I'm trying to hook a method in an app for which I don't know the source code but I have the APK.
I loaded the APK inside Android Studio and found that in the classes2.dex file there is a method named posteitaliane.posteapp.appposteid.home.HomeAct.onBackPressed() which triggers a dialog box saying "Are you sure you want to quit the app" or along the lines of that.
Here's the screenshot of the method being shown in Android Studio:
I wrote this simple script just to test that simply prints to the console when the method is called:
Java.perform(function() {
var homeActClass = Java.use("posteitaliane.posteapp.appposteid.home.HomeAct");
homeActClass.onBackPressed.implementation = function(){
console.log("[ + ] onBackPressed called! ");
this.onBackPressed(); //Call the original function
}
});
Here is the Python script that loads the script and starts Frida:
import frida, sys
with open("script_hook.js") as f:
jscode = f.read()
process = frida.get_usb_device().attach('PosteID')
script = process.create_script(jscode)
print('[ * ] Attaching to PosteID application...')
script.load()
sys.stdin.read()
When I'm on the home screen, and I'm sure that the class is right because the Android Studio profiler tells me this:
If I try to go back the dialog box shows up, but nothing gets printed to the console.
I can't understand what I'm doing wrong here.