2025-05-24 18:32:07 +02:00
6 changed files with 16 additions and 29 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,16 +4,6 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 ## [2.2.1] - 2025-03-01
 ### Added
 - Added private key function.
 ### Fixed
 - Error extracting functions (symbols) for old libraries.
 ## [2.2.0] - 2025-01-19
 ### Added
@ -446,7 +436,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - Initial release of the project, laying the foundation for future enhancements and features.
 [2.2.1]: https://github.com/hyugogirubato/KeyDive/releases/tag/v2.2.1
 [2.2.0]: https://github.com/hyugogirubato/KeyDive/releases/tag/v2.2.0
 [2.1.5]: https://github.com/hyugogirubato/KeyDive/releases/tag/v2.1.5
 [2.1.4]: https://github.com/hyugogirubato/KeyDive/releases/tag/v2.1.4
--- a/keydive/init.py
+++ b/keydive/init.py
@ -4,4 +4,4 @@ from .cdm import Cdm
 from .vendor import Vendor
 from .keybox import Keybox
-__version__ = "2.2.1"
+__version__ = "2.2.0"
--- a/keydive/constants.py
+++ b/keydive/constants.py
@ -86,7 +86,7 @@ OEM_CRYPTO_API = {
    "rnmsglvj", "polorucp", "kqzqahjq", "pldrclfq", "kgaitijd", "cwkfcplc", "crhqcdet", "ulns", "dnvffnze", "ygjiljer",
    "qbjxtubz", "qkfrcjtw", "rbhjspoh", "zgtjmxko", "igrqajte", "ofskesua", "qllcoacg", "pukctkiv", "ehdqmfmd",
    "xftzvkwx", "gndskkuk", "wcggmnnx", "kaatohcz", "ktmgdchz", "jkcwonus", "ehmduqyt", "vewtuecx", "mxrbzntq",
-    "isyowgmp", "flzfkhbc", "rtgejgqb", "sxxprljw", "ebxjbtxl", "pcmtpkrj"
+    "isyowgmp", "flzfkhbc", "rtgejgqb"
    # Add more as needed for different versions.
 }
--- a/keydive/core.py
+++ b/keydive/core.py
@ -215,9 +215,7 @@ class Core:
            elif not minimum and vendor.oem > 17 and not self.functions:
                self.logger.warning("For OEM API > 17, specifying '--functions' is required. Refer to https://github.com/hyugogirubato/KeyDive/blob/main/docs/FUNCTIONS.md")
-            # Enable dynamic analysis (symbols) only when necessary
+            return script.exports_sync.hooklibrary(library["name"])
            dynamic = minimum and vendor.oem > 17 and not self.functions
            return script.exports_sync.hooklibrary(library["name"], dynamic)
        # Unload the script if the target library is not found.
        script.unload()
--- a/keydive/keydive.js
+++ b/keydive/keydive.js
@ -1,5 +1,5 @@
 /**
- * Date: 2025-03-01
+ * Date: 2025-01-18
 * Description: DRM key extraction for research and educational purposes.
 * Source: https://github.com/hyugogirubato/KeyDive
 */
@ -69,29 +69,30 @@ const getVersion = () => Frida.version;
 // @Utils
-const getLibraries = () => {
+const getLibraries = (name) => {
    // https://github.com/hyugogirubato/KeyDive/issues/14#issuecomment-2146788792
    try {
-        return Process.enumerateModules();
+        const libraries = Process.enumerateModules();
        return name ? libraries.filter(l => l.name.includes(name)) : libraries;
    } catch (e) {
        print(Level.CRITICAL, e.message);
        return [];
    }
-}
+};
 const getLibrary = (name) => {
-    const libraries = getLibraries().filter(l => l.name === name);
+    const libraries = getLibraries(name);
    return libraries.length === 1 ? libraries[0] : undefined;
 }
-const getFunctions = (library, dynamic) => {
+const getFunctions = (library) => {
    try {
        // https://frida.re/news/2025/01/09/frida-16-6-0-released/
-        const functions = dynamic ? library.enumerateSymbols().map(item => ({
+        const functions = library.enumerateSymbols().map(item => ({
            type: item.type,
            name: item.name,
            address: item.address
-        })) : [];
+        }));
        library.enumerateExports().forEach(item => {
            if (!functions.includes(item)) {
@ -111,7 +112,7 @@ const disableLibrary = (name) => {
    const library = getLibrary(name);
    if (library) {
        // https://github.com/hyugogirubato/KeyDive/issues/23#issuecomment-2230374415
-        const functions = getFunctions(library, false);
+        const functions = getFunctions(library);
        const disabled = [];
        functions.forEach(func => {
@ -395,7 +396,7 @@ const RunningCRC = (address) => {
 // @Hooks
-const hookLibrary = (name, dynamic) => {
+const hookLibrary = (name) => {
    // https://github.com/poxyran/misc/blob/master/frida-enumerate-imports.py
    let library = getLibrary(name);
    if (!library) return false;
@ -409,8 +410,7 @@ const hookLibrary = (name, dynamic) => {
            address: library.base.add(s.address)
        }));
    } else {
-        // https://github.com/hyugogirubato/KeyDive/issues/50
+        functions = getFunctions(library);
        functions = getFunctions(library, dynamic);
    }
    functions = functions.filter(f => !NATIVE_C_API.includes(f.name));
--- a/pyproject.toml
+++ b/pyproject.toml
@ -4,7 +4,7 @@ build-backend = "poetry.core.masonry.api"
 [tool.poetry]
 name = "keydive"
-version = "2.2.1"
+version = "2.2.0"
 description = "Extract Widevine L3 keys from Android devices effortlessly, spanning multiple Android versions for DRM research and education."
 license = "MIT"
 authors = ["hyugogirubato <65763543+hyugogirubato@users.noreply.github.com>"]