module bug fixes

README.md

@@ -92,7 +92,12 @@ ApiClient.checkTrustedRecursive.implementation = function(a1, a2, a3, a4, a5, a6
 
 
 
+CREDITS:
 
+- https://github.com/frida/frida
+
+- https://github.com/dpnishant/appmon
+- https://github.com/brompwnie/uitkyk
 
 
 

libraries/defs.py

@@ -294,16 +294,34 @@ def parse_module(self,mods):
         hooks.append(header);
         hooks.append("\n\nJava.perform(function() {")
         for file in mods:
+            codeline_found = False
+
             with open(file) as mod:
+                content = mod.readlines()
                 hooks.append(' try { ')
-                for line in mod:
-                    if not line.startswith('#'):
-                        hooks.append('\t\t'+line.strip('\n'))
 
-                hooks.append("""    } catch (err) {
-                    console.log('Error loading module %s, Error:'+err);
-            }"""%file)
+            for i in range(len(content)):
+                if content[i].startswith('#Code:'):
+                    codeline_found = True
+                    i += 1
+                if codeline_found:
+                    hooks.append('\t\t'+content[i].strip('\n'))
 
+                    # for line in mod:
+                    #     if not line.startswith('#Code'):
+                    #         continue
+                    #         print(line)
+                    #     else:
+                    #         After_codeline = True
+                    # print(After_codeline)
+                    # if After_codeline == False:
+                    #     print(line.strip('\n'))
+                    #     hooks.append('\t\t'+line.strip('\n'))
+
+            hooks.append("""    } catch (err) {
+                        console.log('Error loading module %s, Error:'+err);
+                }"""%file)
+
         hooks.append('});')
 
         with open('agent.js','w') as agent:

libraries/utils.js

@@ -148,6 +148,7 @@ function getContext() {
 	return Java.use('android.app.ActivityThread').currentApplication().getApplicationContext();
   }
 
+  //---------------CREDITS TO: https://github.com/brompwnie/uitkyk
 
   var objectsToLookFor = ["java.net.Socket", "dalvik.system.DexClassLoader", "java.net.URLConnection", "java.net.URL", "java.security.cert.X509Certificate"];
   for (var i in objectsToLookFor) {

modules/compression/gzip_input_stream.med

@@ -17,7 +17,8 @@ console.log('----------twiter:@Ch0pin-------------------');
         var buffer = Java.array('byte', buff);
         var result = "";
         for(var i = 0; i < buffer.length; ++i){
-            result+= (String.fromCharCode(buffer[i]));
+            if(buffer[i] >= 32 && buffer[i]<127)
+                result+= (String.fromCharCode(buffer[i]));
         }
 
         console.log('[+] Zipped OUTPUT stream: ' + result);
@@ -29,7 +30,8 @@ console.log('----------twiter:@Ch0pin-------------------');
         var buffer = Java.array('byte', buff);
         var result = "";
         for(var i = 0; i < buffer.length; ++i){
-            result+= (String.fromCharCode(buffer[i]));
+            if(buffer[i] >= 32 && buffer[i]<127)
+                result+= (String.fromCharCode(buffer[i]));
         }
 
         console.log('[+] Zipped INPUT stream: ' + result);

modules/helpers/dynamic_code_loading.med

@@ -65,10 +65,10 @@ if(1){
      var dexclassLoader = Java.use("dalvik.system.BaseDexClassLoader");
      var ClassUse = Java.use("java.lang.Class");
      dexclassLoader.loadClass.overload("java.lang.String").implementation = function(className){
-         console.log("[i] ClassName=" + className+'\n');
+         console.log("[i] DEX Class loader for ClassName=" + className+'\n');
          var result = this.loadClass(className);
          var resultCast = Java.cast(result, ClassUse);
-         console.log("[+] Methods=" + resultCast.getMethods()+'\n');
+         //console.log("[+] Methods=" + resultCast.getMethods()+'\n');
          return result;
      }
 }

modules/helpers/translator.med

@@ -1,11 +1,12 @@
 
 #Description: 'Use this module to translate UI text to english'
-#Help: "Hooks the setText function and translates the "
+#Help: "Hooks the setText function and translates the applied text using google's translation API"
 #Code:
 
+console.log('\n----------TRANSLATOR SCRIPT -------------');
+console.log('----------twiter:@Ch0pin-------------------');
 
-
-   var textViewClass = Java.use("android.widget.TextView");
+    var textViewClass = Java.use("android.widget.TextView");
     var String = Java.use("java.lang.String");
 
 
@@ -17,7 +18,7 @@
         recv(function (received_json_object) {
             string_to_recv = received_json_object.my_data;
         }).wait(); 
-        //console.log(string_to_send +" : "+ string_to_recv)
+        console.log('Translating: ' + string_to_send +" ---> "+ string_to_recv)
 
         var castTostring = String.$new(string_to_recv);
 

modules/scratchpad.med

@@ -4,5 +4,28 @@
 
 console.log('\n--------SCRATCH PAD LOADING-------------------');
 
+var avos = Java.use('com.avos.avoscloud.AVQuery');
 
+avos.$init.overload('java.lang.String').implementation = function(a){
+    console.log('inside com.avos.avoscloud.AVQuerycom.avos.avoscloud.AVQuerycom.avos.avoscloud.AVQuerycom.avos.avoscloud.AVQuery:' + a);
+    return this.$init(a);
 
+}
+
+avos.$init.overload('java.lang.String', 'java.lang.Class').implementation = function(a,b){
+    console.log('inside com.avos.avoscloud.AVQuerycom.avos.avoscloud.AVQuerycom.avos.avoscloud.AVQuerycom.avos.avoscloud.AVQuery:' + a);
+    return this.$init(a,b);
+
+}
+avos.$init.overload().implementation = function(){
+    console.log('com.avos.avoscloud.AVQuery');
+    return this.$init();
+}
+
+var getall = Java.use('com.cp5596.Cputil');
+
+
+getall.getal.implementation = function(p4){
+    console.log('0000000000000');
+    return this.getal(p4);
+}