Frida Tutorial
Frida Öğretici
Bounty ipucu: Intigriti'ye kaydolun, hackerlar tarafından oluşturulan bir premium bounty platformu! Bugün https://go.intigriti.com/hacktricks adresinde bize katılın ve $100,000'e kadar ödüller kazanmaya başlayın!
Kurulum
frida araçlarını kurun:
Frida sunucusunu android cihaza indirin ve yükleyin (En son sürümü indirin). Adb'yi kök modunda yeniden başlatmak, ona bağlanmak, frida sunucusunu yüklemek, yürütme izinleri vermek ve arka planda çalıştırmak için tek satırlık komut:
Çalışıp çalışmadığını kontrol edin:
Öğreticiler
Kaynak: https://medium.com/infosec-adventures/introduction-to-frida-5a3f51595ca1 APK: https://github.com/t0thkr1s/frida-demo/releases Kaynak Kodu: https://github.com/t0thkr1s/frida-demo
Okumak için linke tıklayın.
Kaynak: https://11x256.github.io/Frida-hooking-android-part-2/ (Bölümler 2, 3 ve 4) APK'lar ve Kaynak Kodu: https://github.com/11x256/frida-android-examples
Okumak için linke tıklayın.
Kaynak: https://joshspicer.com/android-frida-1 APK: https://github.com/OWASP/owasp-mstg/blob/master/Crackmes/Android/Level_01/UnCrackable-Level1.apk
Okumak için linke tıklayın.
Daha fazla Harika Frida betiği burada bulunabilir: https://codeshare.frida.re/
Hızlı Örnekler
Komut satırından Frida'yı çağırmak
Temel Python Scripti
Parametresiz fonksiyonları kancalamak
sg.vantagepoint.a.c
sınıfının a()
fonksiyonunu kancala.
Frida Tutorial: Hooking exit()
Method in Java
exit()
Method in JavaIn this tutorial, we will learn how to hook the exit()
method in Java using Frida. By hooking this method, we can intercept the application's exit process and perform additional actions or manipulate the behavior of the application.
Prerequisites
Before we begin, make sure you have the following:
A rooted Android device or an emulator
Frida installed on your machine
Basic knowledge of JavaScript and Java
Step 1: Setting up the Environment
First, we need to set up the environment for our Frida script. Create a new file called hook_exit.js
and open it in a text editor.
Step 2: Writing the Frida Script
In the hook_exit.js
file, we will write the Frida script to hook the exit()
method. Here's an example script:
In this script, we use the Java.perform()
function to perform our hooking logic. We then use the Java.use()
function to get references to the System
and Runtime
classes.
Next, we hook the exit()
method by replacing its implementation with our own function. Inside the hooked function, we can perform additional actions or manipulate the behavior of the application.
Finally, we call the original exit()
method using this.exit.apply(this, arguments)
to ensure the application exits properly.
Step 3: Running the Frida Script
To run the Frida script, follow these steps:
Connect your Android device or emulator to your machine.
Open a terminal and navigate to the directory where the
hook_exit.js
file is located.Run the following command to start the Frida server:
Install the target application on your device or emulator.
Run the following command to attach the Frida script to the target application:
Replace
<package_name>
with the package name of the target application.The Frida script will be injected into the target application, and you will see the message "exit() method hooked" in the console.
Conclusion
In this tutorial, we learned how to hook the exit()
method in Java using Frida. By hooking this method, we can intercept the application's exit process and perform additional actions or manipulate the behavior of the application.
Frida Tutorial: Hook MainActivity .onStart()
& .onCreate()
.onStart()
& .onCreate()
In this tutorial, we will learn how to use Frida to hook the .onStart()
and .onCreate()
methods of the MainActivity class in an Android app.
Prerequisites
Before we begin, make sure you have the following:
Frida installed on your machine
An Android device or emulator
The target app installed on the device or emulator
Step 1: Set Up the Environment
First, we need to set up the environment by installing Frida on our machine. You can find the installation instructions for your specific operating system on the Frida website.
Once Frida is installed, make sure your Android device or emulator is connected to your machine.
Step 2: Identify the Target App
Next, we need to identify the target app that we want to hook. You can find the package name of the app by looking at the AndroidManifest.xml
file or by using a tool like adb
:
Step 3: Write the Frida Script
Now, let's write the Frida script to hook the .onStart()
and .onCreate()
methods of the MainActivity class. Create a new file called hook.js
and add the following code:
Step 4: Run the Frida Script
To run the Frida script, open a terminal and navigate to the directory where the hook.js
file is located. Then, run the following command:
Replace <package_name>
with the package name of the target app.
Step 5: Test the Hook
Finally, launch the target app on your Android device or emulator. You should see the log messages MainActivity.onStart() hooked
and MainActivity.onCreate() hooked
in the terminal where you ran the Frida script.
Congratulations! You have successfully hooked the .onStart()
and .onCreate()
methods of the MainActivity class using Frida.
Conclusion
In this tutorial, we learned how to use Frida to hook the .onStart()
and .onCreate()
methods of the MainActivity class in an Android app. This technique can be useful for analyzing and modifying the behavior of Android apps during runtime.
Frida Tutorial: Hook Android .onCreate()
.onCreate()
In this tutorial, we will learn how to hook the .onCreate()
method in an Android application using Frida. By hooking this method, we can intercept and modify the behavior of the application during its initialization process.
Prerequisites
Before we begin, make sure you have the following:
An Android device or emulator
Frida installed on your machine
Basic knowledge of JavaScript and Android development
Steps
Launch the target application on your Android device or emulator.
Open a terminal and start the Frida server by running the following command:
Create a new JavaScript file, for example
hook.js
, and add the following code:In the above code, replace
'com.example.TargetClass'
with the fully qualified name of the class containing the.onCreate()
method that you want to hook.Save the
hook.js
file.In the terminal, navigate to the directory where the
hook.js
file is located.Run the following command to start the Frida script:
Replace
com.example.targetapp
with the package name of the target application.If everything is set up correctly, you should see the message
Hooked .onCreate()
in the terminal.Now, when the target application's
.onCreate()
method is called, your custom code will be executed.
Conclusion
By hooking the .onCreate()
method in an Android application using Frida, you can gain control over the application's initialization process and modify its behavior as desired. This technique can be useful for various purposes, such as debugging, reverse engineering, or security analysis.
Parametreleri olan fonksiyonları kancalamak ve değeri almak
Bir şifre çözme fonksiyonunu kancalamak. Girdiyi yazdır, orijinal fonksiyonu çağırarak girdiyi çöz ve son olarak düz metni yazdır:
Fonksiyonları kancalamak ve kendi girdimizle çağırmak
Bir dize alan bir fonksiyonu kancala ve başka bir dizeyle çağır (buradan alınan linkten alınan örnek üzerinden).
Bir sınıfın zaten oluşturulmuş bir nesnesini almak
Bir oluşturulmuş nesnenin bazı özelliklerini çıkarmak isterseniz, bunu kullanabilirsiniz.
Bu örnekte, my_activity sınıfının nesnesini nasıl alacağınızı ve nesnenin bir özel özelliğini yazdıracak olan .secret() fonksiyonunu nasıl çağıracağınızı göreceksiniz:
Diğer Frida öğreticileri
Bug bounty ipucu: Intigriti'ye kaydolun, hackerlar tarafından oluşturulan bir premium bug bounty platformuna! Bugün https://go.intigriti.com/hacktricks adresine katılın ve $100,000'e kadar ödüller kazanmaya başlayın!
Last updated