2. function test(){
    3.     Java.perform(function () {
    4.         function showStacks() {console.log(Java.use("android.util.Log").getStackTraceString(Java.use("java.lang.Throwable").$new()));}
    6.         var ByteString = Java.use("com.android.okhttp.okio.ByteString");
    7.         function toBase64(tag, data) {
    8.             console.log(tag + " Base64: ", ByteString.of(data).base64());
    9.         }
    10.         function toHex(tag, data) {
    11.             console.log(tag + " Hex: ", ByteString.of(data).hex());
    12.         }
    13.         function toUtf8(tag, data) {
    14.             console.log(tag + " Utf8: ", ByteString.of(data).utf8());
    15.         }
    16.         var messageDigest = Java.use("java.security.MessageDigest");
    17.         messageDigest.update.overload('byte').implementation = function (data) {
    18.             console.log("MessageDigest.update('byte') is called!");
    19.             return this.update(data);
    20.         }
    21.         messageDigest.update.overload('java.nio.ByteBuffer').implementation = function (data) {
    22.             console.log("MessageDigest.update('java.nio.ByteBuffer') is called!");
    23.             return this.update(data);
    24.         }
    25.         messageDigest.update.overload('[B').implementation = function (data) {
    26.             console.log("MessageDigest.update('[B') is called!");
    27.             var algorithm = this.getAlgorithm();
    28.             var tag = algorithm + " update data";
    29.             toUtf8(tag, data);
    30.             toHex(tag, data);
    31.             toBase64(tag, data);
    32.             console.log("=======================================================");
    33.             return this.update(data);
    34.         }
    35.         messageDigest.update.overload('[B', 'int', 'int').implementation = function (data, start, length) {
    36.             console.log("MessageDigest.update('[B', 'int', 'int') is called!");
    37.             var algorithm = this.getAlgorithm();
    38.             var tag = algorithm + " update data";
    39.             toUtf8(tag, data);
    40.             toHex(tag, data);
    41.             toBase64(tag, data);
    42.             console.log("=======================================================", start, length);
    43.             return this.update(data, start, length);
    44.         }
    46.         messageDigest.digest.overload().implementation = function () {
    47.             console.log("MessageDigest.digest() is called!");
    48.             var result = this.digest();
    49.             var algorithm = this.getAlgorithm();
    50.             var tag = algorithm + " digest result";
    51.             toHex(tag, result);
    52.             toBase64(tag, result);
    53.             console.log("=======================================================");
    54.             return result;
    55.         }
    56.         messageDigest.digest.overload('[B').implementation = function (data) {
    57.             console.log("MessageDigest.digest('[B') is called!");
    58.             var algorithm = this.getAlgorithm();
    59.             var tag = algorithm + " digest data";
    60.             toUtf8(tag, data);
    61.             toHex(tag, data);
    62.             toBase64(tag, data);
    63.             var result = this.digest(data);
    64.             var tags = algorithm + " digest result";
    65.             toHex(tags, result);
    66.             toBase64(tags, result);
    67.             console.log("=======================================================");
    68.             return result;
    69.         }
    70.         messageDigest.digest.overload('[B', 'int', 'int').implementation = function (data, start, length) {
    71.             console.log("MessageDigest.digest('[B', 'int', 'int') is called!");
    72.             var algorithm = this.getAlgorithm();
    73.             var tag = algorithm + " digest data";
    74.             toUtf8(tag, data);
    75.             toHex(tag, data);
    76.             toBase64(tag, data);
    77.             var result = this.digest(data, start, length);
    78.             var tags = algorithm + " digest result";
    79.             toHex(tags, result);
    80.             toBase64(tags, result);
    81.             console.log("=======================================================", start, length);
    82.             return result;
    83.         }
    85.         var mac = Java.use("javax.crypto.Mac");
    86.         mac.init.overload('java.security.Key', 'java.security.spec.AlgorithmParameterSpec').implementation = function (key, AlgorithmParameterSpec) {
    87.             console.log("Mac.init('java.security.Key', 'java.security.spec.AlgorithmParameterSpec') is called!");
    88.             return this.init(key, AlgorithmParameterSpec);
    89.         }
    90.         mac.init.overload('java.security.Key').implementation = function (key) {
    91.             console.log("Mac.init('java.security.Key') is called!");
    92.             var algorithm = this.getAlgorithm();
    93.             var tag = algorithm + " init Key";
    94.             var keyBytes = key.getEncoded();
    95.             toUtf8(tag, keyBytes);
    96.             toHex(tag, keyBytes);
    97.             toBase64(tag, keyBytes);
    98.             console.log("=======================================================");
    99.             return this.init(key);
    100.         }
    101.         mac.update.overload('byte').implementation = function (data) {
    102.             console.log("Mac.update('byte') is called!");
    103.             return this.update(data);
    104.         }
    105.         mac.update.overload('java.nio.ByteBuffer').implementation = function (data) {
    106.             console.log("Mac.update('java.nio.ByteBuffer') is called!");
    107.             return this.update(data);
    108.         }
    109.         mac.update.overload('[B').implementation = function (data) {
    110.             console.log("Mac.update('[B') is called!");
    111.             var algorithm = this.getAlgorithm();
    112.             var tag = algorithm + " update data";
    113.             toUtf8(tag, data);
    114.             toHex(tag, data);
    115.             toBase64(tag, data);
    116.             console.log("=======================================================");
    117.             return this.update(data);
    118.         }
    119.         mac.update.overload('[B', 'int', 'int').implementation = function (data, start, length) {
    120.             console.log("Mac.update('[B', 'int', 'int') is called!");
    121.             var algorithm = this.getAlgorithm();
    122.             var tag = algorithm + " update data";
    123.             toUtf8(tag, data);
    124.             toHex(tag, data);
    125.             toBase64(tag, data);
    126.             console.log("=======================================================", start, length);
    127.             return this.update(data, start, length);
    128.         }
    129.         mac.doFinal.overload().implementation = function () {
    130.             console.log("Mac.doFinal() is called!");
    131.             var result = this.doFinal();
    132.             var algorithm = this.getAlgorithm();
    133.             var tag = algorithm + " doFinal result";
    134.             toHex(tag, result);
    135.             toBase64(tag, result);
    136.             console.log("=======================================================");
    137.             return result;
    138.         }
    140.         var cipher = Java.use("javax.crypto.Cipher");
    141.         cipher.init.overload('int', 'java.security.cert.Certificate').implementation = function () {
    142.             console.log("Cipher.init('int', 'java.security.cert.Certificate') is called!");
    143.             return this.init.apply(this, arguments);
    144.         }
    145.         cipher.init.overload('int', 'java.security.Key', 'java.security.SecureRandom').implementation = function () {
    146.             console.log("Cipher.init('int', 'java.security.Key', 'java.security.SecureRandom') is called!");
    147.             return this.init.apply(this, arguments);
    148.         }
    149.         cipher.init.overload('int', 'java.security.cert.Certificate', 'java.security.SecureRandom').implementation = function () {
    150.             console.log("Cipher.init('int', 'java.security.cert.Certificate', 'java.security.SecureRandom') is called!");
    151.             return this.init.apply(this, arguments);
    152.         }
    153.         cipher.init.overload('int', 'java.security.Key', 'java.security.AlgorithmParameters', 'java.security.SecureRandom').implementation = function () {
    154.             console.log("Cipher.init('int', 'java.security.Key', 'java.security.AlgorithmParameters', 'java.security.SecureRandom') is called!");
    155.             return this.init.apply(this, arguments);
    156.         }
    157.         cipher.init.overload('int', 'java.security.Key', 'java.security.spec.AlgorithmParameterSpec', 'java.security.SecureRandom').implementation = function () {
    158.             console.log("Cipher.init('int', 'java.security.Key', 'java.security.spec.AlgorithmParameterSpec', 'java.security.SecureRandom') is called!");
    159.             return this.init.apply(this, arguments);
    160.         }
    161.         cipher.init.overload('int', 'java.security.Key', 'java.security.AlgorithmParameters').implementation = function () {
    162.             console.log("Cipher.init('int', 'java.security.Key', 'java.security.AlgorithmParameters') is called!");
    163.             return this.init.apply(this, arguments);
    164.         }
    166.         cipher.init.overload('int', 'java.security.Key').implementation = function () {
    167.             console.log("Cipher.init('int', 'java.security.Key') is called!");
    168.             var algorithm = this.getAlgorithm();
    169.             var tag = algorithm + " init Key";
    170.             var className = JSON.stringify(arguments[1]);
    171.             if(className.indexOf("OpenSSLRSAPrivateKey") === -1){
    172.                 var keyBytes = arguments[1].getEncoded();
    173.                 toUtf8(tag, keyBytes);
    174.                 toHex(tag, keyBytes);
    175.                 toBase64(tag, keyBytes);
    176.             }
    177.             console.log("=======================================================");
    178.             return this.init.apply(this, arguments);
    179.         }
    180.         cipher.init.overload('int', 'java.security.Key', 'java.security.spec.AlgorithmParameterSpec').implementation = function () {
    181.             console.log("Cipher.init('int', 'java.security.Key', 'java.security.spec.AlgorithmParameterSpec') is called!");
    182.             var algorithm = this.getAlgorithm();
    183.             var tag = algorithm + " init Key";
    184.             var keyBytes = arguments[1].getEncoded();
    185.             toUtf8(tag, keyBytes);
    186.             toHex(tag, keyBytes);
    187.             toBase64(tag, keyBytes);
    188.             var tags = algorithm + " init iv";
    189.             var iv = Java.cast(arguments[2], Java.use("javax.crypto.spec.IvParameterSpec"));
    190.             var ivBytes = iv.getIV();
    191.             toUtf8(tags, ivBytes);
    192.             toHex(tags, ivBytes);
    193.             toBase64(tags, ivBytes);
    194.             console.log("=======================================================");
    195.             return this.init.apply(this, arguments);
    196.         }
    198.         cipher.doFinal.overload('java.nio.ByteBuffer', 'java.nio.ByteBuffer').implementation = function () {
    199.             console.log("Cipher.doFinal('java.nio.ByteBuffer', 'java.nio.ByteBuffer') is called!");
    200.             return this.doFinal.apply(this, arguments);
    201.         }
    202.         cipher.doFinal.overload('[B', 'int').implementation = function () {
    203.             console.log("Cipher.doFinal('[B', 'int') is called!");
    204.             return this.doFinal.apply(this, arguments);
    205.         }
    206.         cipher.doFinal.overload('[B', 'int', 'int', '[B').implementation = function () {
    207.             console.log("Cipher.doFinal('[B', 'int', 'int', '[B') is called!");
    208.             return this.doFinal.apply(this, arguments);
    209.         }
    210.         cipher.doFinal.overload('[B', 'int', 'int', '[B', 'int').implementation = function () {
    211.             console.log("Cipher.doFinal('[B', 'int', 'int', '[B', 'int') is called!");
    212.             return this.doFinal.apply(this, arguments);
    213.         }
    214.         cipher.doFinal.overload().implementation = function () {
    215.             console.log("Cipher.doFinal() is called!");
    216.             return this.doFinal.apply(this, arguments);
    217.         }
    219.         cipher.doFinal.overload('[B').implementation = function () {
    220.             console.log("Cipher.doFinal('[B') is called!");
    221.             var algorithm = this.getAlgorithm();
    222.             var tag = algorithm + " doFinal data";
    223.             var data = arguments[0];
    224.             toUtf8(tag, data);
    225.             toHex(tag, data);
    226.             toBase64(tag, data);
    227.             var result = this.doFinal.apply(this, arguments);
    228.             var tags = algorithm + " doFinal result";
    229.             toHex(tags, result);
    230.             toBase64(tags, result);
    231.             console.log("=======================================================");
    232.             return result;
    233.         }
    234.         cipher.doFinal.overload('[B', 'int', 'int').implementation = function () {
    235.             console.log("Cipher.doFinal('[B', 'int', 'int') is called!");
    236.             var algorithm = this.getAlgorithm();
    237.             var tag = algorithm + " doFinal data";
    238.             var data = arguments[0];
    239.             toUtf8(tag, data);
    240.             toHex(tag, data);
    241.             toBase64(tag, data);
    242.             var result = this.doFinal.apply(this, arguments);
    243.             var tags = algorithm + " doFinal result";
    244.             toHex(tags, result);
    245.             toBase64(tags, result);
    246.             console.log("=======================================================", arguments[1], arguments[2]);
    247.             return result;
    248.         }
    252.         var signature = Java.use("java.security.Signature");
    253.         signature.update.overload('byte').implementation = function (data) {
    254.             console.log("Signature.update('byte') is called!");
    255.             return this.update(data);
    256.         }
    257.         signature.update.overload('java.nio.ByteBuffer').implementation = function (data) {
    258.             console.log("Signature.update('java.nio.ByteBuffer') is called!");
    259.             return this.update(data);
    260.         }
    261.         signature.update.overload('[B', 'int', 'int').implementation = function (data, start, length) {
    262.             console.log("Signature.update('[B', 'int', 'int') is called!");
    263.             var algorithm = this.getAlgorithm();
    264.             var tag = algorithm + " update data";
    265.             toUtf8(tag, data);
    266.             toHex(tag, data);
    267.             toBase64(tag, data);
    268.             console.log("=======================================================", start, length);
    269.             return this.update(data, start, length);
    270.         }
    271.         signature.sign.overload('[B', 'int', 'int').implementation = function () {
    272.             console.log("Signature.sign('[B', 'int', 'int') is called!");
    273.             return this.sign.apply(this, arguments);
    274.         }
    275.         signature.sign.overload().implementation = function () {
    276.             console.log("Signature.sign() is called!");
    277.             var result = this.sign();
    278.             var algorithm = this.getAlgorithm();
    279.             var tag = algorithm + " sign result";
    280.             toHex(tag, result);
    281.             toBase64(tag, result);
    282.             console.log("=======================================================");
    283.             return result;
    284.         }
    288.     })};
    290. setImmediate(function(){
    291.     setTimeout(test(), 5000);
    292. });

    上方为hook代码