ios frida拦截网络请求参数与回调block frida back_frida拦截弹窗

frida抓取网络请求包主要代码,拦截block 

if(ObjC.available){ //判断Object-C类方法是否已经加载进来
    console.log('\n[*] Starting Hooking');
    var _className = "AFHTTPSessionManager"; //类名
    var _methodName = "- POST:parameters:progress:success:failure:"; //方法名
    var hooking = ObjC.classes[_className][_methodName]; //通过ObjC.classes返回当前注册类的映射表找到想要hook的类名、方法名
    console.log('className is: ' + _className + ' and methodName is: ' + _methodName);
    const pendingBlocks = new Set()
    Interceptor.attach(hooking.implementation,{ 
        onEnter: function(args) {
            //args[0]:self
            //args[1]:The selector
            //args[2]:方法的第一个参数开始
            var param = new ObjC.Object(args[2]);
            console.log('请求url:'+param);
            var param2 = new ObjC.Object(args[3]);
            console.log('请求参数:'+param2);
            const block = new ObjC.Block(args[5]);
            pendingBlocks.add(block); // Keep it alive
            const appCallback = block.implementation;
            block.implementation = (success1, success2) => {
              console.log('网络请求成功回调success1'+success1+'success2'+success2);
              const result = appCallback(success1, success2);
               pendingBlocks.delete(block);
             return result;
 
            };
        },
        onLeave:function(returnValue){
            //如下代码则是我们在函数调用之后 打印函数的返回值及函数返回值类型
            console.log('Return value of: ');
            console.log(' ' + this._className + ' --> ' + this._methodName);
            var typeValue = Object.prototype.toString.call(returnValue);
            console.log("\t[-] Type of return value: " + typeValue);
            console.log("\t[-] Return Value: " + returnValue);
        }
    });
}