foundryzero
diff --git a/‎.gitignore‎
Lines changed: 6 additions & 0 deletions b/‎.gitignore‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎.tox/py310/.tox-info.json‎
Lines changed: 6 additions & 0 deletions b/‎.tox/py310/.tox-info.json‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎.tox/py39/.tox-info.json‎
Lines changed: 6 additions & 0 deletions b/‎.tox/py39/.tox-info.json‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 47 additions & 8 deletions b/‎README.md‎
Lines changed: 47 additions & 8 deletions
diff --git a/‎binder-trace-after-config.png‎
123 KB b/‎binder-trace-after-config.png‎
123 KB
diff --git a/‎binder-trace-before-config.png‎
119 KB b/‎binder-trace-before-config.png‎
119 KB
diff --git a/‎binder-trace.gif‎
5.97 MB b/‎binder-trace.gif‎
5.97 MB
diff --git a/‎binder_trace/.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎binder_trace/.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎binder_trace/binder_trace/__main__.py‎
Lines changed: 42 additions & 32 deletions b/‎binder_trace/binder_trace/__main__.py‎
Lines changed: 42 additions & 32 deletions
diff --git a/‎binder_trace/binder_trace/config.json‎
Lines changed: 13 additions & 6 deletions b/‎binder_trace/binder_trace/config.json‎
Lines changed: 13 additions & 6 deletions
@@ -13,3 +13,9 @@ bin/
 
 .venv/*
 venv/*
+.vscode/*
+
+binder_trace-parse-log*
+binder_trace-log*
+
+.tox-info.json
@@ -0,0 +1,6 @@
+{
+  "ToxEnv": {
+    "name": "py310",
+    "type": "VirtualEnvRunner"
+  }
+}
@@ -0,0 +1,6 @@
+{
+  "ToxEnv": {
+    "name": "py39",
+    "type": "VirtualEnvRunner"
+  }
+}
@@ -48,7 +48,7 @@ You'll need a rooted Android device or emulator.
 | -n&nbsp;NAME         | The name of the process on DEVICE to attach to e.g. "Messaging".                                                                       |
 | -a&nbsp;[9, 10, 11, 13]   | The version of android to load structures for.             |
 | -s&nbsp;STRUCTPATH   | The path to the directory of structure files.             |
-
+| -c&nbsp;CONFIG   | The path to the config file to filter.             |
 
 # ▶️ Starting binder trace
 
@@ -73,6 +73,7 @@ emulator-5554   device
 
 # ⌨️ Controls
 
+## 🌐 Global 
 | Key              | Action                                 |
 |------------------|----------------------------------------|
 | `up`             | Move up                                |
@@ -84,17 +85,55 @@ emulator-5554   device
 | `tab`            | Next pane                              |
 | `shift + tab`    | Previous pane                          |
 | `ctrl + c`       | Copy pane to clipboard                 |
-| `f`              | Open filter options                    |
 | `space`          | Pause/Unpause transaction recording    |
 | `c`              | Clear                                  |
 | `h`              | Open help                              |
+| `r`              | Reload config file                     |
 | `q`              | Quit                                   |
 
-# 🔎 Filtering
-If you're interested in specific messages you can filter the displayed results with the following options. 
+## 📈 Frequency pane
+| Key              | Action                                 |
+|------------------|----------------------------------------|
+| `p`           |   Toggle order asc/desc|
+| `w`           |   Jump to next interface|
+| `s`           |   Jump to previous interface|
+| `enter`       |   Toggle Filter|
+
+# 🔎 Config File
+To filter define any or all of the interface, method, type and inclusive options. To not use an option leave it blank `""`
+
+## Without -c argument
+
+```
+> binder-trace -d emulator-5554 -n Contacts -a 13
+```
+![Before Config](binder-trace-before-config.png)
+
+## With -c argument
+### config.json
+```py
+{
+    "filters": [
+        {
+            "interface": "android.gui.IDisplayEventConnection",
+            "method": "requestNextVsync",
+            "type": "",
+            "inclusive": false
+        },
+        {
+            "interface": "android.content.IContentProvider",
+            "method": "",
+            "type": "call",
+            "inclusive": false
+        }
+    ]
+}
+```
+
+```
+> binder-trace -d emulator-5554 -n Contacts -a 13 -c .\binder_trace\binder_trace\config.json
+```
 
-* __Interface__ - limit results to interfaces that contain the case sensitive search string e.g. "com.android" or "Sms".
-* __Method__ - limit results to function names containing the specified case sensitive string.
-* __Type__ - Limit results to certain types of messages e.g. requests or responses.
+`android.gui.IDisplayEventConnection`->`requestNextVsync`->`""` and `android.content.IContentProvider`->`""` ->`call` have been filtered out
 
-Once you've entered your filter options just press `Enter` to apply them.
+![After Config](binder-trace-after-config.png)
@@ -32,6 +32,7 @@ venv/
 ENV/
 env.bak/
 venv.bak/
+.vscode/*
 
 # Tox
 .tox
 
@@ -1,22 +1,21 @@
 import argparse
+import json
 import logging
 import traceback
-
-import json
 from os import path
 
-import binder_trace.loggers
 import binder_trace.constants
+import binder_trace.loggers
 import binder_trace.structure
-import binder_trace.tui
-
+import binder_trace.tui.interface
 from binder_trace import loggers
 from binder_trace.generator import FridaInjector
 
 loggers.configure()
 
 log = logging.getLogger(loggers.LOG)
 
+
 def main():
     parser = argparse.ArgumentParser(
         description="Connects to a Android device with a "
@@ -28,53 +27,63 @@ def main():
     group = parser.add_mutually_exclusive_group(required=True)
     group.add_argument("-p", "--pid", dest="pid", type=int, help="the process id to attach to")
     group.add_argument("-n", "--name", dest="name", type=str, help="the process name to attach to")
-    
-    parser.add_argument("-d", "--device", dest="device", type=str, help="the android device to attach to")
 
-    struct_group = parser.add_mutually_exclusive_group(required=True)
+    parser.add_argument(
+        "-d",
+        "--device",
+        dest="device",
+        type=str,
+        help="the android device to attach to",
+    )
 
-    struct_group.add_argument("-a",
-                        '--android-version',
-                        const='all',
-                        nargs='?',
-                        choices=['9', '10', '11', '12', '13'],
-                        default='13',
-                        help='Android version structs to use')
+    struct_group = parser.add_mutually_exclusive_group(required=True)
 
     struct_group.add_argument(
-        "-s", "--structpath", help="provides the path to the root of the struct directory. e.g. ../structs/android11"
+        "-a",
+        "--android-version",
+        const="all",
+        nargs="?",
+        choices=["9", "10", "11", "12", "13"],
+        default="13",
+        help="Android version structs to use",
     )
 
-    parser.add_argument(
-        "-c", "--config", help="Path to a binder-trace configuration file"
+    struct_group.add_argument(
+        "-s",
+        "--structpath",
+        help="provides the path to the root of the struct directory. e.g. ../structs/android11",
     )
 
+    parser.add_argument("-c", "--config", help="Path to a binder-trace configuration file")
     args = parser.parse_args()
 
-    structs_dict = {"9": "android9", "10": "android10", "11": "android11", "12": "android-12.1.0_r27", "13": "android13.0.0-r_49"}
-    
+    structs_dict = {
+        "9": "android9",
+        "10": "android10",
+        "11": "android11",
+        "12": "android-12.1.0_r27",
+        "13": "android13.0.0-r_49",
+    }
+
     base_dir = path.dirname(path.abspath(__file__))
 
     struct_path = args.structpath or path.join(base_dir, "structs", structs_dict[args.android_version])
 
     if not path.exists(struct_path):
-        print(f"Struct path \"{struct_path}\" not found.")
+        print(f'Struct path "{struct_path}" not found.')
         exit(-1)
-    
-    config = None
-    if args.config:
-        if not path.exists(args.config):
-            print("Config path not found.")
-            exit(-1)
-        
-        with open(args.config, "r") as f:
-            config = json.load(f)
 
+    config = None
     injector = None
     try:
-        injector = FridaInjector(args.pid or args.name, struct_path, binder_trace.constants.ANDROID_VERSION, args.device)
+        injector = FridaInjector(
+            args.pid or args.name,
+            struct_path,
+            int(args.android_version),
+            args.device,
+        )
         injector.start()
-        binder_trace.tui.start_ui(injector.block_queue, injector.pause_unpause, config)
+        binder_trace.tui.interface.start_ui(injector.block_queue, injector.pause_unpause, config, args.config)
         log.info("UI Stopped")
     except Exception as err:
         print(err)
@@ -87,5 +96,6 @@ def main():
             injector.stop()
         log.info("Injector stopped.")
 
+
 if __name__ == "__main__":
     main()
@@ -1,9 +1,16 @@
 {
-    "filters" : [
-        {"interface": "android.app.IActivityManager", "inclusive": false},
-        {"interface": "android.os.IServiceManager",  "inclusive": false},
-        {"interface": "android.content.IContentProvider",  "inclusive": false},
-        {"interface": "android.content.IContentService",  "inclusive": false},
-        {"interface": "android.content.pm.IPackageManager", "inclusive": false}
+    "filters": [
+        {
+            "interface": "android.gui.IDisplayEventConnection",
+            "method": "requestNextVsync",
+            "type": "",
+            "inclusive": false
+        },
+        {
+            "interface": "android.content.IContentProvider",
+            "method": "",
+            "type": "call",
+            "inclusive": false
+        }
     ]
 }