동적 로딩후 삭제되는 DEX 후킹
단향
0
6077
2020.01.09 11:51
제목 그대로 암호화 되어있는 DEX가 앱의 특정 경로에 떨궈지고 동적으로 로드하는 경우에는 어떻게 후킹을 걸어야하나요?
복호화된 DEX를 JEB에 올려서 패키지명+클래스+메소드로 후킹을 해도 아래와 같이 실패합니다.
Error: java.lang.ClassNotFoundException: Didn't find class "kr.co.xxxxxx.xxxxxx.Crypto" on path: DexPathList[[zip file "/data/app/com.xxxxxxxx.smart.npib-2/base.apk"],nativeLibraryDirectories=[/data/app/com.xxxxxxxx.smart.npib-2/lib/arm64, /data/app/com.xxxxxxxx.smart.npib-2/base.apk!/lib/arm64-v8a, /vendor/lib64, /system/lib64]]
at frida/node_modules/frida-java-bridge/lib/env.js:120
at ensureClass (frida/node_modules/frida-java-bridge/lib/class-factory.js:390)
at frida/node_modules/frida-java-bridge/lib/class-factory.js:112
at /javahook.js:18
at frida/node_modules/frida-java-bridge/lib/vm.js:11
at E (frida/node_modules/frida-java-bridge/index.js:346)
at frida/node_modules/frida-java-bridge/index.js:334
at input:1
복호화된 DEX를 JEB에 올려서 패키지명+클래스+메소드로 후킹을 해도 아래와 같이 실패합니다.
Error: java.lang.ClassNotFoundException: Didn't find class "kr.co.xxxxxx.xxxxxx.Crypto" on path: DexPathList[[zip file "/data/app/com.xxxxxxxx.smart.npib-2/base.apk"],nativeLibraryDirectories=[/data/app/com.xxxxxxxx.smart.npib-2/lib/arm64, /data/app/com.xxxxxxxx.smart.npib-2/base.apk!/lib/arm64-v8a, /vendor/lib64, /system/lib64]]
at frida/node_modules/frida-java-bridge/lib/env.js:120
at ensureClass (frida/node_modules/frida-java-bridge/lib/class-factory.js:390)
at frida/node_modules/frida-java-bridge/lib/class-factory.js:112
at /javahook.js:18
at frida/node_modules/frida-java-bridge/lib/vm.js:11
at E (frida/node_modules/frida-java-bridge/index.js:346)
at frida/node_modules/frida-java-bridge/index.js:334
at input:1