headers hook 当header中包含Authorization时,则插入断点
var code = function(){
var org = window.XMLHttpRequest.prototype.setRequestHeader;
window.XMLHttpRequest.prototype.setRequestHeader = function(key,value){
if(key=='Authorization'){
debugger;
}
return org.apply(this,arguments);
}
}
var script = document.createElement('script');
script.textContent = '(' + code + ')()';
(document.head||document.documentElement).appendChild(script);
script.parentNode.removeChild(script);
请求hook 当请求的url里包含MmEwMD时,则插入断点
var code = function(){
var open = window.XMLHttpRequest.prototype.open;
window.XMLHttpRequest.prototype.open = function (method, url, async){
if (url.indexOf("MmEwMD")>-1){
debugger;
}
return open.apply(this, arguments);
};
}
var script = document.createElement('script');
script.textContent = '(' + code + ')()';
(document.head||document.documentElement).appendChild(script);
script.parentNode.removeChild(script);
过debugger—1 constructor 构造器构造出来的
var _constructor = constructor;
Function.prototype.constructor = function(s) {
if (s == "debugger") {
console.log(s);
return null;
}
return _constructor(s);
}
过debugger—2 eval的
(function() {
'use strict';
var eval_ = window.eval;
window.eval = function(x) {
eval_(x.replace("debugger;", " ; "));
}
;
window.eval.toString = eval_.toString;
}
)();
JSON HOOK
var my_stringify = JSON.stringify;
JSON.stringify = function (params) {
//这里可以添加其他逻辑比如 debugger
console.log("json_stringify params:",params);
return my_stringify(params);
};
var my_parse = JSON.parse;
JSON.parse = function (params) {
//这里可以添加其他逻辑比如 debugger
console.log("json_parse params:",params);
return my_parse(params);
};
对象属性hook 属性自定义,hook cookie操作
(function(){
// 严格模式,检查所有错误
'use strict'
// document 为要hook的对象 ,属性是cookie
Object.defineProperty(document,'cookie',{
// hook set方法也就是赋值的方法,get就是获取的方法
set: function(val){
// 这样就可以快速给下面这个代码行下断点,从而快速定位设置cookie的代码
debugger; // 在此处自动断下
console.log('Hook捕获到set-cookie ->',val);
return val;
}
})
})();
eval/Function
window.__cr_eval = window.eval;
var myeval = function(src) {
// src就是eval运行后 最终返回的值
console.log(src);
console.log("========= eval end ===========");
return window.__cr_eval;
}
var _myeval = myeval.bind(null);
_myeval.toString = window.__cr_eval.toString;
Object.defineProperty(window, 'eval',{value: _myeval});
window._cr_fun = window.Function
var myfun = function(){
var args = Array.prototype.slice.call(arguments, 0, -1).join(","), src = arguments[arguments.lenght -1];
console.log(src);
console.log("======== Function end =============");
return window._cr_fun.apply(this, arguments)
}
myfun.toString = function() {return window._cr_fun + ""} //小花招,这里防止代码里检测原生函数
Object.defineProperty(window, "Function",{value: myfun})
eval 取返回值
_eval = eval;
eval = (res)=>{
res1 = res // 返回值
return _eval(res)
}
eval(xxxxxxxxx)
websocket hook
// 1、webcoket 一般都是json数据格式传输,那么发生之前需要JSON.stringify
var my_stringify = JSON.stringify;
JSON.stringify = function (params) {
//这里可以添加其他逻辑比如 debugger
console.log("json_stringify params:",params);
return my_stringify(params);
};
var my_parse = JSON.parse;
JSON.parse = function (params) {
//这里可以添加其他逻辑比如 debugger
console.log("json_parse params:",params);
return my_parse(params);
};
// 2 webScoket 绑定在windows对象,上,根据浏览器的不同,websokcet名字可能不一样
//chrome window.WebSocket firfox window.MozWebSocket;
window._WebSocket = window.WebSocket;
// hook send
window._WebSocket.prototype.send = function (data) {
console.info("Hook WebSocket", data);
return this.send(data)
}
Object.defineProperty(window, "WebSocket",{value: WebSocket})
hook canvas (定位图片生成的地方)
(function() {
'use strict';
let create_element = document.createElement.bind(doument);
document.createElement = function (_element) {
console.log("create_element:",_element);
if (_element === "canvas") {
debugger;
}
return create_element(_element);
}
})();
setInterval 定时器文章来源:https://www.toymoban.com/news/detail-675533.html
(function() {
setInterval_ = setInterval;
console.log("原函数已被重命名为setInterval_")
setInterval = function() {}
;
setInterval.toString = function() {
console.log("有函数正在检测setInterval是否被hook");
return setInterval_.toString();
}
;
}
)();
setInterval 循环清除定时器文章来源地址https://www.toymoban.com/news/detail-675533.html
for(var i = 0; i < 9999999; i++) window.clearInterval(i)
到了这里,关于JavaScript常用的Hook脚本的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!