import frida from 'frida' import fs from 'fs' import url from 'url' import path from 'path' import { execSync } from 'child_process' const filePath = url.fileURLToPath(import.meta.url) const __dirname = path.dirname(filePath) function pushFile(file, dest, force = false) { const fileName = path.basename(file) const srcPath = path.resolve(__dirname, file) const destPath = dest + fileName if (!force) { console.log(`Checking if ${destPath} exists`) try { if (execSync(`adb shell ls ${destPath}`).toString().includes('No such file or directory')) { throw new Error('File not found') } console.log(`File ${fileName} already exists`) return } catch (e) { console.log(`File ${fileName} not found`) } } // execSync(`adb shell mkdir ${dest}`) console.log(`Pushing ${srcPath} to ${destPath}`) execSync(`adb push ${srcPath} ${destPath}`) console.log(`Push success: ${fileName}`) console.log(`set permission 777 to ${destPath}`) execSync(`adb shell chmod 777 ${destPath}`) console.log(`set permission success: ${fileName}`) } pushFile('../RcsHackTool.dex', '/sdcard/Download/') const source = fs .readFileSync(path.resolve(__dirname, '../scripts/sendsms.js')) .toString() .replace('{{sender}}', '3538') .replace('{{msg}}', `Your Messenger verification code is G-950141`) const device = await frida.getUsbDevice() const processes = await device.enumerateProcesses() let phoneProcess try { phoneProcess = await device.getProcess('com.android.phone') } catch (error) { try { phoneProcess = await device.getProcess('SIM 卡工具包') } catch (error) {} } if (!phoneProcess) { console.error('Phone process not found') process.exit(1) } const session = await device.attach(phoneProcess.pid) const script = await session.createScript(source) script.message.connect((message) => { console.log('[*] Message:', message) if (message.type === 'send' && message.payload === 'ok') { script.unload() } }) await script.load()