ScrapHacks/frida/frida_inject_net.py

import frida
import psutil
from binascii import hexlify
import subprocess as SP
import string
import ipaddress
from dissect_net import packet,printable_chars,hexdump,is_printable

def on_message(msg, data=None):
    if not data:
        return
    msg = msg["payload"]
    IP = ipaddress.IPv4Address(msg["addr"])
    IP = ipaddress.IPv4Address(IP.packed[::-1])
    direction = msg["type"]
    port = msg["port"]
    ptr = msg["ptr"]

    with open("netlog.txt","a",encoding="utf8") as of:
        print(
            "{} {}:{} 0x{:x} {}".format(msg["type"], IP, port, ptr, str(hexlify(data),"utf8")),
            file=of
        )
        
    if is_printable(data):
        print(direction, addr, buffer_addr, data)
        return
    
    try:
        parsed_data = packet.parse(data)
        print(
            "{} {}:{} 0x{:x}".format(msg["type"], IP, port, ptr)
        )
        print(hexdump(data))
        print(parsed_data)
        print()
    except Exception as e:
        print(e)
        pass

def main():
    pid = frida.spawn(sys.argv[1:])
    session = frida.attach(pid)
    session.enable_jit()
    script = session.create_script(open("frida_hook_net.js").read())
    open(f"netlog.txt","w",encoding="utf8").close()
    script.on("message", on_message)
    script.load()
    frida.resume(pid)
    proc = psutil.Process(pid)
    proc.wait()
    session.detach()


if __name__ == "__main__":
    main()
Lots of Updates (expand for more): - Started implementing new parser for chunked data - Started documenting data formats - Started dissector for network protocol - Added AI-Graph renderer (converts .pth files to python data you can import into Blender) - Added Script to convert savefile to JSON - Added (old) parser for chunked data format - Added basic parser for LFVF data section (Vertex Data) - Added script to analyze and filter read trace generated with frida script - Added various Frida scripts 2020-08-04 16:05:34 +00:00			`import frida`
			`import psutil`
			`from binascii import hexlify`
			`import subprocess as SP`
			`import string`
			`import ipaddress`
			`from dissect_net import packet,printable_chars,hexdump,is_printable`

			`def on_message(msg, data=None):`
			`if not data:`
			`return`
			`msg = msg["payload"]`
			`IP = ipaddress.IPv4Address(msg["addr"])`
			`IP = ipaddress.IPv4Address(IP.packed[::-1])`
			`direction = msg["type"]`
			`port = msg["port"]`
			`ptr = msg["ptr"]`

			`with open("netlog.txt","a",encoding="utf8") as of:`
			`print(`
			`"{} {}:{} 0x{:x} {}".format(msg["type"], IP, port, ptr, str(hexlify(data),"utf8")),`
			`file=of`
			`)`

			`if is_printable(data):`
			`print(direction, addr, buffer_addr, data)`
			`return`

			`try:`
			`parsed_data = packet.parse(data)`
			`print(`
			`"{} {}:{} 0x{:x}".format(msg["type"], IP, port, ptr)`
			`)`
			`print(hexdump(data))`
			`print(parsed_data)`
			`print()`
			`except Exception as e:`
			`print(e)`
			`pass`

			`def main():`
			`pid = frida.spawn(sys.argv[1:])`
			`session = frida.attach(pid)`
			`session.enable_jit()`
			`script = session.create_script(open("frida_hook_net.js").read())`
			`open(f"netlog.txt","w",encoding="utf8").close()`
			`script.on("message", on_message)`
			`script.load()`
			`frida.resume(pid)`
			`proc = psutil.Process(pid)`
			`proc.wait()`
			`session.detach()`


			`if __name__ == "__main__":`
			`main()`