{"id":13846159,"url":"https://github.com/deathmemory/fridaRegstNtv","last_synced_at":"2025-07-12T04:31:18.735Z","repository":{"id":38614260,"uuid":"249618506","full_name":"deathmemory/fridaRegstNtv","owner":"deathmemory","description":"利用 frida 获取 Jni RegisterNatives 动态注册的函数","archived":false,"fork":false,"pushed_at":"2023-03-06T02:29:27.000Z","size":390,"stargazers_count":308,"open_issues_count":7,"forks_count":87,"subscribers_count":10,"default_branch":"master","last_synced_at":"2024-11-16T18:04:04.213Z","etag":null,"topics":["frida","registernatives"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/deathmemory.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2020-03-24T05:11:26.000Z","updated_at":"2024-11-13T03:35:22.000Z","dependencies_parsed_at":"2023-02-09T01:00:42.913Z","dependency_job_id":"593ae694-c66e-4cc5-9359-9dfc83f42647","html_url":"https://github.com/deathmemory/fridaRegstNtv","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deathmemory%2FfridaRegstNtv","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deathmemory%2FfridaRegstNtv/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deathmemory%2FfridaRegstNtv/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deathmemory%2FfridaRegstNtv/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/deathmemory","download_url":"https://codeload.github.com/deathmemory/fridaRegstNtv/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225791566,"owners_count":17524808,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["frida","registernatives"],"created_at":"2024-08-04T17:04:31.818Z","updated_at":"2024-11-21T19:31:15.925Z","avatar_url":"https://github.com/deathmemory.png","language":"TypeScript","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"readme":"# fridaRegstNtv\n\n本项目是利用 frida 获取 Jni RegisterNatives 动态注册的函数，并将其函数地址和对应的 so 打印出来\n由于此功能使用频率较高，所以单独拉出一个库，方便使用。\n\nnpm build 后，用 Pycharm 打开编辑，可以看到 frida api 代码补全提示。\n\n# 效果\n\n```angular2html\n[INFO][fridaRegstNtv]: hello, i am loaded\nhandle: 0xefb71cbc\nregister: 0xef9ba4f1\n==== class: com.xxxx.class.name ====\n==== methods: 0xcd52d428 nMethods: 41 ====\n[INFO][fridaRegstNtv]: name: initialize, signature: ()V, fnPtr: 0xcd50b6bd, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x66bd\n[INFO][fridaRegstNtv]: name: onExit, signature: ()V, fnPtr: 0xcd50b6c7, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x66c7\n[INFO][fridaRegstNtv]: name: getMMKVWithID, signature: (Ljava/lang/String;ILjava/lang/String;)J, fnPtr: 0xcd50b6d1, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x66d1                   \n[INFO][fridaRegstNtv]: name: encodeBool, signature: (JLjava/lang/String;Z)Z, fnPtr: 0xcd50b76d, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x676d\n[INFO][fridaRegstNtv]: name: decodeBool, signature: (JLjava/lang/String;Z)Z, fnPtr: 0xcd50b7bf, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x67bf\n[INFO][fridaRegstNtv]: name: encodeInt, signature: (JLjava/lang/String;I)Z, fnPtr: 0xcd50b80f, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x680f\n[INFO][fridaRegstNtv]: name: decodeInt, signature: (JLjava/lang/String;I)I, fnPtr: 0xcd50b85b, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x685b\n[INFO][fridaRegstNtv]: name: encodeLong, signature: (JLjava/lang/String;J)Z, fnPtr: 0xcd50b8a5, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x68a5\n[INFO][fridaRegstNtv]: name: decodeLong, signature: (JLjava/lang/String;J)J, fnPtr: 0xcd50b8f7, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x68f7\n[INFO][fridaRegstNtv]: name: encodeFloat, signature: (JLjava/lang/String;F)Z, fnPtr: 0xcd50b953, modulename: libxxxx.so -\u003e base: 0xcd505000, offset: 0x6953\n......\n```\n\n# 安装\n\n```bash\ngit clone https://github.com/deathmemory/fridaRegstNtv.git\ncd fridaRegstNtv\nsudo npm install\nnpm run build\n```\n\n# 使用\n\n工程里已经生成了 `_fridaRegstNtv.js` 可以不用 build 直接使用。\n\n```bash\nfrida -U -l _fridaRegstNtv.js -f com.package.name --no-pause\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeathmemory%2FfridaRegstNtv","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeathmemory%2FfridaRegstNtv","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeathmemory%2FfridaRegstNtv/lists"}