打印ByteBuffer数据和字符串值

Frida的js中，想要打印Android中Java的ByteBuffer的数据（最好打印出对应字符串）：

工具类函数：

  // java ByteBuffer to String
  static javaByteBufferToStr(byteBufer){
    console.log(`javaByteBufferToStr: byteBufer=${byteBufer}`)
    // javaByteBufferToStr: byteBufer=java.nio.DirectByteBuffer[pos=793 lim=16375 cap=16375]
    // // record current status
    // var oldLimit = byteBufer.limit()
    // var oldPositon = byteBufer.position()
    // console.log(`oldLimit=${oldLimit}, oldPositon=${oldPositon}`)
    byteBufer.flip() // rewind to start position
    console.log(`after ${byteBufer} flip`)
    // after java.nio.DirectByteBuffer[pos=0 lim=793 cap=16375] flip
    // var utf8CharBuffer = FridaAndroidUtil.StandardCharsets.UTF_8.decode(byteBufer)
    // var charsetUtf8 = FridaAndroidUtil.StandardCharsets.UTF_8
    var charsetUtf8 = FridaAndroidUtil.StandardCharsets.UTF_8.value
    console.log("charsetUtf8=" + charsetUtf8)
    // charsetUtf8=UTF-8
    var utf8CharBuffer = charsetUtf8.decode(byteBufer)
    console.log("utf8CharBuffer=" + utf8CharBuffer)
    var utf8BufStr = utf8CharBuffer.toString()
    console.log("utf8BufStr=" + utf8BufStr)
    // // restore status before flip
    // byteBufer.limit(oldLimit)
    // byteBufer.position(oldPositon)

    return utf8BufStr
  }

调用代码：

    // public final void onReadSucceeded(boolean z) {
    // 
    var func_CronetUploadDataStream_onReadSucceeded = cls_CronetUploadDataStream.onReadSucceeded
    console.log("func_CronetUploadDataStream_onReadSucceeded=" + func_CronetUploadDataStream_onReadSucceeded)
    if (func_CronetUploadDataStream_onReadSucceeded) {
      func_CronetUploadDataStream_onReadSucceeded.implementation = function (z) {
        var funcName = "CronetUploadDataStream.onReadSucceeded"
        var funcParaDict = {
          "z": z,
        }
        FridaAndroidUtil.printFunctionCallAndStack(funcName, funcParaDict)

        // var mByteBuffer_before = this.mByteBuffer
        var mByteBuffer_before = this._g
        console.log("mByteBuffer_before=" + mByteBuffer_before)
        var mByteBufferVar_before = this._g.value
        console.log("mByteBufferVar_before=" + mByteBufferVar_before)

        var reqBodyData = mByteBufferVar_before
        console.log("reqBodyData=" + reqBodyData)
        // var reqBodyByteArr = reqBodyData.array()
        // console.log("reqBodyByteArr=" + reqBodyByteArr)

        // var reqBodyUtf8Str = FridaAndroidUtil.javaByteBufferToStr(reqBodyData)
        // copy ByteBuffer
        var forProcessByteBuffer = reqBodyData.duplicate()
        console.log("forProcessByteBuffer=" + forProcessByteBuffer)
        var reqBodyUtf8Str = FridaAndroidUtil.javaByteBufferToStr(forProcessByteBuffer)
        console.log("reqBodyUtf8Str=" + reqBodyUtf8Str)

        console.log(`before ${funcName}: buffer data=${reqBodyData}`)

        this.onReadSucceeded(z)

        // var mByteBuffer_after = this._g
        // console.log("mByteBuffer_after=" + mByteBuffer_after)
        // var mByteBufferVar_after = this._g.value
        // console.log("mByteBufferVar_after=" + mByteBufferVar_after)

        return
      }
    }

相关日志：

mByteBuffer_before=Java.Field{holder: org.chromium.net.impl.CronetUploadDataStream@955dfbe, fieldType: 2, fieldReturnType: Ljava/nio/ByteBuffer;, value: java.nio.DirectByteBuffer[pos=796 lim=16375 cap=16375]}
mByteBufferVar_before=java.nio.DirectByteBuffer[pos=796 lim=16375 cap=16375]
reqBodyData=java.nio.DirectByteBuffer[pos=796 lim=16375 cap=16375]
forProcessByteBuffer=java.nio.DirectByteBuffer[pos=796 lim=16375 cap=16375]
javaByteBufferToStr: byteBufer=java.nio.DirectByteBuffer[pos=796 lim=16375 cap=16375]
after java.nio.DirectByteBuffer[pos=0 lim=796 cap=16375] flip
charsetUtf8=UTF-8
utf8CharBuffer=X-subtype=xxx&sender=xxx&X-app_ver=56969&X-osv=34&X-cliv=fcm-22.0.0&X-xxx=250861022&X-appid=yyy&X-scope=*&X-Goog-Firebase-Installations-Auth=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.zz.zz&X-gmp_app_id=1%3Axxx%3Aandroid%bbb&X-firebase-app-name-hash=R1dAH9Ui7M-zzz&X-app_ver_name=11.7.3&app=org.telegram.messenger.web&device=bbb&app_ver=56969&gcm_ver=250861022&plat=0&cert=aaa&target_ver=34
utf8BufStr=X-subtype=xxx&sender=xxx&X-app_ver=56969&X-osv=34&X-cliv=fcm-22.0.0&X-xxx=250861022&X-appid=yyy&X-scope=*&X-Goog-Firebase-Installations-Auth=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.zz.zz&X-gmp_app_id=1%3Axxx%3Aandroid%bbb&X-firebase-app-name-hash=R1dAH9Ui7M-zzz&X-app_ver_name=11.7.3&app=org.telegram.messenger.web&device=bbb&app_ver=56969&gcm_ver=250861022&plat=0&cert=aaa&target_ver=34
reqBodyUtf8Str=X-subtype=xxx&sender=xxx&X-app_ver=56969&X-osv=34&X-cliv=fcm-22.0.0&X-xxx=250861022&X-appid=yyy&X-scope=*&X-Goog-Firebase-Installations-Auth=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.zz.zz&X-gmp_app_id=1%3Axxx%3Aandroid%bbb&X-firebase-app-name-hash=R1dAH9Ui7M-zzz&X-app_ver_name=11.7.3&app=org.telegram.messenger.web&device=bbb&app_ver=56969&gcm_ver=250861022&plat=0&cert=aaa&target_ver=34
before CronetUploadDataStream.onReadSucceeded: buffer data=java.nio.DirectByteBuffer[pos=796 lim=16375 cap=16375]

打印ByteBuffer数据和字符串值

打印ByteBuffer数据和字符串值

results matching ""

No results matching ""