update patch

patches/frida-core/0001-Florida-string_frida_rpc.patch

@@ -1,7 +1,7 @@
 From 2ee45f8d8bd12ae7bb58bc9d792241dd10e52c9d Mon Sep 17 00:00:00 2001
 From: Ylarod <me@ylarod.cn>
 Date: Tue, 18 Jul 2023 15:51:29 +0800
-Subject: [PATCH 1/7] Florida: string_frida_rpc
+Subject: [PATCH 1/8] Florida: string_frida_rpc
 
 ---
  lib/base/rpc.vala | 15 ++++++++++++---

patches/frida-core/0002-Florida-re_frida_server.patch

@@ -1,7 +1,7 @@
 From 9c54a36d6cf608cbe24c9771b4a4f2b3774bebd0 Mon Sep 17 00:00:00 2001
 From: Ylarod <me@ylarod.cn>
 Date: Tue, 18 Jul 2023 15:52:56 +0800
-Subject: [PATCH 2/7] Florida: re_frida_server
+Subject: [PATCH 2/8] Florida: re_frida_server
 
 ---
  server/server.vala | 3 ++-

patches/frida-core/0003-Florida-frida_agent_so.patch

@@ -1,7 +1,7 @@
 From c809d93142d30299ab33aa3b125fc8096e280d6c Mon Sep 17 00:00:00 2001
 From: Ylarod <me@ylarod.cn>
 Date: Tue, 18 Jul 2023 15:57:19 +0800
-Subject: [PATCH 3/7] Florida: frida_agent_so
+Subject: [PATCH 3/8] Florida: frida_agent_so
 
 ---
  src/linux/linux-host-session.vala | 7 ++++---

patches/frida-core/0004-Florida-symbol_frida_agent_main.patch

@@ -1,7 +1,7 @@
 From 1099700c48f5cf48f76792b929d5916be4a98e04 Mon Sep 17 00:00:00 2001
 From: Ylarod <me@ylarod.cn>
 Date: Tue, 18 Jul 2023 16:02:50 +0800
-Subject: [PATCH 4/7] Florida: symbol_frida_agent_main
+Subject: [PATCH 4/8] Florida: symbol_frida_agent_main
 
 ---
  src/agent-container.vala              |  2 +-

patches/frida-core/0005-Florida-thread_gum_js_loop.patch

@@ -1,7 +1,7 @@
 From 90702fd82b7adbed8f712cf7b9dcb4f7d7f89b30 Mon Sep 17 00:00:00 2001
 From: Ylarod <me@ylarod.cn>
 Date: Tue, 18 Jul 2023 16:03:47 +0800
-Subject: [PATCH 5/7] Florida: thread_gum_js_loop
+Subject: [PATCH 5/8] Florida: thread_gum_js_loop
 
 ---
  src/anti-anti-frida.py | 7 ++++++-

patches/frida-core/0006-Florida-thread_gmain.patch

@@ -1,7 +1,7 @@
 From 93a07e8014d3c4971239ad6831aa5d526042a106 Mon Sep 17 00:00:00 2001
 From: Ylarod <me@ylarod.cn>
 Date: Tue, 18 Jul 2023 16:04:15 +0800
-Subject: [PATCH 6/7] Florida: thread_gmain
+Subject: [PATCH 6/8] Florida: thread_gmain
 
 ---
  src/anti-anti-frida.py | 7 ++++++-

patches/frida-core/0007-Florida-protocol_unexpected_command.patch

@@ -1,7 +1,7 @@
 From 217f97faabba058b53b6abb0827b74b0787beaa7 Mon Sep 17 00:00:00 2001
 From: Ylarod <me@ylarod.cn>
 Date: Tue, 18 Jul 2023 16:04:55 +0800
-Subject: [PATCH 7/7] Florida: protocol_unexpected_command
+Subject: [PATCH 7/8] Florida: protocol_unexpected_command
 
 ---
  src/droidy/droidy-client.vala | 2 +-

patches/frida-core/0008-Florida-update-python-script.patch

@@ -0,0 +1,95 @@
+From 6eecbc28f7d65091e13447716335f3e2e3c90af5 Mon Sep 17 00:00:00 2001
+From: Ylarod <me@ylarod.cn>
+Date: Tue, 18 Jul 2023 19:55:59 +0800
+Subject: [PATCH 8/8] Florida: update python script
+
+---
+ src/anti-anti-frida.py | 59 ++++++++++++++++++++++++++++--------------
+ 1 file changed, 40 insertions(+), 19 deletions(-)
+
+diff --git a/src/anti-anti-frida.py b/src/anti-anti-frida.py
+index b4b8dca6..dac03a1a 100644
+--- a/src/anti-anti-frida.py
++++ b/src/anti-anti-frida.py
+@@ -2,36 +2,57 @@ import lief
+ import sys
+ import random
+ import os
+-
++ 
++def log_color(msg):
++    print(f"\033[1;31;40m{msg}\033[0m")
++ 
+ if __name__ == "__main__":
+     input_file = sys.argv[1]
+-    print(f"[*] Patch frida-agent: {input_file}")
+-    random_name = "".join(random.sample("ABCDEFGHIJKLMNO", 5))
+-    print(f"[*] Patch `frida` to `{random_name}``")
+-
++    random_charset = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
++    log_color(f"[*] Patch frida-agent: {input_file}")
++    random_name = "".join(random.sample(random_charset, 5))
++    log_color(f"[*] Patch `frida` to `{random_name}``")
++ 
+     binary = lief.parse(input_file)
+-
++ 
+     if not binary:
+         exit()
+-
++ 
+     for symbol in binary.symbols:
+         if symbol.name == "frida_agent_main":
+             symbol.name = "main"
+-        
++ 
+         if "frida" in symbol.name:
+             symbol.name = symbol.name.replace("frida", random_name)
+-
++ 
+         if "FRIDA" in symbol.name:
+             symbol.name = symbol.name.replace("FRIDA", random_name)
+-
++ 
++    all_patch_string = ["FridaScriptEngine", "GLib-GIO", "GDBusProxy", "GumScript"]  # 字符串特征修改 尽量与源字符一样
++    for section in binary.sections:
++        log_color(section.name)
++        if section.name != ".rodata":
++            continue
++        for patch_str in all_patch_string:
++            addr_all = section.search_all(patch_str)  # Patch 内存字符串
++            for addr in addr_all:
++                patch = [ord(n) for n in list(patch_str)[::-1]]
++                log_color(f"current section name={section.name} offset={hex(section.file_offset + addr)} {patch_str}-{''.join(list(patch_str)[::-1])}")
++                binary.patch_address(section.file_offset + addr, patch)
++ 
+     binary.write(input_file)
+-
+-    # gum-js-loop thread
+-    random_name = "".join(random.sample("abcdefghijklmn", 11))
+-    print(f"[*] Patch `gum-js-loop` to `{random_name}`")
++ 
++    # thread_gum_js_loop
++    random_name = "".join(random.sample(random_charset, 11))
++    log_color(f"[*] Patch `gum-js-loop` to `{random_name}`")
+     os.system(f"sed -b -i s/gum-js-loop/{random_name}/g {input_file}")
+-
+-    # gmain thread
+-    random_name = "".join(random.sample("abcdefghijklmn", 5))
+-    print(f"[*] Patch `gmain` to `{random_name}`")
+-    os.system(f"sed -b -i s/gmain/{random_name}/g {input_file}")
+\ No newline at end of file
++ 
++    # thread_gmain
++    random_name = "".join(random.sample(random_charset, 5))
++    log_color(f"[*] Patch `gmain` to `{random_name}`")
++    os.system(f"sed -b -i s/gmain/{random_name}/g {input_file}")
++ 
++    # thread_gdbus
++    random_name = "".join(random.sample(random_charset, 5))
++    log_color(f"[*] Patch `gdbus` to `{random_name}`")
++    os.system(f"sed -b -i s/gdbus/{random_name}/g {input_file}")
+\ No newline at end of file
+-- 
+2.34.1
+