rms-runtime-mobile-security
Version:
Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
279 lines (251 loc) • 10.2 kB
HTML
<html lang="en">
<head>
<!-- head and css -->
{% include 't_head.html' %}
</head>
<body>
<!-- Model View -->
<div class="modal fade" id="ModalFilterView">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<!-- Modal Header -->
<div class="modal-header">
<h4 class="modal-title">Select the Classes that you want to hook</h4>
<button type="button" class="close" data-dismiss="modal">×</button>
</div>
<!-- Modal body -->
<div class="modal-body">
<!-- scrollbox -->
<div id=scrollbox>
<div class="col-sm-12">
<form class="form-group list-group-item list-group-item-action bg-light" action="/dump" method="get">
<p>
<b>Package:</b> {{target_package}} →
<a role="button" href="/dump?choice=1&filter={{target_package}}">✅</a>
</p>
<label for="filter">Hook all classes that start with:</label>
<input type="text" class="form-control" id="filter" name="filter" required="true"
placeholder="com.example., com.external_library, com.test,">
<input type="hidden" name=choice value=1>
<div class="checkbox">
<label></label>
<input type="checkbox" name="case" value=1 checked>
Case sensitive
</label>
</div>
<div class="checkbox">
<label></label>
<input type="checkbox" name="regex" value=1>
Regex
</label>
</div>
<div class="checkbox">
<label></label>
<input type="checkbox" name="whole" value=1>
Whole word
</label>
</div>
<small class="form-text text-muted">
If Regex is not checked, you can insert multiple filters. Just make sure to use <b><font color=red>,</font></b> to separete the strings you want to use as a filters
</small>
<br>
<button type="submit" class="btn btn-primary mb-2">Submit</button>
<font color=red><b> NOTE: </b></font>Hooking more than 500 classes can crash the app
</form>
</div>
<br>
<div class="col-sm-12">
<!-- FORM START -->
<form class="form-group list-group-item list-group-item-action bg-light"
action="/dump"
method="POST">
<table class="table table-sm table-dark table-bordered">
<thead>
<tr>
<th style='width: 10%'> Select</th>
<th style='width: 10%'> Index</th>
<th style='width: 80%'> Classes</th>
</tr>
</thead>
<tbody id="MainTable_Filter">
<input class="form-control" id="UserInput_Filter" type="text"
placeholder="Use this search bar to quickly filter results:">
<br>
<button type="submit" class="btn btn-primary mb-2">Hook Selected</button>
<font color=red><b> NOTE: </b></font>Hooking more than 500 classes can crash the app
{% for c in loaded_classes %}
<tr>
<td align=center> <input type="checkbox" name=tohook value="{{ loop.index0 }}"> </td>
<td align=center> {{ loop.index0 }} </td>
<td> {{ c }} </td>
</tr>
{% endfor %}
</form> <!-- FORM END -->
</tbody>
</table>
</div>
</div>
<!-- scrollbox -->
</div>
<!-- Modal footer -->
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>
<!-- Model View -->
<div class="d-flex" id="wrapper">
<!-- Sidebar -->
{% include 't_sidebar.html' %}
<!-- Page Content -->
<div id="page-content-wrapper">
<!-- Navbar -->
{% include 't_navbar.html' %}
<!-- Content -->
<div class="container-fluid">
<!-- Buttons -->
<div class="col-sm-12">
<br>
<h2>Load Classes and Methods 🎯... and then HOOK everything ⚓️</h2>
<div class="border-top my-3"></div>
<div class="row">
<div align=center class="col-sm-3 border-top border-right border-left">
<br>
<h1>1</h1>
</div>
<div align=center class="col-sm-3 border-top border-right border-left">
<br>
<h1>2</h1>
</div>
<div align=center class="col-sm-3 border-top border-right border-left">
<br>
<h1>3</h1>
</div>
<div align=center class="col-sm-3 border-top border-right border-left">
<br>
<h1>4</h1>
</div>
</div>
<div class="row">
<div align=center class="col-sm-3 border-bottom border-right border-left">
<a role="button" href="/dump?choice=1" class="btn btn-primary">Load Classes</a>
</div>
<!-- model view button -->
<div align=center class="col-sm-3 border-bottom border-right border-left">
<a role="button" data-toggle="modal" data-target="#ModalFilterView" class="btn btn-warning">
Insert a Filter
</a>
<br>
<b>(<font color=red>optional</font>)</b>
<br>
<font color=red><b> NOTE: </b></font>Hooking more than 500 classes or complex classes can easily crash the app. Use a filter if you receive an error! 😉
<br>
<br>
</div>
<div align=center class="col-sm-3 border-bottom border-right border-left">
<a role="button" href="/dump?choice=2" class="btn btn-info">Load Methods</a>
</div>
<div align=center class="col-sm-3 border-bottom border-right border-left">
<form action=dump method=get>
<button class="btn btn-danger">Hook all methods</button>
<input type=hidden name=choice value=3>
<br />
<input type="checkbox" name=stacktrace value=yes> print StackTrace?</label>
</form>
</div>
</div>
</div>
<br>
<!-- Buttons -->
<!-- Search Bar and Table -->
<div class="col-sm-12
form-group
list-group-item
list-group-item-action
bg-light
rounded">
<table class="table table-sm table-dark table-bordered">
<thead>
<tr>
<th style='width: 3%'> index</th>
<th style='width: 27%'> classes</th>
<th style='width: 55%'> methods</th>
</tr>
</thead>
<tbody id="MainTable">
<h3>Classes</h3>
<p>Use the search bar below to quickly filter results:
{% if loaded_methods|length > 0 %}
{% if methods_hooked_and_executed|length > 0 %}
<button
onclick="apply_filter('executed')"
class="btn btn-success btn-sm">
Executed ✅
</button>
{% endif %}
<button
onclick="apply_filter('native')"
class="btn btn-danger btn-sm">
Native
</button>
<button
onclick="apply_filter('boolean')"
class="btn btn-info btn-sm">
Boolean
</button>
<button
onclick="apply_filter('clear')"
class="btn btn-dark btn-sm">
Clear
</button>
{% endif %}
</p>
<input class="form-control" id="UserInput" type="text" placeholder="Search..">
<br>
<!-- Legenda -->
{% if methods_hooked_and_executed|length > 0 %}
<p>✅ = the <b>hooked method has been executed</b> by the app - <a href="/dump"><b>Refresh Page</b></a></p>
{% endif %}
<!-- Legenda -->
{% for class_name in loaded_classes %}
<tr><td><center>{{ loop.index0 }}</center></td><td>{{class_name}}</td>
<td><pre>{% if mobile_OS=="Android" %}<code class=Java>{% else %}<code class=obj-c>{% endif %}{% for method_name in loaded_methods[class_name] %}{% if "Class: "+class_name+"\nMethod: "+method_name["ui_name"]+"\n" in methods_hooked_and_executed %}✅ {% endif %}{{method_name["ui_name"]}};<br>{% endfor %}</code></pre></td></tr>{% endfor %}
</tbody>
</table>
</div>
</div>
<!-- /#container-fluid -->
</div>
<!-- /#page-content-wrapper -->
</div>
<!-- /#wrapper -->
<!-- Javascript loading -->
{% include 't_js_script.html' %}
{% block scripts %}
<script>
function apply_filter(filter){
if(filter=="executed")
document.getElementById("UserInput").value = "✅";
if(filter=="native")
document.getElementById("UserInput").value = "native";
if(filter=="boolean")
document.getElementById("UserInput").value = "boolean";
if(filter=="clear")
document.getElementById("UserInput").value = "";
//simulate keyup
$('#UserInput').keyup();
}
</script>
<!-- Set current Page as active in the NavBar -->
<script>
$(document).ready(function () {
$(".nav li").removeClass("active");
$('#dump').addClass('active');
});
</script>
<!-- Set current Page as active in the NavBar -->
{% endblock %}
</body>
</html>