134 lines
5.4 KiB
JavaScript
134 lines
5.4 KiB
JavaScript
/**
|
|
* HTTP Traffic Capture - FINAL WORKING VERSION
|
|
* Using correct method names from ResponseBody
|
|
*/
|
|
|
|
console.log("\n[*] HTTP Traffic Capture - Final Working\n");
|
|
|
|
Java.perform(function() {
|
|
|
|
try {
|
|
var AuthHeaderInterceptor = Java.use("com.adif.elcanomovil.serviceNetworking.interceptors.AuthHeaderInterceptor");
|
|
console.log("[+] Found AuthHeaderInterceptor");
|
|
|
|
AuthHeaderInterceptor.intercept.implementation = function(chain) {
|
|
console.log("\n" + "=".repeat(80));
|
|
console.log("[HTTP REQUEST]");
|
|
|
|
try {
|
|
// Cast chain to j3.g
|
|
var ChainClass = Java.use("j3.g");
|
|
var chainObj = Java.cast(chain, ChainClass);
|
|
|
|
// Get request from field "e"
|
|
var requestField = chainObj.getClass().getDeclaredField("e");
|
|
requestField.setAccessible(true);
|
|
var request = requestField.get(chainObj);
|
|
|
|
if (request) {
|
|
// Get URL
|
|
var urlField = request.getClass().getDeclaredField("a");
|
|
urlField.setAccessible(true);
|
|
var urlObj = urlField.get(request);
|
|
console.log("[URL] " + urlObj.toString());
|
|
|
|
// Get method
|
|
var methodField = request.getClass().getDeclaredField("b");
|
|
methodField.setAccessible(true);
|
|
var method = methodField.get(request);
|
|
console.log("[METHOD] " + method);
|
|
}
|
|
|
|
} catch (e) {
|
|
console.log("[ERROR] " + e);
|
|
}
|
|
|
|
// Call original interceptor
|
|
var response = this.intercept(chain);
|
|
|
|
console.log("\n[HTTP RESPONSE]");
|
|
|
|
try {
|
|
if (response) {
|
|
// Get status code
|
|
var codeField = response.getClass().getDeclaredField("d");
|
|
codeField.setAccessible(true);
|
|
var code = codeField.get(response);
|
|
console.log("[CODE] " + code);
|
|
|
|
// Get message
|
|
var msgField = response.getClass().getDeclaredField("c");
|
|
msgField.setAccessible(true);
|
|
var message = msgField.get(response);
|
|
console.log("[MESSAGE] " + message);
|
|
|
|
// Get response body
|
|
var responseBodyField = response.getClass().getDeclaredField("g");
|
|
responseBodyField.setAccessible(true);
|
|
var responseBody = responseBodyField.get(response);
|
|
|
|
if (responseBody != null) {
|
|
try {
|
|
// Get source using source() method
|
|
var source = responseBody.source(); // CORRECT METHOD NAME
|
|
|
|
if (source) {
|
|
// List methods on source to see what's available
|
|
try {
|
|
var sourceMethods = source.getClass().getDeclaredMethods();
|
|
var methodNames = [];
|
|
for (var i = 0; i < sourceMethods.length; i++) {
|
|
methodNames.push(sourceMethods[i].getName());
|
|
}
|
|
console.log("[SOURCE METHODS] " + methodNames.join(", "));
|
|
} catch (e) {}
|
|
|
|
try {
|
|
// Try different method patterns
|
|
// Pattern 1: request all
|
|
var Long = Java.use("java.lang.Long");
|
|
source.request(Long.MAX_VALUE.value);
|
|
|
|
// Get buffer
|
|
var buffer = source.buffer();
|
|
|
|
// Clone buffer
|
|
var clone = buffer.clone();
|
|
|
|
// Read UTF8
|
|
var bodyStr = clone.readUtf8();
|
|
|
|
if (bodyStr && bodyStr.length > 0) {
|
|
console.log("\n[RESPONSE BODY]");
|
|
if (bodyStr.length > 2000) {
|
|
console.log(bodyStr.substring(0, 2000));
|
|
console.log("\n... (truncated, total: " + bodyStr.length + " chars)");
|
|
} else {
|
|
console.log(bodyStr);
|
|
}
|
|
}
|
|
} catch (e) {
|
|
console.log("[BODY READ ERROR] " + e);
|
|
}
|
|
}
|
|
} catch (e) {
|
|
console.log("[SOURCE ERROR] " + e);
|
|
}
|
|
}
|
|
}
|
|
|
|
} catch (e) {
|
|
console.log("[RESPONSE ERROR] " + e);
|
|
}
|
|
|
|
console.log("=".repeat(80) + "\n");
|
|
return response;
|
|
};
|
|
|
|
console.log("[*] Hook installed!\n");
|
|
|
|
} catch (e) {
|
|
console.log("[-] Failed: " + e);
|
|
}
|
|
});
|