1. Frida principle

Frida is a Hook framework based on Python + javascript, through android, ios, Linux, win, OSX and other platforms, based on script interaction.

The general principle of Frida is to install a server program on the mobile end, and then transfer the port of the mobile end to the PC end. The PC end writes Python scripts for communication, and the code that needs hook in The Python script adopts javascript language.

2. The pros and cons of Frida

Advantages: in the above we can see the advantages of his configuration environment is very simple, the operation is also very convenient, very easy to use for crack development stage. Support Java layer and Native layer hook operation, in the Native layer hook if not the basic type of operation is a little troublesome.

Disadvantages: because he is only applicable to crack in the development phase, that is, he can not like Xposed for practice production, such as I write a wechat plug-in Frida write must not, because he can not run in the mobile phone. Which means it’s used a lot by crackers.

3.Frida is installed in Python

2. The version of frida-server on the mobile terminal should be consistent with the version installed on the computer, otherwise an error will be reported.

Frida-server download: github.com/frida/frida…

Below is the version inconsistency error.

3. Then copy the frida-server file to the emulator

Nox_adb push D:\11\frida-server-12.2.28-android-arm //data//local// TMP

4. Then change the permission of the frida-server file in the shell environment

Command: chmod 777 frida-server-12.2.28-android-arm

5. Run the frida-server-12.2.28-Android-ARM file

Command: / frida – server – 12.2.28 – android – arm

This indicates that it did not run successfully, the version is incorrect.

This means that running the successful version is ok

6. Perform port forwarding for the simulator

Above, the simulator has completed the communication between PC, and then it is time to write hook program for hook operation.

4. Hook operation of Frida

If the frida command is executed in the python installation (frida) directory, you will need to install frida-tools if it is not an internal or external command

PIP install frida-tools

Command to find process PID and package name: frida-ps -u (U stands for USB)

To display the successful installation data, run frida-ps -r

Python Executes the script to obtain the device

The script is as follows:

Run the script command python 11.py (you need to change the directory to the same directory as the script file)

The following shows the effect of doing this (enumerating all processes on the phone).

A specified function that monitors a specified package such as the following to monitor the browser package in the Nighter simulator

Command: frida-trace -i “open” -u com.android.browser

Used to launch Frida and app but not the app’s main program

Command: frida -u com.android.browser

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

This article takes you through the frida research on Android’s hook framework

1. Frida principle

2. The pros and cons of Frida

3.Frida is installed in Python

4. Hook operation of Frida

This article takes you through the frida research on Android’s hook framework

1. Frida principle

2. The pros and cons of Frida

3.Frida is installed in Python

4. Hook operation of Frida

Related Posts

Dart: A? [b] or a? .[b]

Understand Android messaging inside out

TextView uses (2), SpannableString and SpannableStringBuilder to implement text highlighting and clickable