71 lines
2.5 KiB
JavaScript
71 lines
2.5 KiB
JavaScript
/**
|
|
* Inspect RequestBody to see what methods we can use
|
|
*/
|
|
|
|
console.log("\n[*] Inspecting RequestBody\n");
|
|
|
|
Java.perform(function() {
|
|
|
|
try {
|
|
var AuthHeaderInterceptor = Java.use("com.adif.elcanomovil.serviceNetworking.interceptors.AuthHeaderInterceptor");
|
|
console.log("[+] Found AuthHeaderInterceptor");
|
|
|
|
AuthHeaderInterceptor.intercept.implementation = function(chain) {
|
|
|
|
try {
|
|
// Cast chain
|
|
var ChainClass = Java.use("j3.g");
|
|
var chainObj = Java.cast(chain, ChainClass);
|
|
|
|
// Get request
|
|
var requestField = chainObj.getClass().getDeclaredField("e");
|
|
requestField.setAccessible(true);
|
|
var request = requestField.get(chainObj);
|
|
|
|
if (request) {
|
|
// Get request body from field "d"
|
|
var bodyField = request.getClass().getDeclaredField("d");
|
|
bodyField.setAccessible(true);
|
|
var reqBody = bodyField.get(request);
|
|
|
|
if (reqBody) {
|
|
console.log("\n" + "=".repeat(80));
|
|
console.log("[REQUEST BODY CLASS] " + reqBody.$className);
|
|
|
|
// List ALL methods
|
|
console.log("\n[ALL METHODS]:");
|
|
var methods = reqBody.getClass().getMethods();
|
|
for (var i = 0; i < methods.length; i++) {
|
|
var method = methods[i];
|
|
var paramTypes = method.getParameterTypes();
|
|
var paramStr = "";
|
|
for (var j = 0; j < paramTypes.length; j++) {
|
|
if (j > 0) paramStr += ", ";
|
|
paramStr += paramTypes[j].getName();
|
|
}
|
|
console.log(" " + method.getName() + "(" + paramStr + ") -> " + method.getReturnType().getName());
|
|
}
|
|
|
|
console.log("=".repeat(80) + "\n");
|
|
|
|
// Only print once
|
|
AuthHeaderInterceptor.intercept.implementation = this.intercept;
|
|
}
|
|
}
|
|
|
|
} catch (e) {
|
|
console.log("[ERROR] " + e);
|
|
console.log("[STACK] " + e.stack);
|
|
}
|
|
|
|
// Call original
|
|
return this.intercept(chain);
|
|
};
|
|
|
|
console.log("[*] Hook installed!\n");
|
|
|
|
} catch (e) {
|
|
console.log("[-] Failed: " + e);
|
|
}
|
|
});
|