frida-fusion 0.1.3__tar.gz → 0.1.5__tar.gz

{frida-fusion-0.1.3 → frida-fusion-0.1.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: frida-fusion
-Version: 0.1.3
+Version: 0.1.5
 Summary: Hook your mobile tests with Frida
 Author-email: "Helvio Junior (M4v3r1ck)" <helvio_junior@hotmail.com>
 Maintainer-email: "Helvio Junior (M4v3r1ck)" <helvio_junior@hotmail.com>
@@ -64,11 +64,65 @@ Modules:
 
 ## Install
 
-> :information_source: We recommend using `pipx` rather than `pip` for system-wide installation.
+```
+pip3 install frida-fusion
+```
+
+## Module engine
+
+You can check available modules with `frida-fusion --list-modules` command.
+
+```bash
+frida-fusion --list-modules
+
+ [ FRIDA ]—o—( FUSION )—o—[ MOBILE TESTS ] // v0.1.4
+     > hook your mobile tests with Frida
+
 
+Available modules
+  Module Name     : Description
+  Crypto          : Hook cryptography/hashing functions
 ```
-python3 -m pipx install frida-fusion
+
+### External modules
+
+You can develop or download community modules and load into frida-fusion.
+
+To pass to the Frida Fusion the external module path you can use the environment variable `FUSION_MODULES` with the full path of modules
+
+At linux:
+
+```bash
+export FUSION_MODULES=/tmp/modules
+
+# List all modules
+frida-fusion --list-modules
+
+# Using available module
+frida-fusion -f [app_id] -U --script-path . -m [module_name]
 ```
 
-> :information_source: Check whether you also need to run the `python3 -m pipx ensurepath` command.
+At windows:
 
+```bash
+$env:FUSION_MODULES = "C:\extra_mods"
+
+# List all modules
+frida-fusion --list-modules
+
+# Using available module
+frida-fusion -f [app_id] -U --script-path . -m [module_name]
+```
+
+### Community modules
+
+You can also use one of community developed modules
+
+```bash
+cd /tmp/
+git clone https://github.com/helviojunior/frida-fusion-community-modules
+export FUSION_MODULES=/tmp/frida-fusion-community-modules
+
+# List all modules
+frida-fusion --list-modules
+```

{frida-fusion-0.1.3 → frida-fusion-0.1.5}/README.md

@@ -34,11 +34,65 @@ Modules:
 
 ## Install
 
-> :information_source: We recommend using `pipx` rather than `pip` for system-wide installation.
+```
+pip3 install frida-fusion
+```
+
+## Module engine
+
+You can check available modules with `frida-fusion --list-modules` command.
+
+```bash
+frida-fusion --list-modules
+
+ [ FRIDA ]—o—( FUSION )—o—[ MOBILE TESTS ] // v0.1.4
+     > hook your mobile tests with Frida
+
 
+Available modules
+  Module Name     : Description
+  Crypto          : Hook cryptography/hashing functions
 ```
-python3 -m pipx install frida-fusion
+
+### External modules
+
+You can develop or download community modules and load into frida-fusion.
+
+To pass to the Frida Fusion the external module path you can use the environment variable `FUSION_MODULES` with the full path of modules
+
+At linux:
+
+```bash
+export FUSION_MODULES=/tmp/modules
+
+# List all modules
+frida-fusion --list-modules
+
+# Using available module
+frida-fusion -f [app_id] -U --script-path . -m [module_name]
 ```
 
-> :information_source: Check whether you also need to run the `python3 -m pipx ensurepath` command.
+At windows:
 
+```bash
+$env:FUSION_MODULES = "C:\extra_mods"
+
+# List all modules
+frida-fusion --list-modules
+
+# Using available module
+frida-fusion -f [app_id] -U --script-path . -m [module_name]
+```
+
+### Community modules
+
+You can also use one of community developed modules
+
+```bash
+cd /tmp/
+git clone https://github.com/helviojunior/frida-fusion-community-modules
+export FUSION_MODULES=/tmp/frida-fusion-community-modules
+
+# List all modules
+frida-fusion --list-modules
+```

{frida-fusion-0.1.3 → frida-fusion-0.1.5}/frida_fusion/__meta__.py

@@ -1,4 +1,4 @@
-__version__ = '0.1.3'
+__version__ = '0.1.5'
 __title__ = "Frida Fusion"
 __description__ = "📱 frida-fusion - runtime mobile exploration"
 __url__ = "https://github.com/helviojunior/frida-fusion"

{frida-fusion-0.1.3 → frida-fusion-0.1.5}/frida_fusion/config.py

@@ -6,7 +6,7 @@ import sys
 import signal
 from pathlib import Path
 
-from .module import Module
+from .module import Module, ModuleManager, InternalModule, ExternalModule
 from .libs.color import Color
 from .libs.logger import Logger
 from .__meta__ import __version__
@@ -71,15 +71,27 @@ class Configuration(object):
         #show_help = any(['-h' == word for word in sys.argv])
 
         if list_modules:
-            mods = Module.list_modules()
+            mods = ModuleManager.list_modules()
+
+            if len(mods) == 0:
+                Color.pl('{!} {R}error: no modules found{R}{W}\r\n')
+                sys.exit(1)
+
             max_name = max(iter([
                 len(m.name) + 3
                 for _, m in mods.items()
             ] + [15]))
-            Color.pl(f"Available modules")
-            Color.pl(f"  {'Module Name'.ljust(max_name)} : Description")
-            for _, m in mods.items():
-                Color.pl(f"  {m.name.ljust(max_name)} : {m.description}")
+            Color.pl(f"Available internal modules")
+            for m in [m for _, m in mods.items() if isinstance(m, InternalModule)]:
+                Color.pl(f"  {m.safe_name().ljust(max_name)} : {m.description}")
+
+            Color.pl(f"\nAvailable external modules")
+            ext_mods = [m for _, m in mods.items() if isinstance(m, ExternalModule)]
+            if len(ext_mods) == 0:
+                Color.pl(("  No external modules available. You can set {G}FUSION_MODULES{W} environment variable "
+                          "to set an external modules Path"))
+            for m in ext_mods:
+                Color.pl(f"  {m.safe_name().ljust(max_name)} : {m.description}")
 
             print("")
             sys.exit(0)
@@ -167,19 +179,19 @@ class Configuration(object):
         Logger.pl('     {C}min debug level:{O} %s{W}' % str(args.debug_level).upper())
 
         if args.enabled_modules is not None and isinstance(args.enabled_modules, list):
-            mods = Module.list_modules()
+            mods = ModuleManager.list_modules()
             for mod in args.enabled_modules:
                 fm = next(iter([
                     m
                     for _, m in mods.items()
-                    if m.name.lower() == mod.lower()
+                    if m.safe_name() == mod.lower()
                 ]), None)
                 if fm is None:
                     Color.pl(
                         '{!} {R}error: module {O}%s{R} not found{W}\r\n' % mod)
                     sys.exit(1)
 
-                name = fm.name.lower()
+                name = fm.safe_name()
                 if name not in Configuration.enabled_modules.keys():
                     Configuration.enabled_modules[name] = fm
 

{frida-fusion-0.1.3 → frida-fusion-0.1.5}/frida_fusion/fusion.py

@@ -216,7 +216,7 @@ class Fusion(object):
         self.session = self.device.attach(self.pid)
         self.session.on("detached", self.on_detached)
 
-        Logger.pl("{+} Iniciando scripts frida...")
+        Logger.pl("{+} Starting frida scripts")
         self.load_all_scripts()
         self.device.resume(self.pid)
 
@@ -227,7 +227,7 @@ class Fusion(object):
         self.session = self.device.attach(self.pid)
         self.session.on("detached", self.on_detached)
 
-        Logger.pl("{+} Iniciando scripts frida...")
+        Logger.pl("{+} Starting frida scripts")
         self.load_all_scripts()
         self.device.resume(self.pid)
 
@@ -242,7 +242,7 @@ class Fusion(object):
         self.session = self.device.attach(self.pid)
         self.session.on("detached", self.on_detached)
 
-        Logger.pl("{+} Iniciando scripts frida...")
+        Logger.pl("{+} Starting frida scripts")
         self.load_all_scripts()
 
     def make_handler(self, script_name):
@@ -631,16 +631,19 @@ class Fusion(object):
         Configuration.initialize()
 
         try:
+            print(f" 🛠️  Starting Frida Fusion instrumentation")
+            timestamp = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
+            Logger.pl('{+} {C}Start time {O}%s{W}' % timestamp)
+
             self._modules = [
                 m.create_instance()
                 for _, m in Configuration.enabled_modules.items()
             ]
-            for m in self._modules:
-                m.start_db(db_path=Configuration.db_path)
 
-            print(f" 🛠️  Iniciando instrumentação Frida")
-            timestamp = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
-            Logger.pl('{+} {C}Start time {O}%s{W}' % timestamp)
+            if len(self._modules) > 0:
+                Logger.pl("{+} Starting selected modules")
+                for m in self._modules:
+                    m.start_module(db_path=Configuration.db_path)
 
             self.get_device()
             if self.device is not None:

frida-fusion-0.1.5/frida_fusion/libs/helpers.js

@@ -0,0 +1,305 @@
+/*  Android Scripts
+    Author: Hélvio - M4v3r1ck
+*/
+
+
+function waitForClass(name, onReady) {
+    var intv = setInterval(function () {
+      try {
+        var C = Java.use(name);
+        clearInterval(intv);
+        onReady(C);
+      } catch (e) { /* ainda não carregou */ }
+    }, 100);
+}
+
+function printStackTrace(){
+    var trace = Java.use("android.util.Log").getStackTraceString(Java.use("java.lang.Exception").$new());
+    trace = trace.replace("java.lang.Exception\n", "Stack trace:\n");
+    sendMessage("*", trace);
+}
+
+function toBytes(message){
+    try{
+        const StringClass = Java.use('java.lang.String');
+        var bTxt = StringClass.$new(message).getBytes('utf-8');
+
+        return bTxt;
+    } catch (err) {
+        sendMessage("*", err)
+    }
+}
+
+function toBase64(message){
+    try{
+        const StringClass = Java.use('java.lang.String');
+        const Base64Class = Java.use('android.util.Base64');
+        var bTxt = StringClass.$new(message).getBytes('utf-8');
+        var b64Msg = Base64Class.encodeToString(bTxt, 0x00000002); //Base64Class.NO_WRAP = 0x00000002
+
+        return b64Msg;
+    } catch (err) {
+        sendMessage("*", err)
+    }
+}
+
+function bytesToBase64(message){
+
+    if (message === null || message === undefined) return "IA==";
+    try {
+        // 1) Confirma tipo byte[], se não tenta converter em string
+        message = Java.array('byte', message);
+
+        // 2) Tem 'length' numérico
+        const len = message.length;
+        if (typeof len !== "number") return "IA==";
+
+        // 3) (opcional) Exigir conteúdo
+        if (len === 0) return "IA==";
+
+    } catch (e) {
+        return "IA==";
+    }
+
+    try{
+        
+        const Base64Class = Java.use('android.util.Base64');
+        var b64Msg = Base64Class.encodeToString(message, 0x00000002); //Base64Class.NO_WRAP = 0x00000002
+
+        return b64Msg;
+    } catch (err) {
+        sendMessage("*", err)
+        return "IA==";
+    }
+}
+
+function getCallerInfo() {
+  try{
+    const stack = new Error().stack.split("\n");
+
+    //Skip Error and getCallerInfo from stack trace
+    for (let i = 2; i < stack.length; i++) {
+      const line = stack[i].trim();
+
+      // Extrai: functionName (file:line:col)
+      // ou apenas (file:line:col) se não tiver nome
+      const m = line.match(/at\s+(?:(\S+)\s+)?[\( ]?(\S+):(\d+)\)?$/);
+      if (m) {
+        const func = m[1] || "";
+        const file = m[2];
+        const ln   = parseInt(m[3], 10);
+
+        // Ignora funções cujo nome comece com "send" (qualquer case)
+        if (/^send/i.test(func)) continue;
+        if (/^isend/i.test(func)) continue;
+
+        return { file_name: file, function_name: func, line: ln };
+      }
+    }
+  } catch (err) {
+    console.log(`Error: ${err}`)
+  }
+  return null;
+}
+
+function iSend(payload1, payload2){
+    try{
+        const info = getCallerInfo();
+        send({
+          payload: payload1,
+          location: info
+        }, payload2);
+    } catch (err) {
+        //sendMessage("*", err)
+        console.log(`Error: ${err}`)
+    }
+}
+
+function sendData(mType, jData, bData){
+    //iSend('{"type" : "'+ mType +'", "jdata" : "'+ jData +'"}', bData);
+    iSend({
+      type: mType,
+      jdata: jData
+    }, bData)
+}
+
+function sendKeyValueData(module, items) {
+    var st = getB64StackTrace();
+
+    var data = [];
+
+    // Force as String
+    for (let i = 0; i < items.length; i++) {
+        data = data.concat([{key: `${items[i].key}`, value:`${items[i].value}`}]);
+    }
+
+    iSend({
+      type: "key_value_data",
+      module: module,
+      data: data,
+      stack_trace: st
+    }, null);
+
+
+    /*
+    var jData = `{"type" : "key_value_data", "module": "${module}", "data": [`;
+    for (let i = 0; i < items.length; i++) {
+        if (i > 0) {
+            jData += `, `
+        }
+        jData += `{"key": "${items[i].key}", "value": "${items[i].value}"}`
+    }
+    jData += `], "stack_trace": "${st}"}`;
+    iSend(jData, "");
+    */
+}
+
+function sendMessage(level, message){
+    try{
+        const StringClass = Java.use('java.lang.String');
+        const Base64Class = Java.use('android.util.Base64');
+        var bTxt = StringClass.$new(message).getBytes('utf-8');
+        var b64Msg = Base64Class.encodeToString(bTxt, 0x00000002); //Base64Class.NO_WRAP = 0x00000002
+
+        //send('{"type" : "message", "level" : "'+ level +'", "message" : "'+ b64Msg +'"}');
+        iSend({
+          type: "message",
+          level: level,
+          message: b64Msg
+        }, null)
+    } catch (err) {
+        sendMessage("*", err)
+        //sendMessage('-', 'secret_key_spec.$init.overload error: ' + err + '\n' + err.stack);
+    }
+}
+
+function sendError(error) {
+    try{
+        sendMessage("-", error + '\n' + error.stack);
+    } catch (err) {
+        sendMessage("*", err)
+    }
+}
+
+function encodeHex(byteArray) {
+    
+    const HexClass = Java.use('org.apache.commons.codec.binary.Hex');
+    const StringClass = Java.use('java.lang.String');
+    const hexChars = HexClass.encodeHex(byteArray);
+    //sendMessage("*", StringClass.$new(hexChars).toString());
+    //Buffer.from(bufStr, 'utf8');
+    //sendMessage("*", new Uint8Array(byteArray));
+    return StringClass.$new(hexChars).toString();
+    
+}
+
+function getB64StackTrace(){
+
+    try{
+        const StringClass = Java.use('java.lang.String');
+        const Base64Class = Java.use('android.util.Base64');
+        var trace = Java.use("android.util.Log").getStackTraceString(Java.use("java.lang.Exception").$new());
+        trace = trace.replace("java.lang.Exception\n", "Stack trace:\n");
+        var bTrace = StringClass.$new(trace).getBytes('utf-8');
+        var b64Msg = Base64Class.encodeToString(bTrace, 0x00000002); //Base64Class.NO_WRAP = 0x00000002
+
+        return b64Msg
+
+    } catch (err) {
+        sendMessage("*", err);
+        return '';
+    }
+}
+
+function enumMethods(targetClass)
+{
+  var hook = Java.use(targetClass);
+  var ownMethods = hook.class.getDeclaredMethods();
+  hook.$dispose;
+
+  return ownMethods;
+}
+
+function printMethods(hook)
+{
+  var ownMethods = hook.class.getDeclaredMethods();
+  ownMethods.forEach(function(s) { 
+    //sendMessage(s);
+    sendMessage('*', s);
+  });
+
+}
+
+function intToHex(intVal)
+{
+    return intVal.toString(16);
+}
+
+
+Java.perform(function () {
+  const Thread = Java.use('java.lang.Thread');
+  const UEH = Java.registerClass({
+    name: 'br.com.sec4us.UehProxy',
+    implements: [Java.use('java.lang.Thread$UncaughtExceptionHandler')],
+    methods: {
+      uncaughtException: [{
+        returnType: 'void',
+        argumentTypes: ['java.lang.Thread', 'java.lang.Throwable'],
+        implementation: function (t, e) {
+          try {
+            const Throwable = Java.use('java.lang.Throwable');
+            const sw = Java.use('java.io.StringWriter').$new();
+            const pw = Java.use('java.io.PrintWriter').$new(sw);
+            Throwable.$new(e).printStackTrace(pw);
+            send({ type: 'java-uncaught', thread: t.getName(), stack: sw.toString() });
+          } catch (err) { send({ type: 'java-uncaught-error', err: err+'' }); }
+          // Opcional: impedir que o app morra? Não é garantido; normalmente o processo cai.
+        }
+      }]
+    }
+  });
+
+  // Define globalmente
+  Thread.setDefaultUncaughtExceptionHandler(UEH.$new());
+});
+
+function formatBacktrace(frames) {
+  return frames.map((addr, i) => {
+    const sym = DebugSymbol.fromAddress(addr);
+    const mod = Process.findModuleByAddress(addr);
+    const off = (mod && addr.sub(mod.base)) ? "0x" + addr.sub(mod.base).toString(16) : String(addr);
+    const name = (sym && sym.name) ? sym.name : "<unknown>";
+    const modname = mod ? mod.name : "<unknown>";
+    return `${i.toString().padStart(2)}  ${name} (${modname}+${off})`;
+  });
+}
+
+Process.setExceptionHandler(function (details) {
+  let frames;
+  try {
+    frames = Thread.backtrace(details.context, Backtracer.ACCURATE);
+  } catch (e) {
+    frames = Thread.backtrace(details.context, Backtracer.FUZZY);
+  }
+
+  const pretty = formatBacktrace(frames);
+
+  send({
+    type: "native-exception",
+    details: {
+      message: details.message,
+      type: details.type,
+      address: String(details.address),
+      memory: details.memory,
+      context: details.context,
+      nativeContext: String(details.nativeContext),
+      backtrace: pretty,                 // <— pilha simbólica
+      backtrace_raw: frames.map(String)  // <— opcional: endereços puros
+    }
+  });
+
+  // true = tenta engolir a exceção; se quiser ver o processo cair, retorne false
+  return false;
+});
+
+sendMessage("W", "Helper functions have been successfully initialized.")

frida-fusion-0.1.5/frida_fusion/module.py

@@ -0,0 +1,272 @@
+import os
+import sys
+import re
+import frida
+import pkgutil
+import importlib
+import requests
+import importlib.util
+from pathlib import Path
+
+from typing import TYPE_CHECKING
+
+from .__meta__ import __version__
+from .libs.logger import Logger
+
+if TYPE_CHECKING:
+    from .fusion import Fusion  # só no type checker
+
+
+class ModuleLoaderError(Exception):
+    pass
+
+
+class ModuleBase(object):
+
+    name = ''
+    description = ''
+    mod_path = ''
+
+    def __init__(self, name, description):
+        self.name = name
+        self.description = description
+        self.mod_path = str(Path(__file__).resolve().parent)
+        pass
+
+    def safe_name(self):
+        return ModuleBase.get_safe_name(self.name)
+
+    def start_module(self, **kwargs) -> bool:
+        raise Exception('Method "start_module" is not yet implemented.')
+
+    def js_files(self) -> list:
+        return []
+
+    def key_value_event(self,
+                        script_location: "Fusion.ScriptLocation" = None,
+                        stack_trace: str = None,
+                        module: str = None,
+                        received_data: dict = None
+                        ) -> bool:
+        raise Exception('Method "key_value_event" is not yet implemented.')
+
+    def data_event(self,
+                   script_location: "Fusion.ScriptLocation" = None,
+                   stack_trace: str = None,
+                   received_data: str = None
+                   ) -> bool:
+        raise Exception('Method "data_event" is not yet implemented.')
+
+    @staticmethod
+    def get_safe_name(name):
+        name = name.replace(" ", "_").lower()
+        return re.sub(r'[^a-zA-Z0-9_.-]+', '', name)
+
+    @classmethod
+    def _get_codeshare(cls, uri: str) -> dict:
+
+        if uri is None or len(uri) <= 10:
+            raise Exception("Invalid codeshare uri. Uri must be only user/project_name.")
+
+        uri = uri.strip(" /@.")
+
+        headers = {
+            "Accept": "application/vnd.github+json",
+            "User-Agent": f"Frida-fusion v{__version__}, Frida v{frida.__version__}"
+        }
+
+        try:
+            resp = requests.get(f"https://codeshare.frida.re/api/project/{uri}", headers=headers, timeout=30)
+            resp.raise_for_status()
+            data = resp.json()
+            if data is None:
+                raise Exception("data is empty")
+
+            if data.get('source', None) is None or data.get('source', '').strip(" \r\n") == "":
+                raise Exception("source code is empty")
+
+            return data
+
+        except Exception as e:
+            raise ModuleLoaderError("Error getting codeshare data") from e
+
+
+class Module(object):
+    modules = {}
+
+    def __init__(self, name, description, module, qualname, class_name):
+        self.name = name
+        self.description = description
+        self.module = module
+        self.qualname = qualname
+        self._class = class_name
+        pass
+
+    def safe_name(self):
+        return ModuleBase.get_safe_name(self.name)
+
+    def create_instance(self):
+        return self._class()
+
+    @classmethod
+    def get_base_module(cls) -> str:
+        file = Path(__file__).stem
+
+        parent_module = f'.{cls.__module__}.'.replace(f'.{file}.', '').strip(' .')
+
+        return '.'.join((parent_module, 'modules'))
+
+
+class InternalModule(Module):
+    pass
+
+
+class ExternalModule(Module):
+    pass
+
+
+class ModuleManager:
+    @classmethod
+    def _safe_import_from_path(cls, path: Path, loaded_files: set):
+        """
+        Importa um .py arbitrário usando um nome único e registra o arquivo
+        para não ser importado duas vezes.
+        """
+        real = path.resolve()
+
+        try:
+            if real in loaded_files:
+                return
+
+            # nome único, estável, baseado no caminho
+            pseudo_name = (
+                    "fusion_ext_"
+                    + "_".join(real.parts).replace(":", "_").replace("\\", "_").replace("/", "_")
+                    .replace(".", "_")
+            )
+            spec = importlib.util.spec_from_file_location(pseudo_name, real)
+            if spec and spec.loader:
+                mod = importlib.util.module_from_spec(spec)
+                sys.modules[pseudo_name] = mod
+                spec.loader.exec_module(mod)
+                loaded_files.add(real)
+        except Exception as ie:
+            Logger.pl('\n{!} {R}Error loading external module: {G}%s{R}\n    {O} %s{W}' % (str(ie), str(real)))
+            pass
+
+    @classmethod
+    def _import_via_pkgutil(cls, roots: list[Path], loaded_files: set):
+        """
+        Varre roots com pkgutil.walk_packages. Isso encontra
+        - módulos .py no nível do root
+        - pacotes (pastas com __init__.py) e seus submódulos
+        NÃO entra em subpastas sem __init__.py (por isso depois complementamos).
+        """
+        str_roots = [str(p) for p in roots]
+        for loader, modname, is_pkg in pkgutil.walk_packages(str_roots):
+            try:
+                mod = importlib.import_module(modname)
+                mfile = getattr(mod, "__file__", None)
+                if mfile:
+                    loaded_files.add(Path(mfile).resolve())
+            except Exception as ie:
+                Logger.pl(
+                    '\n{!} {R}Error loading internal module: {G}%s{R}\n    {O} %s{W}' % (
+                        str(ie), str(loader.path)))
+                pass
+
+    @classmethod
+    def _load_any_py_recursively(cls, root: Path, loaded_files: set):
+        """
+        Carrega *todo* arquivo .py sob root (rglob), incluindo subpastas sem __init__.py,
+        sem duplicar o que já foi importado.
+        """
+        for py in root.rglob("*.py"):
+            # exclui caches e similares
+            if any(part in {"__pycache__"} for part in py.parts):
+                continue
+            cls._safe_import_from_path(py, loaded_files)
+
+    @classmethod
+    def list_modules(cls) -> dict:
+        try:
+            base_module = Module.get_base_module()
+            modules: dict[str, Module] = {}
+
+            # --- 1) Varredura padrão do seu pacote interno: <este_arquivo>/modules ---
+            base_path = Path(__file__).resolve().parent / "modules"
+            internal_mod_roots = [p for p in base_path.iterdir() if p.is_dir()]
+
+            internal_mods = []
+
+            # Vamos usar pkgutil para o pacote interno (mantém o comportamento)
+            loaded_files: set[Path] = set()
+            mods = [str(p) for p in internal_mod_roots]
+            for loader, modname, is_pkg in pkgutil.walk_packages(mods):
+                if not is_pkg:
+                    # Reconstrói o caminho relativo para montar o import dentro do pacote base
+                    mod_path = Path(getattr(loader, "path", ""))
+                    try:
+                        rel = mod_path.resolve().relative_to(base_path.resolve())
+                        dotted = "." + ".".join(rel.parts) if rel.parts else ""
+                    except Exception:
+                        dotted = ""
+                    importlib.import_module(f"{base_module}{dotted}.{modname}")
+                    internal_mods.append(f"{base_module}{dotted}.{modname}")
+
+            # --- 2) Varredura de caminhos externos via FUSION_MODULES ---
+            env_value = os.environ.get("FUSION_MODULES", "").strip()
+            if env_value:
+                extra_roots = [Path(p).expanduser() for p in env_value.split(os.pathsep) if p.strip()]
+                existing_roots = [p for p in extra_roots if p.exists() and p.is_dir()]
+
+                # Para que pkgutil encontre módulos top-level nesses roots
+                # (sem precisar de nomes de pacote), colocamos cada root no sys.path
+                # durante a varredura. Usamos um conjunto para restaurar depois se preferir.
+                original_sys_path = list(sys.path)
+                try:
+                    for root in existing_roots:
+                        if str(root) not in sys.path:
+                            sys.path.insert(0, str(root))
+
+                    # 2a) Encontrar módulos top-level e pacotes (com __init__.py)
+                    cls._import_via_pkgutil(existing_roots, loaded_files)
+
+                    # 2b) Complementar: carregar QUALQUER .py (inclusive subpastas sem __init__.py)
+                    for root in existing_roots:
+                        cls._load_any_py_recursively(root, loaded_files)
+                finally:
+                    # opcional: restaurar sys.path (seguro para evitar vazamentos)
+                    sys.path[:] = original_sys_path
+
+            # --- 3) Instanciar subclasses de ModuleBase e montar o registry ---
+            for i_class in ModuleBase.__subclasses__():
+                t = i_class()
+                key = t.safe_name()
+                if key in modules:
+                    raise ModuleLoaderError(
+                        f"Duplicated Module name: {i_class.__module__}.{i_class.__qualname__}"
+                    )
+
+                if str(i_class.__module__) in internal_mods:
+                    modules[key] = InternalModule(
+                        name=t.name,
+                        description=t.description,
+                        module=str(i_class.__module__),
+                        qualname=str(i_class.__qualname__),
+                        class_name=i_class,
+                    )
+                else:
+                    modules[key] = ExternalModule(
+                        name=t.name,
+                        description=t.description,
+                        module=str(i_class.__module__),
+                        qualname=str(i_class.__qualname__),
+                        class_name=i_class,
+                    )
+
+            return modules
+
+        except Exception as e:
+            # Envolve a exceção original para manter contexto
+            raise ModuleLoaderError("Error listing modules") from e

{frida-fusion-0.1.3/frida_fusion/modules → frida-fusion-0.1.5/frida_fusion/modules/crypto}/crypto.py

@@ -3,13 +3,13 @@ from pathlib import Path
 import base64
 import string
 
-from ..libs.color import Color
-from ..libs.database import Database
-from ..module import ModuleBase
+from frida_fusion.libs.logger import Logger
+from frida_fusion.libs.database import Database
+from frida_fusion.module import ModuleBase
 
 from typing import TYPE_CHECKING
 if TYPE_CHECKING:
-    from ..fusion import Fusion  # só no type checker
+    from frida_fusion.fusion import Fusion  # só no type checker
 
 
 class Crypto(ModuleBase):
@@ -274,8 +274,11 @@ class Crypto(ModuleBase):
         self._crypto_db = None
         self.mod_path = str(Path(__file__).resolve().parent)
 
-    def start_db(self, db_path: str) -> bool:
-        self._crypto_db = Crypto.CryptoDB(db_name=db_path)
+    def start_module(self, **kwargs) -> bool:
+        if 'db_path' not in kwargs:
+            raise Exception("parameter db_path not found")
+
+        self._crypto_db = Crypto.CryptoDB(db_name=kwargs['db_path'])
         return True
 
     def js_files(self) -> list:

frida-fusion-0.1.5/frida_fusion/modules/tls_unpinning/frida_multiple_unpinning.py

@@ -0,0 +1,66 @@
+import errno
+import os.path
+import tempfile
+from pathlib import Path
+from frida_fusion.libs.logger import Logger
+from frida_fusion.module import ModuleBase
+
+from typing import TYPE_CHECKING
+
+if TYPE_CHECKING:
+    from frida_fusion.fusion import Fusion  # só no type checker
+
+
+class TlsUnpinning(ModuleBase):
+
+    def __init__(self):
+        super().__init__('Multiple unpinning', 'Use frida_multiple_unpinning by Maurizio Siddu (@akabe1)')
+        self.mod_path = str(Path(__file__).resolve().parent)
+        self.js_file = os.path.join(self.mod_path, "frida_multiple_unpinning.js")
+
+    def start_module(self, **kwargs) -> bool:
+        if not os.path.isfile(self.js_file):
+            Logger.pl("{+} Downloading CodeShare script from @akabe1/frida-multiple-unpinning")
+            data = self._get_codeshare("@akabe1/frida-multiple-unpinning/")
+            if data.get('source', None) is None or data.get('source', '').strip(" \r\n") == "":
+                raise Exception("source code is empty")
+
+            try:
+                with open(self.js_file, "w", encoding='utf-8') as f:
+                    f.write(data.get('source', ''))
+            except IOError as x:
+                if x.errno == errno.EACCES:
+                    Logger.pl('{!} {R}error: could not open output file to write {O}permission denied{R}{W}\r\n')
+                elif x.errno == errno.EISDIR:
+                    Logger.pl('{!} {R}error: could not open output file to write {O}it is an directory{R}{W}\r\n')
+                else:
+                    Logger.pl('{!} {R}error: could not open output file to write{W}\r\n')
+
+                # Try to save locally
+                self.js_file = str(Path("frida_multiple_unpinning.js").resolve().absolute())
+                with open(self.js_file, "w", encoding='utf-8') as f:
+                    f.write(data.get('source', ''))
+
+        return True
+
+    def js_files(self) -> list:
+        return [
+            self.js_file
+        ]
+
+    def key_value_event(self,
+                        script_location: "Fusion.ScriptLocation" = None,
+                        stack_trace: str = None,
+                        module: str = None,
+                        received_data: dict = None
+                        ) -> bool:
+        return True
+
+    def data_event(self,
+                   script_location: "Fusion.ScriptLocation" = None,
+                   stack_trace: str = None,
+                   received_data: str = None
+                   ) -> bool:
+        return True
+
+

{frida-fusion-0.1.3 → frida-fusion-0.1.5}/frida_fusion.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: frida-fusion
-Version: 0.1.3
+Version: 0.1.5
 Summary: Hook your mobile tests with Frida
 Author-email: "Helvio Junior (M4v3r1ck)" <helvio_junior@hotmail.com>
 Maintainer-email: "Helvio Junior (M4v3r1ck)" <helvio_junior@hotmail.com>
@@ -64,11 +64,65 @@ Modules:
 
 ## Install
 
-> :information_source: We recommend using `pipx` rather than `pip` for system-wide installation.
+```
+pip3 install frida-fusion
+```
+
+## Module engine
+
+You can check available modules with `frida-fusion --list-modules` command.
+
+```bash
+frida-fusion --list-modules
+
+ [ FRIDA ]—o—( FUSION )—o—[ MOBILE TESTS ] // v0.1.4
+     > hook your mobile tests with Frida
+
 
+Available modules
+  Module Name     : Description
+  Crypto          : Hook cryptography/hashing functions
 ```
-python3 -m pipx install frida-fusion
+
+### External modules
+
+You can develop or download community modules and load into frida-fusion.
+
+To pass to the Frida Fusion the external module path you can use the environment variable `FUSION_MODULES` with the full path of modules
+
+At linux:
+
+```bash
+export FUSION_MODULES=/tmp/modules
+
+# List all modules
+frida-fusion --list-modules
+
+# Using available module
+frida-fusion -f [app_id] -U --script-path . -m [module_name]
 ```
 
-> :information_source: Check whether you also need to run the `python3 -m pipx ensurepath` command.
+At windows:
 
+```bash
+$env:FUSION_MODULES = "C:\extra_mods"
+
+# List all modules
+frida-fusion --list-modules
+
+# Using available module
+frida-fusion -f [app_id] -U --script-path . -m [module_name]
+```
+
+### Community modules
+
+You can also use one of community developed modules
+
+```bash
+cd /tmp/
+git clone https://github.com/helviojunior/frida-fusion-community-modules
+export FUSION_MODULES=/tmp/frida-fusion-community-modules
+
+# List all modules
+frida-fusion --list-modules
+```

{frida-fusion-0.1.3 → frida-fusion-0.1.5}/frida_fusion.egg-info/SOURCES.txt

@@ -17,7 +17,11 @@ frida_fusion.egg-info/top_level.txt
 frida_fusion/libs/__init__.py
 frida_fusion/libs/color.py
 frida_fusion/libs/database.py
+frida_fusion/libs/helpers.js
 frida_fusion/libs/logger.py
 frida_fusion/modules/__init__.py
-frida_fusion/modules/crypto.js
-frida_fusion/modules/crypto.py
+frida_fusion/modules/crypto/__init__.py
+frida_fusion/modules/crypto/crypto.js
+frida_fusion/modules/crypto/crypto.py
+frida_fusion/modules/tls_unpinning/__init__.py
+frida_fusion/modules/tls_unpinning/frida_multiple_unpinning.py

{frida-fusion-0.1.3 → frida-fusion-0.1.5}/pyproject.toml

@@ -60,6 +60,8 @@ exclude = ["frida_fusion*tests", "frida_fusion*images", "frida_fusion*docs"]
   'resources/**/*',
   'modules/*',
   'modules/**/*',
+  'libs/*',
+  'libs/**/*',
 ]
 
 [project.urls]

frida-fusion-0.1.3/frida_fusion/module.py

@@ -1,116 +0,0 @@
-import os
-import pkgutil
-import importlib
-from pathlib import Path
-
-from .libs.database import Database
-from typing import TYPE_CHECKING
-if TYPE_CHECKING:
-    from .fusion import Fusion  # só no type checker
-
-
-class ModuleBase(object):
-
-    name = ''
-    description = ''
-    mod_path = ''
-
-    def __init__(self, name, description):
-        self.name = name
-        self.description = description
-        self.mod_path = str(Path(__file__).resolve().parent)
-        pass
-
-    def start_db(self, db_path: str) -> bool:
-        raise Exception('Method "start_db" is not yet implemented.')
-
-    def js_files(self) -> list:
-        return []
-
-    def key_value_event(self,
-                        script_location: "Fusion.ScriptLocation" = None,
-                        stack_trace: str = None,
-                        module: str = None,
-                        received_data: dict = None
-                        ) -> bool:
-        raise Exception('Method "key_value_event" is not yet implemented.')
-
-    def data_event(self,
-                   script_location: "Fusion.ScriptLocation" = None,
-                   stack_trace: str = None,
-                   received_data: str = None
-                   ) -> bool:
-        raise Exception('Method "data_event" is not yet implemented.')
-
-
-class Module(object):
-    modules = {}
-
-    def __init__(self, name, description, module, qualname, class_name):
-        self.name = name
-        self.description = description
-        self.module = module
-        self.qualname = qualname
-        self._class = class_name
-        pass
-
-    def create_instance(self):
-        return self._class()
-
-    @classmethod
-    def get_instance(cls, name: str):
-        if len(Module.modules) == 0:
-            Module.modules = Module.list_modules()
-
-        selected_modules = [
-            mod for mod in Module.modules
-            if mod == name
-        ]
-
-        mod = None
-        if len(selected_modules) == 1:
-            mod = Module.modules[selected_modules[0]].create_instance()
-
-        return mod
-
-    @classmethod
-    def get_base_module(cls) -> str:
-        file = Path(__file__).stem
-
-        parent_module = f'.{cls.__module__}.'.replace(f'.{file}.', '').strip(' .')
-
-        return '.'.join((parent_module, 'modules'))
-
-    @classmethod
-    def list_modules(cls) -> dict:
-        try:
-
-            base_module = Module.get_base_module()
-
-            modules = {}
-
-            base_path = os.path.join(
-                Path(__file__).resolve().parent, 'modules'
-            )
-
-            for loader, modname, ispkg in pkgutil.walk_packages([base_path]):
-                if not ispkg:
-                    importlib.import_module(f'{base_module}.{modname}')
-
-            for iclass in ModuleBase.__subclasses__():
-                t = iclass()
-                if t.name in modules:
-                    raise Exception(f'Duplicated Module name: {iclass.__module__}.{iclass.__qualname__}')
-
-                modules[t.name.lower()] = Module(
-                    name=t.name,
-                    description=t.description,
-                    module=str(iclass.__module__),
-                    qualname=str(iclass.__qualname__),
-                    class_name=iclass
-                )
-
-            return modules
-
-        except Exception as e:
-            raise Exception('Error listing command modules', e)