hook eval
// 保存原始方法 window.__cr_eval = window.eval; // 重写eval方法 var myeval = function(src){ console.log(src); console.log("=============== eval end ==============="); debugger; return window.__cr_eval(src); } var _myeval = myeval.bind(null); // 这里主要是屏蔽js中对原生函数native属性的检测 _myeval.toString = window.__cr_eval.toString; Object.defineProperty(window, 'eval', {value: _myeval});
hook Function
window.__cr_fun = window.Function; var myfun = function(){ var args = Array.prototype.slice.call(arguments, 0, -1).join(","), src = arguments[arguments.length - 1] console.log(src); console.log("=============== Function end ==============="); debugger; return window.__cr_fun.apply(this, arguments); } // 这里主要是屏蔽js中对原生函数native属性的检测 myfun.toString = function(){return window.__cr_fun + ""} Object.defineProperty(window, 'Function', {value: myfun});
hook JSON.stringify、JSON.parse
var my_stringify = JSON.stringify; JSON.stringify = function(params){ console.log("hook", params); debugger; return my_stringify(params); }; var my_parse = JSON.parse; JSON.parse = function(params){ console.log("hook", params); debugger; return my_parse(params); };
hook cookie
(function () { Object.defineProperty(document, 'cookie', { set: function (cookie) { if(cookie.indexOf('RM4hZBv0dDon443M') != -1){ debugger; } return cookie; } }) })();
hook所有cookie
var cookie_cache = document.cookie; Object.defineProperty(document, 'cookie', { get: function(){ console.log('Getting cookie'); return cookie_cache; }, set: function(val){ console.log('Stting cookie', val); var cookie = val.split(';')[0]; var ncookie = cookie.split('='); var flag = false; var cache = cookie_cache.split('; '); cache = cache.map(function(a){ if (a.split('=')[0] === ncookie[0]){ falg = true; return cookie; } return a; }) cookie_cache = cache.join('; '); if(!falg){ cookie_cache += cookie + '; '; } this._value = val; return cookie_cache; }, });
hook window对象
var window_flag_1 = 'object1'; // 修改为需要hook的对象 var window_flag_2 = 'object2'; // hook对象的对象 var key_value_map = {}; var window_value = window[window_flag_1]; Object.defineProperty(window, window_flag_1, { get: function(){ console.log('Getting', window, window_flag_1, '=', window_value); debugger; return window_value; }, set: function(val){ console.log('Setting', window, window_flag_1, '=', val); debugger; window_value = val; key_value_map[window[window_flag_1]] = window_flag_1; set_obj_attr(window[window_flag_1], window_flag_2); }, }); function set_obj_attr(obj, attr){ var obj_arrt_value = obj[attr]; Object.defineProperty(obj, attr, { get:function(){ console.log('Getting', key_value_map[obj], attr, '=', obj_arrt_value); debugger; return obj_arrt_value }, set: function(val){ console.log('Setting', key_value_map[obj], attr, '=', val); debugger; obj_arrt_value = val; }, }); };
hook WebSocket
WebSocket.prototype.senda = WebSocket.prototype.send; WebSocket.prototype.send = function(data){ console.log('Hook WebSocket', data); return this.senda(data); };