Skip to main content
Glama
0xhackerfren

Frida Game Hacking MCP

by 0xhackerfren
OverviewSchemaRelated ServersScoreDiscussions
Python
Local

intercept_module_function

Hook exported functions in game modules to intercept and modify execution flow using custom JavaScript code for game hacking and reverse engineering.

Instructions

Hook a function by module and function name.

Args:
    module_name: Name of the module (e.g., "game.dll")
    function_name: Name of the exported function
    on_enter: JavaScript for onEnter
    on_leave: JavaScript for onLeave

Returns:
    Hook status with resolved address.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
module_nameYes
function_nameYes
on_enterNo
on_leaveNo

Implementation Reference

  • src/frida_game_hacking_mcp/server.py:1662-1683 (handler)
    The handler implementation for the 'intercept_module_function' MCP tool. This function resolves the target function's address using the 'resolve_symbol' tool and then hooks it by calling the 'hook_function' tool.
    @mcp.tool()
def intercept_module_function(module_name: str, function_name: str,
                              on_enter: str = "", on_leave: str = "") -> Dict[str, Any]:
    """
    Hook a function by module and function name.
    
    Args:
        module_name: Name of the module (e.g., "game.dll")
        function_name: Name of the exported function
        on_enter: JavaScript for onEnter
        on_leave: JavaScript for onLeave
    
    Returns:
        Hook status with resolved address.
    """
    result = resolve_symbol(module_name, function_name)
    if "error" in result:
        return result
    
    return hook_function(result["address"], on_enter, on_leave,
                        f"{module_name}!{function_name}")
  • src/frida_game_hacking_mcp/server.py:1454-1494 (helper)
    Helper tool 'resolve_symbol' used by 'intercept_module_function' to find the address of the exported function in the specified module using Frida's Module.findExportByName.
    def resolve_symbol(module_name: str, symbol_name: str) -> Dict[str, Any]:
    """
    Resolve a symbol to its address.
    
    Args:
        module_name: Name of the module containing the symbol
        symbol_name: Name of the symbol/function
    
    Returns:
        Address of the symbol.
    """
    global _session
    
    if not _session.is_attached():
        return {"error": "Not attached. Use attach() first."}
    
    try:
        script_code = f"""
        var addr = Module.findExportByName("{module_name}", "{symbol_name}");
        send(JSON.stringify(addr ? {{address: addr.toString()}} : {{error: "Symbol not found"}}));
        """
        
        result_data = []
        def on_message(message, data):
            if message['type'] == 'send':
                result_data.append(message['payload'])
        
        script = _session.session.create_script(script_code)
        script.on('message', on_message)
        script.load()
        script.unload()
        
        import json
        result = json.loads(result_data[0]) if result_data else {"error": "No response"}
        result["module"] = module_name
        result["symbol"] = symbol_name
        return result
    
    except Exception as e:
        return {"error": f"Failed to resolve symbol: {str(e)}"}
  • src/frida_game_hacking_mcp/server.py:1500-1555 (helper)
    Core helper 'hook_function' that actually installs the Frida Interceptor hook at the given address with provided onEnter/onLeave JavaScript callbacks. Called by 'intercept_module_function' after address resolution.
    @mcp.tool()
def hook_function(address: str, on_enter: str = "", on_leave: str = "",
                  description: str = "") -> Dict[str, Any]:
    """
    Hook a function at the specified address.
    
    Args:
        address: Address to hook (hex string)
        on_enter: JavaScript code for onEnter (has access to 'args' array)
        on_leave: JavaScript code for onLeave (has access to 'retval')
        description: Optional description
    
    Returns:
        Hook status.
    """
    global _session
    
    if not _session.is_attached():
        return {"error": "Not attached. Use attach() first."}
    
    if address in _session.hooks:
        return {"error": f"Hook exists at {address}. Use unhook_function() first."}
    
    try:
        addr = int(address, 16) if address.startswith("0x") else int(address)
        
        # Use empty statement if no code provided (comment would break JS syntax)
        on_enter_code = on_enter.strip() if on_enter else ""
        on_leave_code = on_leave.strip() if on_leave else ""
        
        script_code = f"""
        Interceptor.attach(ptr("{hex(addr)}"), {{
            onEnter: function(args) {{ {on_enter_code} }},
            onLeave: function(retval) {{ {on_leave_code} }}
        }});
        send("Hook installed");
        """
        
        def on_message(message, data):
            if message['type'] == 'error':
                logger.error(f"Hook error: {message}")
        
        script = _session.session.create_script(script_code)
        script.on('message', on_message)
        script.load()
        
        _session.hooks[address] = HookInfo(
            address=address, script=script, hook_type="intercept",
            description=description or f"Hook at {address}"
        )
        
        return {"success": True, "address": address, "message": f"Hook installed at {address}"}
    
    except Exception as e:
        return {"error": f"Failed to install hook: {str(e)}"}
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/0xhackerfren/frida-game-hacking-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server