哥哥 hello_world的wasm版本怎么hook呀
```// ==UserScript==
// @name localhost wasm
// @namespace http://tampermonkey.net/
// @version 0.1
// @descriptionlearn webpack wasm compiling from rust
// @author Your Name
// @match http://localhost/*
// @grant GM_xmlhttpRequest
// @grant unsafeWindow
// @require http://localhost:8080/index.js
// @run-at document-start
// ==/UserScript==
(function(){
unsafeWindow.WebAssembly.instantiateStreaming_ = unsafeWindow.WebAssembly.instantiateStreaming;
unsafeWindow.WebAssembly.instantiateStreaming = function(bufferSource, importObject){
return unsafeWindow.WebAssembly.instantiateStreaming_(bufferSource, importObject).then(
results => {
// Modify the greet function once the WebAssembly instance is created
const instance = results.instance;
debugger;
// Hook the greet function
const originalGreet = instance.exports.greet;
// debugger;
instance.exports.greet = function(...args) {
// args 是一个包含所有传入参数的数组
console.log('Hooked greet function called with arguments:', args);
// 调用原始 greet 函数,使用 apply 方法传递所有参数
return originalGreet.apply(instance, args); // args 会自动展开为多个参数传递给原始函数
};
// Expose instance globally if needed
unsafeWindow.greet = instance.exports.greet;
console.log('WebAssembly instance created and greet hooked');
return results; // Return the original results
});
}
})();
```
这里greet明明被调用了,但是hook不到,是因为greet是只读不可修改属性的原因吗,要怎么用proxy或者defineproporty来修改属性然后hook到greet函数呀(比如修改参数显示"哥哥牛逼") 哥哥最好顺便给个测试页面的demo
不然不好看问题 李恒道 发表于 2024-12-3 05:19
哥哥最好顺便给个测试页面的demo
不然不好看问题
哥哥我是本地跑的这个rust wasm 实例( example下的hello_world)https://github.com/rustwasm/wasm-bindgen/tree/main/examples rogerxavier 发表于 2024-12-3 07:24
哥哥我是本地跑的这个rust wasm 实例( example下的hello_world)https://github.com/rustwasm/wasm-bi ...
哥哥方便的话可以发个打包版的吗
我这里跑都跑不起来... https://rustwasm.github.io/wasm-bindgen/exbuild/hello_world/ 哥哥可以使用官方的示例试试 rogerxavier 发表于 2024-12-4 08:44
https://rustwasm.github.io/wasm-bindgen/exbuild/hello_world/ 哥哥可以使用官方的示例试试
可以不可以复写成功可以直接下个debugger做测试
哥哥的代码里只有instance是可以被复写的
顺着这层直接assgin一下返回应该是可以的
```js
unsafeWindow.WebAssembly.instantiateStreaming = function(bufferSource, importObject){
return unsafeWindow.WebAssembly.instantiateStreaming_(bufferSource, importObject).then(
results => {
// Modify the greet function once the WebAssembly instance is created
const instance = results.instance;
const handler = {
get: function (obj, prop) {
console.log('get attr',prop)
return obj;
},
};
results.instance=new Proxy(instance, handler);
console.log('WebAssembly instance created and greet hooked');
return results; // Return the original results
});
}
```
因为控制台测试的,后续代码就懒得写了,哥哥判断export然后assign直接复写应该就ok了
(function(){
unsafeWindow.WebAssembly.instantiateStreaming_ = unsafeWindow.WebAssembly.instantiateStreaming;
unsafeWindow.WebAssembly.instantiateStreaming = function(bufferSource, importObject){
return unsafeWindow.WebAssembly.instantiateStreaming_(bufferSource, importObject).then(
results => {
// 获取 WebAssembly 实例
const instance = results.instance;
const handler = {
get: function (obj, prop) {
// 检查是访问 exports 对象,还是更具体的函数
console.log('get attr', prop);
// 如果访问的是 'exports',进一步检查
if (prop === 'exports') {
return new Proxy(obj, {
get: function (exportsObj, exportProp) {
// 只处理对 'greet' 函数的访问
if (exportProp === 'greet') {
console.log('hook到greet');
const originalGreet = exportsObj;
return function(...args) {
console.log('调用greet函数', args);
return originalGreet(...args);
};
}
return exportsObj;
}
});
}
// 返回其他属性
return obj;
},
};
// 使用 Proxy 拦截 instance,捕获对属性(包括 exports)和 greet 的访问
results.instance = new Proxy(instance, handler);
console.log('WebAssembly instance created and greet hooked');
return results; // 返回原始结果
});
}
})();
哥哥这里我判断export然后hook到greet函数后试图打印参数并修改它添加log,但是最后报错了
'get' on proxy: property 'greet' is a read-only and non-configurable data property on the proxy target but the proxy did not return its actual value (expected 'function 64() { }' but got 'function(...args) { console.log('调用greet函数', args)...<omitted>... }')TypeError: 'get' on proxy: property 'greet' is a read-only and non-configurable data property on the proxy target but the proxy did not return its actual value (expected 'function 64() { }' but got 'function(...args) {
rogerxavier 发表于 2024-12-4 13:01
哥哥这里我判断export然后hook到greet函数后试图打印参数并修改它添加log,但是最后报错了
...
```js
// ==UserScript==
// @name localhost wasm
// @namespace http://tampermonkey.net/
// @version 0.1
// @descriptionlearn webpack wasm compiling from rust
// @author Your Name
// @match https://rustwasm.github.io/wasm-bindgen/exbuild/hello_world/
// @grant GM_xmlhttpRequest
// @grant unsafeWindow
// @run-at document-start
// ==/UserScript==
(function(){
debugger;
unsafeWindow.WebAssembly.instantiateStreaming_ = unsafeWindow.WebAssembly.instantiateStreaming;
unsafeWindow.WebAssembly.instantiateStreaming = function(bufferSource, importObject){
return unsafeWindow.WebAssembly.instantiateStreaming_(bufferSource, importObject).then(
results => {
// Modify the greet function once the WebAssembly instance is created
const instance = results.instance;
const handler = {
get: function (obj, prop) {
if(prop==='exports'){
const assign={...obj}
assign.greet=function (...args){
return obj.greet(...args)
}
return assign
}
console.log('get attr',prop)
return obj;
},
};
results.instance=new Proxy(instance, handler);
console.log('WebAssembly instance created and greet hooked');
return results; // Return the original results
});
}
})();
``` ggnb,ggnb,ggnb
页:
[1]