData="M0,9L108,9"
 63 |         android:strokeWidth="0.8"
 64 |         android:strokeColor="#33FFFFFF" />
 65 |     <path
 66 |         android:fillColor="#00000000"
 67 |         android:pathData="M0,19L108,19"
 68 |         android:strokeWidth="0.8"
 69 |         android:strokeColor="#33FFFFFF" />
 70 |     <path
 71 |         android:fillColor="#00000000"
 72 |         android:pathData="M0,29L108,29"
 73 |         android:strokeWidth="0.8"
 74 |         android:strokeColor="#33FFFFFF" />
 75 |     <path
 76 |         android:fillColor="#00000000"
 77 |         android:pathData="M0,39L108,39"
 78 |         android:strokeWidth="0.8"
 79 |         android:strokeColor="#33FFFFFF" />
 80 |     <path
 81 |         android:fillColor="#00000000"
 82 |         android:pathData="M0,49L108,49"
 83 |         android:strokeWidth="0.8"
 84 |         android:strokeColor="#33FFFFFF" />
 85 |     <path
 86 |         android:fillColor="#00000000"
 87 |         android:pathData="M0,59L108,59"
 88 |         android:strokeWidth="0.8"
 89 |         android:strokeColor="#33FFFFFF" />
 90 |     <path
 91 |         android:fillColor="#00000000"
 92 |         android:pathData="M0,69L108,69"
 93 |         android:strokeWidth="0.8"
 94 |         android:strokeColor="#33FFFFFF" />
 95 |     <path
 96 |         android:fillColor="#00000000"
 97 |         android:pathData="M0,79L108,79"
 98 |         android:strokeWidth="0.8"
 99 |         android:strokeColor="#33FFFFFF" />
100 |     <path
101 |         android:fillColor="#00000000"
102 |         android:pathData="M0,89L108,89"
103 |         android:strokeWidth="0.8"
104 |         android:strokeColor="#33FFFFFF" />
105 |     <path
106 |         android:fillColor="#00000000"
107 |         android:pathData="M0,99L108,99"
108 |         android:strokeWidth="0.8"
109 |         android:strokeColor="#33FFFFFF" />
110 |     <path
111 |         android:fillColor="#00000000"
112 |         android:pathData="M19,29L89,29"
113 |         android:strokeWidth="0.8"
114 |         android:strokeColor="#33FFFFFF" />
115 |     <path
116 |         android:fillColor="#00000000"
117 |         android:pathData="M19,39L89,39"
118 |         android:strokeWidth="0.8"
119 |         android:strokeColor="#33FFFFFF" />
120 |     <path
121 |         android:fillColor="#00000000"
122 |         android:pathData="M19,49L89,49"
123 |         android:strokeWidth="0.8"
124 |         android:strokeColor="#33FFFFFF" />
125 |     <path
126 |         android:fillColor="#00000000"
127 |         android:pathData="M19,59L89,59"
128 |         android:strokeWidth="0.8"
129 |         android:strokeColor="#33FFFFFF" />
130 |     <path
131 |         android:fillColor="#00000000"
132 |         android:pathData="M19,69L89,69"
133 |         android:strokeWidth="0.8"
134 |         android:strokeColor="#33FFFFFF" />
135 |     <path
136 |         android:fillColor="#00000000"
137 |         android:pathData="M19,79L89,79"
138 |         android:strokeWidth="0.8"
139 |         android:strokeColor="#33FFFFFF" />
140 |     <path
141 |         android:fillColor="#00000000"
142 |         android:pathData="M29,19L29,89"
143 |         android:strokeWidth="0.8"
144 |         android:strokeColor="#33FFFFFF" />
145 |     <path
146 |         android:fillColor="#00000000"
147 |         android:pathData="M39,19L39,89"
148 |         android:strokeWidth="0.8"
149 |         android:strokeColor="#33FFFFFF" />
150 |     <path
151 |         android:fillColor="#00000000"
152 |         android:pathData="M49,19L49,89"
153 |         android:strokeWidth="0.8"
154 |         android:strokeColor="#33FFFFFF" />
155 |     <path
156 |         android:fillColor="#00000000"
157 |         android:pathData="M59,19L59,89"
158 |         android:strokeWidth="0.8"
159 |         android:strokeColor="#33FFFFFF" />
160 |     <path
161 |         android:fillColor="#00000000"
162 |         android:pathData="M69,19L69,89"
163 |         android:strokeWidth="0.8"
164 |         android:strokeColor="#33FFFFFF" />
165 |     <path
166 |         android:fillColor="#00000000"
167 |         android:pathData="M79,19L79,89"
168 |         android:strokeWidth="0.8"
169 |         android:strokeColor="#33FFFFFF" />
170 | </vector>
171 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/drawable/ic_launcher_foreground.xml:
--------------------------------------------------------------------------------
 1 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
 2 |     xmlns:aapt="http://schemas.android.com/aapt"
 3 |     android:width="108dp"
 4 |     android:height="108dp"
 5 |     android:viewportWidth="108"
 6 |     android:viewportHeight="108">
 7 |     <path android:pathData="M31,63.928c0,0 6.4,-11 12.1,-13.1c7.2,-2.6 26,-1.4 26,-1.4l38.1,38.1L107,108.928l-32,-1L31,63.928z">
 8 |         <aapt:attr name="android:fillColor">
 9 |             <gradient
10 |                 android:endX="85.84757"
11 |                 android:endY="92.4963"
12 |                 android:startX="42.9492"
13 |                 android:startY="49.59793"
14 |                 android:type="linear">
15 |                 <item
16 |                     android:color="#44000000"
17 |                     android:offset="0.0" />
18 |                 <item
19 |                     android:color="#00000000"
20 |                     android:offset="1.0" />
21 |             </gradient>
22 |         </aapt:attr>
23 |     </path>
24 |     <path
25 |         android:fillColor="#FFFFFF"
26 |         android:fillType="nonZero"
27 |         android:pathData="M65.3,45.828l3.8,-6.6c0.2,-0.4 0.1,-0.9 -0.3,-1.1c-0.4,-0.2 -0.9,-0.1 -1.1,0.3l-3.9,6.7c-6.3,-2.8 -13.4,-2.8 -19.7,0l-3.9,-6.7c-0.2,-0.4 -0.7,-0.5 -1.1,-0.3C38.8,38.328 38.7,38.828 38.9,39.228l3.8,6.6C36.2,49.428 31.7,56.028 31,63.928h46C76.3,56.028 71.8,49.428 65.3,45.828zM43.4,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2c-0.3,-0.7 -0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C45.3,56.528 44.5,57.328 43.4,57.328L43.4,57.328zM64.6,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2s-0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C66.5,56.528 65.6,57.328 64.6,57.328L64.6,57.328z"
28 |         android:strokeWidth="1"
29 |         android:strokeColor="#00000000" />
30 | </vector>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-anydpi-v26/ic_launcher.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background" />
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground" />
5 |     <monochrome android:drawable="@drawable/ic_launcher_foreground" />
6 | </adaptive-icon>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-anydpi-v26/ic_launcher_round.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background" />
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground" />
5 |     <monochrome android:drawable="@drawable/ic_launcher_foreground" />
6 | </adaptive-icon>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-hdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-hdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-hdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-hdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-mdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-mdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-mdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-mdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/values/colors.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <resources>
 3 |     <color name="purple_200">#FFBB86FC</color>
 4 |     <color name="purple_500">#FF6200EE</color>
 5 |     <color name="purple_700">#FF3700B3</color>
 6 |     <color name="teal_200">#FF03DAC5</color>
 7 |     <color name="teal_700">#FF018786</color>
 8 |     <color name="black">#FF000000</color>
 9 |     <color name="white">#FFFFFFFF</color>
10 | </resources>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/values/strings.xml:
--------------------------------------------------------------------------------
1 | <resources>
2 |     <string name="app_name">frida-analykit-static-linked-boringssl</string>
3 | </resources>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/values/themes.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <resources>
3 |     <style name="Theme.Fridaanalykitssllogsecret" parent="android:Theme.Material.Light.NoActionBar" />
4 | </resources>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/xml/backup_rules.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?><!--
 2 |    Sample backup rules file; uncomment and customize as necessary.
 3 |    See https://developer.android.com/guide/topics/data/autobackup
 4 |    for details.
 5 |    Note: This file is ignored for devices older that API 31
 6 |    See https://developer.android.com/about/versions/12/backup-restore
 7 | -->
 8 | <full-backup-content>
 9 |     <!--
10 |    <include domain="sharedpref" path="."/>
11 |    <exclude domain="sharedpref" path="device.xml"/>
12 | -->
13 | </full-backup-content>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/xml/data_extraction_rules.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?><!--
 2 |    Sample data extraction rules file; uncomment and customize as necessary.
 3 |    See https://developer.android.com/about/versions/12/backup-restore#xml-changes
 4 |    for details.
 5 | -->
 6 | <data-extraction-rules>
 7 |     <cloud-backup>
 8 |         <!-- TODO: Use <include> and <exclude> to control what is backed up.
 9 |         <include .../>
10 |         <exclude .../>
11 |         -->
12 |     </cloud-backup>
13 |     <!--
14 |     <device-transfer>
15 |         <include .../>
16 |         <exclude .../>
17 |     </device-transfer>
18 |     -->
19 | </data-extraction-rules>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/main/res/xml/network_security_config.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <network-security-config>
 3 |     <base-config>
 4 |         <trust-anchors>
 5 |             <certificates src="system"/>
 6 |         </trust-anchors>
 7 |     </base-config>
 8 |     <debug-overrides>
 9 |         <trust-anchors>
10 |             <certificates src="system"/>
11 |             <certificates src="user"/>
12 |         </trust-anchors>
13 |     </debug-overrides>
14 | </network-security-config>


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/app/src/test/java/com/frida_analykit/static_linked_boringssl/ExampleUnitTest.kt:
--------------------------------------------------------------------------------
 1 | package com.frida_analykit.static_linked_boringssl
 2 | 
 3 | import org.junit.Test
 4 | 
 5 | import org.junit.Assert.*
 6 | 
 7 | /**
 8 |  * Example local unit test, which will execute on the development machine (host).
 9 |  *
10 |  * See [testing documentation](http://d.android.com/tools/testing).
11 |  */
12 | class ExampleUnitTest {
13 |     @Test
14 |     fun addition_isCorrect() {
15 |         assertEquals(4, 2 + 2)
16 |     }
17 | }


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/build.gradle.kts:
--------------------------------------------------------------------------------
1 | // Top-level build file where you can add configuration options common to all sub-projects/modules.
2 | plugins {
3 |     alias(libs.plugins.android.application) apply false
4 |     alias(libs.plugins.kotlin.android) apply false
5 |     alias(libs.plugins.kotlin.compose) apply false
6 | }


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/flutter_module/.gitignore:
--------------------------------------------------------------------------------
 1 | .DS_Store
 2 | .dart_tool/
 3 | 
 4 | .pub/
 5 | 
 6 | .idea/
 7 | .vagrant/
 8 | .sconsign.dblite
 9 | .svn/
10 | 
11 | migrate_working_dir/
12 | 
13 | *.swp
14 | profile
15 | 
16 | DerivedData/
17 | 
18 | .generated/
19 | 
20 | *.pbxuser
21 | *.mode1v3
22 | *.mode2v3
23 | *.perspectivev3
24 | 
25 | !default.pbxuser
26 | !default.mode1v3
27 | !default.mode2v3
28 | !default.perspectivev3
29 | 
30 | xcuserdata
31 | 
32 | *.moved-aside
33 | 
34 | *.pyc
35 | *sync/
36 | Icon?
37 | .tags*
38 | 
39 | build/
40 | .android/
41 | .ios/
42 | .flutter-plugins
43 | .flutter-plugins-dependencies
44 | 
45 | # Symbolication related
46 | app.*.symbols
47 | 
48 | # Obfuscation related
49 | app.*.map.json
50 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/flutter_module/.metadata:
--------------------------------------------------------------------------------
 1 | # This file tracks properties of this Flutter project.
 2 | # Used by Flutter tool to assess capabilities and perform upgrades etc.
 3 | #
 4 | # This file should be version controlled and should not be manually edited.
 5 | 
 6 | version:
 7 |   revision: "ea121f8859e4b13e47a8f845e4586164519588bc"
 8 |   channel: "stable"
 9 | 
10 | project_type: module
11 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/flutter_module/README.md:
--------------------------------------------------------------------------------
 1 | # flutter_module
 2 | 
 3 | A new Flutter module project.
 4 | 
 5 | ## Getting Started
 6 | 
 7 | For help getting started with Flutter development, view the online
 8 | [documentation](https://flutter.dev/).
 9 | 
10 | For instructions integrating Flutter modules to your existing applications,
11 | see the [add-to-app documentation](https://flutter.dev/to/add-to-app).
12 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/flutter_module/analysis_options.yaml:
--------------------------------------------------------------------------------
1 | include: package:flutter_lints/flutter.yaml
2 | 
3 | # Additional information about this file can be found at
4 | # https://dart.dev/guides/language/analysis-options
5 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/flutter_module/lib/main.dart:
--------------------------------------------------------------------------------
 1 | import 'package:flutter/material.dart';
 2 | import 'package:http/http.dart' as http;
 3 | import 'package:flutter/services.dart';
 4 | 
 5 | const _chan = MethodChannel('com.frida_analykit.static_linked_boringssl-demo');
 6 | 
 7 | void main() {
 8 |   WidgetsFlutterBinding.ensureInitialized();
 9 | 
10 |   _chan.setMethodCallHandler((call) async {
11 |     if (call.method == 'performRequest') {
12 |       final args = Map<String, dynamic>.from(call.arguments);
13 |       final url = args['url'] as String;
14 |       final userAgent = args['userAgent'] as String? ??
15 |           "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Safari/605.1.15";
16 |       try {
17 |         final resp = await http.get(
18 |             Uri.parse(url),
19 |           headers: {
20 |               'User-Agent': userAgent,
21 |               'X': "Dart",
22 |           }
23 |         );
24 |         return '[Dart] OK - code[${resp.statusCode}]: ${resp.body.length} bytes';
25 |       } catch (e) {
26 |         return '[Dart] ERROR - $e';
27 |       }
28 |     }
29 |     throw PlatformException(
30 |       code: 'Unimplemented',
31 |       message: 'Method ${call.method} not implemented',
32 |     );
33 |   });
34 | 
35 |   runApp(const MyApp());
36 | }
37 | 
38 | class MyApp extends StatelessWidget {
39 |   const MyApp({super.key});
40 |   @override
41 |   Widget build(BuildContext context) {
42 |     return const SizedBox.shrink();
43 |   }
44 | }


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/flutter_module/pubspec.lock:
--------------------------------------------------------------------------------
  1 | # Generated by pub
  2 | # See https://dart.dev/tools/pub/glossary#lockfile
  3 | packages:
  4 |   async:
  5 |     dependency: transitive
  6 |     description:
  7 |       name: async
  8 |       sha256: d2872f9c19731c2e5f10444b14686eb7cc85c76274bd6c16e1816bff9a3bab63
  9 |       url: "https://pub.dev"
 10 |     source: hosted
 11 |     version: "2.12.0"
 12 |   boolean_selector:
 13 |     dependency: transitive
 14 |     description:
 15 |       name: boolean_selector
 16 |       sha256: "8aab1771e1243a5063b8b0ff68042d67334e3feab9e95b9490f9a6ebf73b42ea"
 17 |       url: "https://pub.dev"
 18 |     source: hosted
 19 |     version: "2.1.2"
 20 |   characters:
 21 |     dependency: transitive
 22 |     description:
 23 |       name: characters
 24 |       sha256: f71061c654a3380576a52b451dd5532377954cf9dbd272a78fc8479606670803
 25 |       url: "https://pub.dev"
 26 |     source: hosted
 27 |     version: "1.4.0"
 28 |   clock:
 29 |     dependency: transitive
 30 |     description:
 31 |       name: clock
 32 |       sha256: fddb70d9b5277016c77a80201021d40a2247104d9f4aa7bab7157b7e3f05b84b
 33 |       url: "https://pub.dev"
 34 |     source: hosted
 35 |     version: "1.1.2"
 36 |   collection:
 37 |     dependency: transitive
 38 |     description:
 39 |       name: collection
 40 |       sha256: "2f5709ae4d3d59dd8f7cd309b4e023046b57d8a6c82130785d2b0e5868084e76"
 41 |       url: "https://pub.dev"
 42 |     source: hosted
 43 |     version: "1.19.1"
 44 |   cupertino_icons:
 45 |     dependency: "direct main"
 46 |     description:
 47 |       name: cupertino_icons
 48 |       sha256: ba631d1c7f7bef6b729a622b7b752645a2d076dba9976925b8f25725a30e1ee6
 49 |       url: "https://pub.dev"
 50 |     source: hosted
 51 |     version: "1.0.8"
 52 |   dio:
 53 |     dependency: "direct main"
 54 |     description:
 55 |       name: dio
 56 |       sha256: "253a18bbd4851fecba42f7343a1df3a9a4c1d31a2c1b37e221086b4fa8c8dbc9"
 57 |       url: "https://pub.dev"
 58 |     source: hosted
 59 |     version: "5.8.0+1"
 60 |   dio_web_adapter:
 61 |     dependency: transitive
 62 |     description:
 63 |       name: dio_web_adapter
 64 |       sha256: "7586e476d70caecaf1686d21eee7247ea43ef5c345eab9e0cc3583ff13378d78"
 65 |       url: "https://pub.dev"
 66 |     source: hosted
 67 |     version: "2.1.1"
 68 |   fake_async:
 69 |     dependency: transitive
 70 |     description:
 71 |       name: fake_async
 72 |       sha256: "6a95e56b2449df2273fd8c45a662d6947ce1ebb7aafe80e550a3f68297f3cacc"
 73 |       url: "https://pub.dev"
 74 |     source: hosted
 75 |     version: "1.3.2"
 76 |   flutter:
 77 |     dependency: "direct main"
 78 |     description: flutter
 79 |     source: sdk
 80 |     version: "0.0.0"
 81 |   flutter_lints:
 82 |     dependency: "direct dev"
 83 |     description:
 84 |       name: flutter_lints
 85 |       sha256: "5398f14efa795ffb7a33e9b6a08798b26a180edac4ad7db3f231e40f82ce11e1"
 86 |       url: "https://pub.dev"
 87 |     source: hosted
 88 |     version: "5.0.0"
 89 |   flutter_test:
 90 |     dependency: "direct dev"
 91 |     description: flutter
 92 |     source: sdk
 93 |     version: "0.0.0"
 94 |   http:
 95 |     dependency: "direct main"
 96 |     description:
 97 |       name: http
 98 |       sha256: fe7ab022b76f3034adc518fb6ea04a82387620e19977665ea18d30a1cf43442f
 99 |       url: "https://pub.dev"
100 |     source: hosted
101 |     version: "1.3.0"
102 |   http_parser:
103 |     dependency: transitive
104 |     description:
105 |       name: http_parser
106 |       sha256: "178d74305e7866013777bab2c3d8726205dc5a4dd935297175b19a23a2e66571"
107 |       url: "https://pub.dev"
108 |     source: hosted
109 |     version: "4.1.2"
110 |   leak_tracker:
111 |     dependency: transitive
112 |     description:
113 |       name: leak_tracker
114 |       sha256: c35baad643ba394b40aac41080300150a4f08fd0fd6a10378f8f7c6bc161acec
115 |       url: "https://pub.dev"
116 |     source: hosted
117 |     version: "10.0.8"
118 |   leak_tracker_flutter_testing:
119 |     dependency: transitive
120 |     description:
121 |       name: leak_tracker_flutter_testing
122 |       sha256: f8b613e7e6a13ec79cfdc0e97638fddb3ab848452eff057653abd3edba760573
123 |       url: "https://pub.dev"
124 |     source: hosted
125 |     version: "3.0.9"
126 |   leak_tracker_testing:
127 |     dependency: transitive
128 |     description:
129 |       name: leak_tracker_testing
130 |       sha256: "6ba465d5d76e67ddf503e1161d1f4a6bc42306f9d66ca1e8f079a47290fb06d3"
131 |       url: "https://pub.dev"
132 |     source: hosted
133 |     version: "3.0.1"
134 |   lints:
135 |     dependency: transitive
136 |     description:
137 |       name: lints
138 |       sha256: c35bb79562d980e9a453fc715854e1ed39e24e7d0297a880ef54e17f9874a9d7
139 |       url: "https://pub.dev"
140 |     source: hosted
141 |     version: "5.1.1"
142 |   matcher:
143 |     dependency: transitive
144 |     description:
145 |       name: matcher
146 |       sha256: dc58c723c3c24bf8d3e2d3ad3f2f9d7bd9cf43ec6feaa64181775e60190153f2
147 |       url: "https://pub.dev"
148 |     source: hosted
149 |     version: "0.12.17"
150 |   material_color_utilities:
151 |     dependency: transitive
152 |     description:
153 |       name: material_color_utilities
154 |       sha256: f7142bb1154231d7ea5f96bc7bde4bda2a0945d2806bb11670e30b850d56bdec
155 |       url: "https://pub.dev"
156 |     source: hosted
157 |     version: "0.11.1"
158 |   meta:
159 |     dependency: transitive
160 |     description:
161 |       name: meta
162 |       sha256: e3641ec5d63ebf0d9b41bd43201a66e3fc79a65db5f61fc181f04cd27aab950c
163 |       url: "https://pub.dev"
164 |     source: hosted
165 |     version: "1.16.0"
166 |   path:
167 |     dependency: transitive
168 |     description:
169 |       name: path
170 |       sha256: "75cca69d1490965be98c73ceaea117e8a04dd21217b37b292c9ddbec0d955bc5"
171 |       url: "https://pub.dev"
172 |     source: hosted
173 |     version: "1.9.1"
174 |   sky_engine:
175 |     dependency: transitive
176 |     description: flutter
177 |     source: sdk
178 |     version: "0.0.0"
179 |   source_span:
180 |     dependency: transitive
181 |     description:
182 |       name: source_span
183 |       sha256: "254ee5351d6cb365c859e20ee823c3bb479bf4a293c22d17a9f1bf144ce86f7c"
184 |       url: "https://pub.dev"
185 |     source: hosted
186 |     version: "1.10.1"
187 |   stack_trace:
188 |     dependency: transitive
189 |     description:
190 |       name: stack_trace
191 |       sha256: "8b27215b45d22309b5cddda1aa2b19bdfec9df0e765f2de506401c071d38d1b1"
192 |       url: "https://pub.dev"
193 |     source: hosted
194 |     version: "1.12.1"
195 |   stream_channel:
196 |     dependency: transitive
197 |     description:
198 |       name: stream_channel
199 |       sha256: "969e04c80b8bcdf826f8f16579c7b14d780458bd97f56d107d3950fdbeef059d"
200 |       url: "https://pub.dev"
201 |     source: hosted
202 |     version: "2.1.4"
203 |   string_scanner:
204 |     dependency: transitive
205 |     description:
206 |       name: string_scanner
207 |       sha256: "921cd31725b72fe181906c6a94d987c78e3b98c2e205b397ea399d4054872b43"
208 |       url: "https://pub.dev"
209 |     source: hosted
210 |     version: "1.4.1"
211 |   term_glyph:
212 |     dependency: transitive
213 |     description:
214 |       name: term_glyph
215 |       sha256: "7f554798625ea768a7518313e58f83891c7f5024f88e46e7182a4558850a4b8e"
216 |       url: "https://pub.dev"
217 |     source: hosted
218 |     version: "1.2.2"
219 |   test_api:
220 |     dependency: transitive
221 |     description:
222 |       name: test_api
223 |       sha256: fb31f383e2ee25fbbfe06b40fe21e1e458d14080e3c67e7ba0acfde4df4e0bbd
224 |       url: "https://pub.dev"
225 |     source: hosted
226 |     version: "0.7.4"
227 |   typed_data:
228 |     dependency: transitive
229 |     description:
230 |       name: typed_data
231 |       sha256: f9049c039ebfeb4cf7a7104a675823cd72dba8297f264b6637062516699fa006
232 |       url: "https://pub.dev"
233 |     source: hosted
234 |     version: "1.4.0"
235 |   vector_math:
236 |     dependency: transitive
237 |     description:
238 |       name: vector_math
239 |       sha256: "80b3257d1492ce4d091729e3a67a60407d227c27241d6927be0130c98e741803"
240 |       url: "https://pub.dev"
241 |     source: hosted
242 |     version: "2.1.4"
243 |   vm_service:
244 |     dependency: transitive
245 |     description:
246 |       name: vm_service
247 |       sha256: "0968250880a6c5fe7edc067ed0a13d4bae1577fe2771dcf3010d52c4a9d3ca14"
248 |       url: "https://pub.dev"
249 |     source: hosted
250 |     version: "14.3.1"
251 |   web:
252 |     dependency: transitive
253 |     description:
254 |       name: web
255 |       sha256: "868d88a33d8a87b18ffc05f9f030ba328ffefba92d6c127917a2ba740f9cfe4a"
256 |       url: "https://pub.dev"
257 |     source: hosted
258 |     version: "1.1.1"
259 | sdks:
260 |   dart: ">=3.7.2 <4.0.0"
261 |   flutter: ">=3.18.0-18.0.pre.54"
262 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/flutter_module/pubspec.yaml:
--------------------------------------------------------------------------------
 1 | name: flutter_module
 2 | description: "A new Flutter module project."
 3 | 
 4 | # The following defines the version and build number for your application.
 5 | # A version number is three numbers separated by dots, like 1.2.43
 6 | # followed by an optional build number separated by a +.
 7 | # Both the version and the builder number may be overridden in flutter
 8 | # build by specifying --build-name and --build-number, respectively.
 9 | # In Android, build-name is used as versionName while build-number used as versionCode.
10 | # Read more about Android versioning at https://developer.android.com/studio/publish/versioning
11 | # In iOS, build-name is used as CFBundleShortVersionString while build-number used as CFBundleVersion.
12 | # Read more about iOS versioning at
13 | # https://developer.apple.com/library/archive/documentation/General/Reference/InfoPlistKeyReference/Articles/CoreFoundationKeys.html
14 | #
15 | # This version is used _only_ for the Runner app, which is used if you just do
16 | # a `flutter run` or a `flutter make-host-app-editable`. It has no impact
17 | # on any other native host app that you embed your Flutter project into.
18 | version: 1.0.0+1
19 | 
20 | environment:
21 |   sdk: ^3.7.2
22 | 
23 | dependencies:
24 |   flutter:
25 |     sdk: flutter
26 |   dio: ^5.0.0
27 |   http: ^0.14.0
28 |   # The following adds the Cupertino Icons font to your application.
29 |   # Use with the CupertinoIcons class for iOS style icons.
30 |   cupertino_icons: ^1.0.8
31 | 
32 | dev_dependencies:
33 |   flutter_test:
34 |     sdk: flutter
35 |   flutter_lints: ^5.0.0
36 | 
37 | # For information on the generic Dart part of this file, see the
38 | # following page: https://dart.dev/tools/pub/pubspec
39 | 
40 | flutter:
41 |   # The following line ensures that the Material Icons font is
42 |   # included with your application, so that you can use the icons in
43 |   # the material Icons class.
44 |   uses-material-design: true
45 | 
46 |   # To add Flutter specific assets to your application, add an assets section,
47 |   # like this:
48 |   # assets:
49 |   #   - images/a_dot_burr.jpeg
50 |   #   - images/a_dot_ham.jpeg
51 | 
52 |   # An image asset can refer to one or more resolution-specific "variants", see
53 |   # https://flutter.dev/to/resolution-aware-images
54 | 
55 |   # For details regarding adding assets from package dependencies, see
56 |   # https://flutter.dev/to/asset-from-package
57 | 
58 |   # To add Flutter specific custom fonts to your application, add a fonts
59 |   # section here, in this "flutter" section. Each entry in this list should
60 |   # have a "family" key with the font family name, and a "fonts" key with a
61 |   # list giving the asset and other descriptors for the font. For
62 |   # example:
63 |   # fonts:
64 |   #   - family: Schyler
65 |   #     fonts:
66 |   #       - asset: fonts/Schyler-Regular.ttf
67 |   #       - asset: fonts/Schyler-Italic.ttf
68 |   #         style: italic
69 |   #   - family: Trajan Pro
70 |   #     fonts:
71 |   #       - asset: fonts/TrajanPro.ttf
72 |   #       - asset: fonts/TrajanPro_Bold.ttf
73 |   #         weight: 700
74 |   #
75 |   # For details regarding fonts from package dependencies,
76 |   # see https://flutter.dev/to/font-from-package
77 | 
78 | 
79 |   # This section identifies your Flutter project as a module meant for
80 |   # embedding in a native host app.  These identifiers should _not_ ordinarily
81 |   # be changed after generation - they are used to ensure that the tooling can
82 |   # maintain consistency when adding or modifying assets and plugins.
83 |   # They also do not have any bearing on your native host application's
84 |   # identifiers, which may be completely independent or the same as these.
85 |   module:
86 |     androidX: true
87 |     androidPackage: com.example.flutter_module
88 |     iosBundleIdentifier: com.example.flutterModule
89 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/flutter_module/test/widget_test.dart:
--------------------------------------------------------------------------------
 1 | // This is a basic Flutter widget test.
 2 | //
 3 | // To perform an interaction with a widget in your test, use the WidgetTester
 4 | // utility in the flutter_test package. For example, you can send tap and scroll
 5 | // gestures. You can also use WidgetTester to find child widgets in the widget
 6 | // tree, read text, and verify that the values of widget properties are correct.
 7 | 
 8 | import 'package:flutter/material.dart';
 9 | import 'package:flutter_test/flutter_test.dart';
10 | 
11 | import 'package:flutter_module/main.dart';
12 | 
13 | void main() {
14 |   testWidgets('Counter increments smoke test', (WidgetTester tester) async {
15 |     // Build our app and trigger a frame.
16 |     await tester.pumpWidget(const MyApp());
17 | 
18 |     // Verify that our counter starts at 0.
19 |     expect(find.text('0'), findsOneWidget);
20 |     expect(find.text('1'), findsNothing);
21 | 
22 |     // Tap the '+' icon and trigger a frame.
23 |     await tester.tap(find.byIcon(Icons.add));
24 |     await tester.pump();
25 | 
26 |     // Verify that our counter has incremented.
27 |     expect(find.text('0'), findsNothing);
28 |     expect(find.text('1'), findsOneWidget);
29 |   });
30 | }
31 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/gradle.properties:
--------------------------------------------------------------------------------
 1 | # Project-wide Gradle settings.
 2 | # IDE (e.g. Android Studio) users:
 3 | # Gradle settings configured through the IDE *will override*
 4 | # any settings specified in this file.
 5 | # For more details on how to configure your build environment visit
 6 | # http://www.gradle.org/docs/current/userguide/build_environment.html
 7 | # Specifies the JVM arguments used for the daemon process.
 8 | # The setting is particularly useful for tweaking memory settings.
 9 | org.gradle.jvmargs=-Xmx2048m -Dfile.encoding=UTF-8
10 | # When configured, Gradle will run in incubating parallel mode.
11 | # This option should only be used with decoupled projects. For more details, visit
12 | # https://developer.android.com/r/tools/gradle-multi-project-decoupled-projects
13 | # org.gradle.parallel=true
14 | # AndroidX package structure to make it clearer which packages are bundled with the
15 | # Android operating system, and which are packaged with your app's APK
16 | # https://developer.android.com/topic/libraries/support-library/androidx-rn
17 | android.useAndroidX=true
18 | # Kotlin code style for this project: "official" or "obsolete":
19 | kotlin.code.style=official
20 | # Enables namespacing of each library's R class so that its R class includes only the
21 | # resources declared in the library itself and none from the library's dependencies,
22 | # thereby reducing the size of the R class for that library
23 | android.nonTransitiveRClass=true


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/gradle/libs.versions.toml:
--------------------------------------------------------------------------------
 1 | [versions]
 2 | agp = "8.8.0"
 3 | kotlin = "2.0.0"
 4 | coreKtx = "1.15.0"
 5 | junit = "4.13.2"
 6 | junitVersion = "1.2.1"
 7 | espressoCore = "3.6.1"
 8 | lifecycleRuntimeKtx = "2.6.1"
 9 | activityCompose = "1.8.0"
10 | composeBom = "2024.04.01"
11 | okhttp = "4.10.0"
12 | 
13 | [libraries]
14 | androidx-core-ktx = { group = "androidx.core", name = "core-ktx", version.ref = "coreKtx" }
15 | junit = { group = "junit", name = "junit", version.ref = "junit" }
16 | androidx-junit = { group = "androidx.test.ext", name = "junit", version.ref = "junitVersion" }
17 | androidx-espresso-core = { group = "androidx.test.espresso", name = "espresso-core", version.ref = "espressoCore" }
18 | androidx-lifecycle-runtime-ktx = { group = "androidx.lifecycle", name = "lifecycle-runtime-ktx", version.ref = "lifecycleRuntimeKtx" }
19 | androidx-activity-compose = { group = "androidx.activity", name = "activity-compose", version.ref = "activityCompose" }
20 | androidx-compose-bom = { group = "androidx.compose", name = "compose-bom", version.ref = "composeBom" }
21 | androidx-ui = { group = "androidx.compose.ui", name = "ui" }
22 | androidx-ui-graphics = { group = "androidx.compose.ui", name = "ui-graphics" }
23 | androidx-ui-tooling = { group = "androidx.compose.ui", name = "ui-tooling" }
24 | androidx-ui-tooling-preview = { group = "androidx.compose.ui", name = "ui-tooling-preview" }
25 | androidx-ui-test-manifest = { group = "androidx.compose.ui", name = "ui-test-manifest" }
26 | androidx-ui-test-junit4 = { group = "androidx.compose.ui", name = "ui-test-junit4" }
27 | androidx-material3 = { group = "androidx.compose.material3", name = "material3" }
28 | okhttp = { module = "com.squareup.okhttp3:okhttp", version.ref = "okhttp" }
29 | 
30 | [plugins]
31 | android-application = { id = "com.android.application", version.ref = "agp" }
32 | kotlin-android = { id = "org.jetbrains.kotlin.android", version.ref = "kotlin" }
33 | kotlin-compose = { id = "org.jetbrains.kotlin.plugin.compose", version.ref = "kotlin" }
34 | 
35 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/app/gradle/wrapper/gradle-wrapper.jar


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Thu Apr 10 23:55:11 CST 2025
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip
5 | zipStoreBase=GRADLE_USER_HOME
6 | zipStorePath=wrapper/dists
7 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/gradlew:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env sh
  2 | 
  3 | #
  4 | # Copyright 2015 the original author or authors.
  5 | #
  6 | # Licensed under the Apache License, Version 2.0 (the "License");
  7 | # you may not use this file except in compliance with the License.
  8 | # You may obtain a copy of the License at
  9 | #
 10 | #      https://www.apache.org/licenses/LICENSE-2.0
 11 | #
 12 | # Unless required by applicable law or agreed to in writing, software
 13 | # distributed under the License is distributed on an "AS IS" BASIS,
 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 15 | # See the License for the specific language governing permissions and
 16 | # limitations under the License.
 17 | #
 18 | 
 19 | ##############################################################################
 20 | ##
 21 | ##  Gradle start up script for UN*X
 22 | ##
 23 | ##############################################################################
 24 | 
 25 | # Attempt to set APP_HOME
 26 | # Resolve links: $0 may be a link
 27 | PRG="$0"
 28 | # Need this for relative symlinks.
 29 | while [ -h "$PRG" ] ; do
 30 |     ls=`ls -ld "$PRG"`
 31 |     link=`expr "$ls" : '.*-> \(.*\)$'`
 32 |     if expr "$link" : '/.*' > /dev/null; then
 33 |         PRG="$link"
 34 |     else
 35 |         PRG=`dirname "$PRG"`"/$link"
 36 |     fi
 37 | done
 38 | SAVED="`pwd`"
 39 | cd "`dirname \"$PRG\"`/" >/dev/null
 40 | APP_HOME="`pwd -P`"
 41 | cd "$SAVED" >/dev/null
 42 | 
 43 | APP_NAME="Gradle"
 44 | APP_BASE_NAME=`basename "$0"`
 45 | 
 46 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
 47 | DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 48 | 
 49 | # Use the maximum available, or set MAX_FD != -1 to use that value.
 50 | MAX_FD="maximum"
 51 | 
 52 | warn () {
 53 |     echo "$*"
 54 | }
 55 | 
 56 | die () {
 57 |     echo
 58 |     echo "$*"
 59 |     echo
 60 |     exit 1
 61 | }
 62 | 
 63 | # OS specific support (must be 'true' or 'false').
 64 | cygwin=false
 65 | msys=false
 66 | darwin=false
 67 | nonstop=false
 68 | case "`uname`" in
 69 |   CYGWIN* )
 70 |     cygwin=true
 71 |     ;;
 72 |   Darwin* )
 73 |     darwin=true
 74 |     ;;
 75 |   MINGW* )
 76 |     msys=true
 77 |     ;;
 78 |   NONSTOP* )
 79 |     nonstop=true
 80 |     ;;
 81 | esac
 82 | 
 83 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 84 | 
 85 | 
 86 | # Determine the Java command to use to start the JVM.
 87 | if [ -n "$JAVA_HOME" ] ; then
 88 |     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
 89 |         # IBM's JDK on AIX uses strange locations for the executables
 90 |         JAVACMD="$JAVA_HOME/jre/sh/java"
 91 |     else
 92 |         JAVACMD="$JAVA_HOME/bin/java"
 93 |     fi
 94 |     if [ ! -x "$JAVACMD" ] ; then
 95 |         die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
 96 | 
 97 | Please set the JAVA_HOME variable in your environment to match the
 98 | location of your Java installation."
 99 |     fi
100 | else
101 |     JAVACMD="java"
102 |     which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
103 | 
104 | Please set the JAVA_HOME variable in your environment to match the
105 | location of your Java installation."
106 | fi
107 | 
108 | # Increase the maximum file descriptors if we can.
109 | if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
110 |     MAX_FD_LIMIT=`ulimit -H -n`
111 |     if [ $? -eq 0 ] ; then
112 |         if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
113 |             MAX_FD="$MAX_FD_LIMIT"
114 |         fi
115 |         ulimit -n $MAX_FD
116 |         if [ $? -ne 0 ] ; then
117 |             warn "Could not set maximum file descriptor limit: $MAX_FD"
118 |         fi
119 |     else
120 |         warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
121 |     fi
122 | fi
123 | 
124 | # For Darwin, add options to specify how the application appears in the dock
125 | if $darwin; then
126 |     GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
127 | fi
128 | 
129 | # For Cygwin or MSYS, switch paths to Windows format before running java
130 | if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
131 |     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
132 |     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
133 | 
134 |     JAVACMD=`cygpath --unix "$JAVACMD"`
135 | 
136 |     # We build the pattern for arguments to be converted via cygpath
137 |     ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
138 |     SEP=""
139 |     for dir in $ROOTDIRSRAW ; do
140 |         ROOTDIRS="$ROOTDIRS$SEP$dir"
141 |         SEP="|"
142 |     done
143 |     OURCYGPATTERN="(^($ROOTDIRS))"
144 |     # Add a user-defined pattern to the cygpath arguments
145 |     if [ "$GRADLE_CYGPATTERN" != "" ] ; then
146 |         OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
147 |     fi
148 |     # Now convert the arguments - kludge to limit ourselves to /bin/sh
149 |     i=0
150 |     for arg in "$@" ; do
151 |         CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
152 |         CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
153 | 
154 |         if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
155 |             eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
156 |         else
157 |             eval `echo args$i`="\"$arg\""
158 |         fi
159 |         i=`expr $i + 1`
160 |     done
161 |     case $i in
162 |         0) set -- ;;
163 |         1) set -- "$args0" ;;
164 |         2) set -- "$args0" "$args1" ;;
165 |         3) set -- "$args0" "$args1" "$args2" ;;
166 |         4) set -- "$args0" "$args1" "$args2" "$args3" ;;
167 |         5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
168 |         6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
169 |         7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
170 |         8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
171 |         9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
172 |     esac
173 | fi
174 | 
175 | # Escape application args
176 | save () {
177 |     for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
178 |     echo " "
179 | }
180 | APP_ARGS=`save "$@"`
181 | 
182 | # Collect all arguments for the java command, following the shell quoting and substitution rules
183 | eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
184 | 
185 | exec "$JAVACMD" "$@"
186 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/gradlew.bat:
--------------------------------------------------------------------------------
 1 | @rem
 2 | @rem Copyright 2015 the original author or authors.
 3 | @rem
 4 | @rem Licensed under the Apache License, Version 2.0 (the "License");
 5 | @rem you may not use this file except in compliance with the License.
 6 | @rem You may obtain a copy of the License at
 7 | @rem
 8 | @rem      https://www.apache.org/licenses/LICENSE-2.0
 9 | @rem
10 | @rem Unless required by applicable law or agreed to in writing, software
11 | @rem distributed under the License is distributed on an "AS IS" BASIS,
12 | @rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | @rem See the License for the specific language governing permissions and
14 | @rem limitations under the License.
15 | @rem
16 | 
17 | @if "%DEBUG%" == "" @echo off
18 | @rem ##########################################################################
19 | @rem
20 | @rem  Gradle startup script for Windows
21 | @rem
22 | @rem ##########################################################################
23 | 
24 | @rem Set local scope for the variables with windows NT shell
25 | if "%OS%"=="Windows_NT" setlocal
26 | 
27 | set DIRNAME=%~dp0
28 | if "%DIRNAME%" == "" set DIRNAME=.
29 | set APP_BASE_NAME=%~n0
30 | set APP_HOME=%DIRNAME%
31 | 
32 | @rem Resolve any "." and ".." in APP_HOME to make it shorter.
33 | for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
34 | 
35 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
36 | set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
37 | 
38 | @rem Find java.exe
39 | if defined JAVA_HOME goto findJavaFromJavaHome
40 | 
41 | set JAVA_EXE=java.exe
42 | %JAVA_EXE% -version >NUL 2>&1
43 | if "%ERRORLEVEL%" == "0" goto execute
44 | 
45 | echo.
46 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
47 | echo.
48 | echo Please set the JAVA_HOME variable in your environment to match the
49 | echo location of your Java installation.
50 | 
51 | goto fail
52 | 
53 | :findJavaFromJavaHome
54 | set JAVA_HOME=%JAVA_HOME:"=%
55 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe
56 | 
57 | if exist "%JAVA_EXE%" goto execute
58 | 
59 | echo.
60 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
61 | echo.
62 | echo Please set the JAVA_HOME variable in your environment to match the
63 | echo location of your Java installation.
64 | 
65 | goto fail
66 | 
67 | :execute
68 | @rem Setup the command line
69 | 
70 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
71 | 
72 | 
73 | @rem Execute Gradle
74 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
75 | 
76 | :end
77 | @rem End local scope for the variables with windows NT shell
78 | if "%ERRORLEVEL%"=="0" goto mainEnd
79 | 
80 | :fail
81 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
82 | rem the _cmd.exe /c_ return code!
83 | if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
84 | exit /b 1
85 | 
86 | :mainEnd
87 | if "%OS%"=="Windows_NT" endlocal
88 | 
89 | :omega
90 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/app/settings.gradle.kts:
--------------------------------------------------------------------------------
 1 | pluginManagement {
 2 |     repositories {
 3 |         google {
 4 |             content {
 5 |                 includeGroupByRegex("com\\.android.*")
 6 |                 includeGroupByRegex("com\\.google.*")
 7 |                 includeGroupByRegex("androidx.*")
 8 |             }
 9 |         }
10 |         mavenCentral()
11 |         gradlePluginPortal()
12 |     }
13 | }
14 | dependencyResolutionManagement {
15 |     repositoriesMode.set(RepositoriesMode.PREFER_SETTINGS)
16 |     repositories {
17 |         google()
18 |         mavenCentral()
19 |         maven { url = uri("https://storage.googleapis.com/download.flutter.io") }
20 |     }
21 | }
22 | 
23 | rootProject.name = "frida-analykit-static-linked-boringssl"
24 | include(":app")
25 | 
26 | include(":flutter")
27 | project(":flutter").projectDir = File(rootDir, "flutter_module/.android/Flutter")
28 | 
29 | 
30 | apply(from="$rootDir/flutter_module/.android/include_flutter.groovy")


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/docs/001-ssl_log_secret函数引用.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/docs/001-ssl_log_secret函数引用.png


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/docs/002-CLIENT_RANDOM字符串搜索.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/docs/002-CLIENT_RANDOM字符串搜索.png


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/docs/003-CLIENT_RANDOM字符串引用指令.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/docs/003-CLIENT_RANDOM字符串引用指令.png


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/docs/004-测试样本app.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/docs/004-测试样本app.png


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/docs/005-开启frida-server和启动实时编译.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/docs/005-开启frida-server和启动实时编译.png


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/docs/006-注入三个场景的boringssl.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/docs/006-注入三个场景的boringssl.png


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/docs/007-webview的wireshark抓包案例.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/docs/007-webview的wireshark抓包案例.png


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/docs/008-flutter中的dart发起请求的wireshark抓包案例.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/docs/008-flutter中的dart发起请求的wireshark抓包案例.png


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/docs/009-java层okhttp发起请求的wireshark抓包案例.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/docs/009-java层okhttp发起请求的wireshark抓包案例.png


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/index.ts:
--------------------------------------------------------------------------------
1 | import './frida-analykit/script/rpc.js'
2 | 


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/samples/app-release.apk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/samples/app-release.apk


--------------------------------------------------------------------------------
/003_frida-analykit-static-linked-boringssl/samples/libssl.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ZSA233/android-reverse-examples/dcec84c28004c6e741c7562c0d6054d6f2fe760f/003_frida-analykit-static-linked-boringssl/samples/libssl.so


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2025 ZSA233
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------