def lua_check(process_name, script, zygote, abi, x86_arm, need_upate):
# 1. 获取进程id
process_id = ""
if zygote:
# 注入zygote
process_id = util.get_process_id("zygote")
else:
process_id = util.get_process_id(process_name)
if "" == process_id:
log.error("get process:%s id fail" % process_name)
return False, "", "", "", ""
# 2. 上传script脚本
remote_script = Command.upload_script(script)
if "" == remote_script:
log.error("remote script uplaod fail")
return False, "", "", "", ""
# 3. 判断client.so是否已经注入, 判断模块是否存在
check_so_name = Command.__client_mod_name
if x86_arm:
check_so_name = Command.__client_fake_name
if not util.check_module_exist(process_id, check_so_name):
log.warn("%s not in process" % check_so_name)
if not Command.inject_internal(process_id, abi, "", need_upate,
x86_arm):
return False, "", "", "", ""
# 4. 获取load so等路径
remote_loader = Command.__remote_path + abi + "/" + Command.__loader_name
remote_inject_so = Command.__remote_path + abi + "/" + Command.__client_mod_name
if x86_arm:
remote_inject_so = Command.__remote_path + abi + "/" + Command.__client_fake_name
return True, process_id, remote_script, remote_loader, remote_inject_so
def uninject(cmd_args):
opts, args = getopt.getopt(cmd_args, "p:",
["process=", "abi=", "zygote", "x86-arm"])
log.info("opts %s args:%s" % (opts, args))
process_name, abi = "", "x86"
need_push, x86_arm, zygote = False, False, False
for op, value in opts:
if op == "-p" or op == "--process":
process_name = value
elif op == "--abi":
abi = value
elif op == "--x86-arm":
x86_arm = True
elif op == "--zygote":
zygote = True
else:
log.error("unkown opt:%s value:%s" % (op, value))
return False
if len(opts) == 0:
process_name = args[0] if len(args) >= 1 else ""
abi = args[1] if len(args) >= 2 else ""
# 1. 获取进程id
process_id = ""
if zygote:
# 注入zygote
process_id = util.get_process_id("zygote")
else:
process_id = util.get_process_id(process_name)
if "" == process_id:
log.error("get process:%s id fail" % process_name)
return False
return Command.uninject_internal(process_id, abi, x86_arm)
def module(cmd_args):
opts, args = getopt.getopt(cmd_args, "p:m:", ["process=", "module="])
log.info("opts %s args:%s" % (opts, args))
process_name, module_name = "", ""
for op, value in opts:
if op == "-p" or op == "--process":
process_name = value
elif op == "-m" or op == "--module":
module_name = value
else:
log.error("unkown opt:%s value:%s" % (op, value))
return False
if len(opts) == 0:
process_name = args[0] if len(args) >= 1 else ""
module_name = args[1] if len(args) >= 2 else ""
# 获取进程id
process_id = util.get_process_id(process_name)
if "" == process_id:
log.error("get process:%s id fail" % process_name)
return False
# 获取模块信息
if module_name != "":
module_name = " | grep %s" % module_name
shell_cmd = util.getshell("cat /proc/%s/maps%s" %
(process_id, module_name))
ret, res_str = util.execute_cmd_with_stdout(shell_cmd)
if not ret:
return False
return True
def process(cmd_args):
opts, args = getopt.getopt(cmd_args, "p:", ["process="])
log.info("opts %s args:%s" % (opts, args))
process_name = ""
for op, value in opts:
if op == "-p" or op == "--process":
process_name = value
else:
log.error("unkown op:%s value:%s" % (op, value))
return False
if len(opts) == 0:
process_name = args[0] if len(args) >= 1 else ""
# 获取进程id
process_id = util.get_process_id(process_name)
if "" == process_id:
log.error("get process:%s id fail" % process_name)
return False
# 查看 status
shell_cmd = util.getshell("cat /proc/%s/status" % process_id)
ret, res_str = util.execute_cmd_with_stdout(shell_cmd)
if not ret:
return False
# 查看 cmdline
shell_cmd = util.getshell("cat /proc/%s/cmdline" % process_id)
ret, res_str = util.execute_cmd_with_stdout(shell_cmd)
if not ret:
return False
# 查看 cmdline
shell_cmd = util.getshell("cat /proc/%s/stat" % process_id)
ret, res_str = util.execute_cmd_with_stdout(shell_cmd)
if not ret:
return False
# 查看进程文件信息
shell_cmd = util.getshell("ls -l /proc/%s/fd/" % process_id)
ret, res_str = util.execute_cmd_with_stdout(shell_cmd)
if not ret:
return False
# 查看进程的内存信息
shell_cmd = util.getshell("cat /proc/%s/statm" % process_id)
ret, res_str = util.execute_cmd_with_stdout(shell_cmd)
if not ret:
return False
# 查看环境变量
shell_cmd = util.getshell("cat /proc/%s/environ" % process_id)
ret, res_str = util.execute_cmd_with_stdout(shell_cmd)
if not ret:
return False
return True
def queue_test(redis_rq: schema.RedisRq) -> JSONResponse:
""" Create a Job using redis rq """
job = redis_queue.enqueue(some_long_function,
jsonable_encoder(redis_rq),
job_id=get_process_id(),
job_timeout=RedisSettings.REDIS_JOB_TIMEOUT)
if job is None:
return JSONResponse(status_code=500,
content={"message": "Internal Server Error"})
return JSONResponse(status_code=200,
content={
"message": "success",
"job_id": job.id
})
def dump(cmd_args):
opts, args = getopt.getopt(
cmd_args, "p:m:b:s:n:c:e:",
["process=", "module=", "base=", "end=", "size=", "name=", "cbs="])
log.info("opts %s args:%s" % (opts, args))
process_name, module_name, file_name = "", "", ""
base_addr, end_addr, mem_size = 0, 0, 0
cbs = 1
for op, value in opts:
if op == "-p" or op == "--process":
process_name = value
elif op == "-m" or op == "--module":
module_name = value
elif op == "-b" or op == "--base":
base_addr = int(value, 16)
elif op == "-e" or op == "--end":
base_addr = int(value, 16)
elif op == "-s" or op == "--size":
mem_size = int(value, 16)
elif op == "-n" or op == "--name":
file_name = value
elif op == "-c" or op == "--cbs":
cbs = int(value, 10)
else:
log.error("unkown opt:%s value:%s" % (op, value))
return False
if len(opts) == 0:
process_name = args[0] if len(args) >= 1 else ""
module_name = args[1] if len(args) >= 2 else ""
# check args
if cbs <= 0:
log.error("error cbs:%d" % cbs)
return False
if process_name == "" or (module_name == "" and base_addr == 0):
log.error("error args:")
return False
# 获取进程id
process_id = util.get_process_id(process_name)
if "" == process_id:
log.error("get process:%s id fail" % process_name)
return False
# dump 内存
if base_addr != 0:
if mem_size == 0: mem_size = end_addr - base_addr
module_save_name = file_name if file_name != "" else "%08X" % base_addr
return util.dump(process_id, base_addr, mem_size, cbs,
module_save_name)
# 获取模块信息
mi_list = util.get_module_infos(process_id, module_name)
if 0 == len(mi_list):
log.error("get process:%s module:%s fail" %
(process_name, module_name))
return False
# 模块dump
multi_module = (len(mi_list) != 1)
for mi in mi_list:
# 得到模块起始地址和结束地址,计算大小
module_size = (int(mi[1], 16) - int(mi[0], 16))
module_base = int(mi[0], 16)
module_save_name = file_name if file_name != "" else module_name
if multi_module:
module_name_elems = os.path.splitext(module_save_name)
if len(module_name_elems) > 1:
module_save_name = "".join(
module_name_elems[:-1]
) + "_" + mi[0] + module_name_elems[-1]
else:
module_save_name = module_save_name + "_" + mi[0]
if not util.dump(process_id, module_base, module_size, cbs,
module_save_name):
return False
return True