我是靠谱客的博主 眯眯眼犀牛,最近开发中收集的这篇文章主要介绍知识笔记 - 记录JS逆向中常用的Hook方法1. hook cookie2. hook eval3. hook 字符串方法4. hook debugger5. hook ajax,觉得挺不错的,现在分享给大家,希望可以做个参考。
概述
文章目录
- 1. hook cookie
- 2. hook eval
- 3. hook 字符串方法
- 4. hook debugger
- 5. hook ajax
1. hook cookie
(function() {
console.log('enter cookiehook')
var cookieTemp = '';
Object.defineProperty(document, 'cookie', {
set: function(val) {
console.log('捕获到cookie设置->', val);
if (val.indexOf('target') != -1) {
debugger;
}
cookieTemp = val;
return val;
},
get: function() {
console.log(document.cookie)
return document.cookie;
},
});
})()
2. hook eval
(function() {
var _eval = window.eval;
window.eval = function(x){
debugger;
_eval(x);
};
//防检测
window.eval.toString = _eval.toString;
})();
3. hook 字符串方法
//split方法
String.prototype._split=String.prototype.split;
String.prototype.split = function(val){
debugger;
return this.toString()._spilt(val)
}
//伪装原型链
String.prototype.split.toString=function(){
return 'function split() { [native code] }'
}
4. hook debugger
//方式1
Function.prototype.constructor=function(){};
Function.prototype.constructor_bc=Function.prototype.constructor;
Function.prototype.constructor=function(){
if (arguments==="debugger"){return}
else{return Function.prototype.constructor_bc.apply(this,arguments)}
};
//方式2
_eval = eval
eval = function () {
if (argument.indexOf("debugger") === 0) {
return
}
return _eval.apply(argument)
}
//方式3
_eval = eval
eval = function () {
reg = RegExp(/debugger/)
if (reg.exec(argument)) {
return
}
return _eval.apply(argument)
}
//方式4
_Function = Function
Function = function () {
if (argument.indexOf("debugger") === 0) {
return
}
return _Function.apply(argument)
}
//方式5
_Function = Function
Function = function () {
reg = RegExp(/debugger/)
if (reg.exec(argument)) {
return
}
return _Function.apply(argument)
}
5. hook ajax
!function (t) {
function n(e) {
if (r[e]) return r[e].exports;
var i = r[e] = {
exports: {},
id: e,
loaded: !1
};
return t[e].call(i.exports, i, i.exports, n),
i.loaded = !0,
i.exports
}
var r = {};
return n.m = t,
n.c = r,
n.p = "",
n(0)
}([function (t, n, r) {
r(1)(window)
},
function (t, n) {
t.exports = function (t) {
var n = "RealXMLHttpRequest";
t.hookAjax = function (t) {
function r(n) {
return function () {
var r = this.hasOwnProperty(n + "_") ? this[n + "_"] : this.xhr[n],
e = (t[n] || {}).getter;
return e && e(r, this) || r
}
}
function e(n) {
return function (r) {
var e = this.xhr,
i = this,
o = t[n];
if ("function" == typeof o) e[n] = function () {
t[n](i) || r.apply(e, arguments)
};
else {
var u = (o || {}).setter;
r = u && u(r, i) || r;
try {
e[n] = r
} catch (t) {
this[n + "_"] = r
}
}
}
}
function i(n) {
return function () {
var r = [].slice.call(arguments);
if (!t[n] || !t[n].call(this, r, this.xhr)) return this.xhr[n].apply(this.xhr, r)
}
}
return window[n] = window[n] || XMLHttpRequest,
XMLHttpRequest = function () {
var t = new window[n];
for (var o in t) {
var u = "";
try {
u = typeof t[o]
} catch (t) {
}
"function" === u ? this[o] = i(o) : Object.defineProperty(this, o, {
get: r(o),
set: e(o),
enumerable: !0
})
}
this.xhr = t
},
window[n]
},
t.unHookAjax = function () {
window[n] && (XMLHttpRequest = window[n]),
window[n] = void 0
},
t.default = t
}
}]);
hookAjax(
// hook functions and callbacks of XMLHttpRequest object
{
onreadystatechange: function (xhr) {
//console.log("onreadystatechange called: %O", xhr)
},
onload: function (xhr) {
//console.log("onload called: %O", xhr)
xhr.responseText = "hook" + xhr.responseText;
},
open: function (arg, xhr) {
console.log("open called: method:%s,url:%s,async:%s", arg[0], arg[1], arg[2], xhr);
// arg[1] += "?hook_tag=1";
//统一添加请求头
},
send: function (arg, xhr) {
console.log("send called: %O", arg[0]);
xhr.setRequestHeader("_custom_header_", "ajaxhook")
},
setRequestHeader: function (arg, xhr) {
console.log("setRequestHeader called!", arg)
},
// hook attributes of XMLHttpRequest object
timeout: {
setter: function (v, xhr) {
//timeout shouldn't exceed 10s
return Math.max(v, 1000);
}
}
}
);
最后
以上就是眯眯眼犀牛为你收集整理的知识笔记 - 记录JS逆向中常用的Hook方法1. hook cookie2. hook eval3. hook 字符串方法4. hook debugger5. hook ajax的全部内容,希望文章能够帮你解决知识笔记 - 记录JS逆向中常用的Hook方法1. hook cookie2. hook eval3. hook 字符串方法4. hook debugger5. hook ajax所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复