aes-crypto-universal
4 views
f98df621...
Description
Este script Frida intercepta as classes IvParameterSpec e SecretKeySpec em Java para capturar e registrar vetores de inicialização (IV) e chaves secretas usados em operações de criptografia. Ele converte esses valores em strings hexadecimais e os exibe no console, evitando repetições.
How to Use
Download the script and run it with Frida CLI:
Download ScriptThen run with Frida:
frida -U -f YOUR_PACKAGE_NAME -l aes-crypto-universal.js
Replace YOUR_PACKAGE_NAME with the target app's package name.
Source Code
JavaScript
// by: Caique Pascoal (kiqx8
// powered by: Doninha korea
// frida -U -n "<APPNAME> -l script_crypto.js"
Java.perform(function() {
try {
var IvParameterSpec = Java.use('javax.crypto.spec.IvParameterSpec');
var SecretKeySpec = Java.use('javax.crypto.spec.SecretKeySpec');
var lastIv = null,
lastKey = null;
function byteArrayToHexString(byteArray) {
return Array.from(byteArray, b => ('0' + (b & 0xFF).toString(16)).slice(-2)).join('');
}
function logInfo(prefix, value) {
console.log(`[+] ${prefix}: ${value}`);
}
IvParameterSpec.$init.overload('[B').implementation = function(iv) {
try {
var currentIv = byteArrayToHexString(iv);
if (lastIv !== currentIv) {
logInfo('IvParameterSpec', currentIv);
lastIv = currentIv;
}
return this.$init(iv);
} catch (error) {
console.error('[!] Error in IvParameterSpec implementation: ' + error);
}
};
SecretKeySpec.$init.overload('[B', 'java.lang.String').implementation = function(keyBytes, algorithm) {
try {
var currentKey = byteArrayToHexString(keyBytes);
if (lastKey !== currentKey) {
logInfo('SecretKeySpec', currentKey + ', ' + algorithm);
lastKey = currentKey;
}
return this.$init(keyBytes, algorithm);
} catch (error) {
console.error('[!] Error in SecretKeySpec implementation: ' + error);
}
};
} catch (error) {
console.error('[!] Error in Java.perform: ' + error);
}
});
Comments