Frida 安装使用

最新推荐文章于 2024-07-19 11:30:16 发布

夏沫琅琊

最新推荐文章于 2024-07-19 11:30:16 发布

阅读量1k

点赞数 24

分类专栏：逆向文章标签： android

本文链接：https://blog.csdn.net/qq_23025319/article/details/134511329

版权

逆向专栏收录该内容

42 篇文章 4 订阅

订阅专栏

Frida 使用

1：安装

查看安装版本
frida --version
16.0.2（这是我自己安装的版本，目前最新是16.1.17）
安装
pip install frida
pip install frida-tools

2：frida-server

https://github.com/frida/frida/releases

下载相对应的server版本：(注意要跟第一步的版本一致)

可以先确认下自己设备是32还是64

adb shell getprop ro.product.cpu.abi 
我自己的设备是：
arm64-v8a

这块我下载的是：

frida-server-16.0.2-android-arm64.xz。

解压到frida-server后执行以下操作。

adb push '/home/zh/下载/frida-server' /data/local/tmp/
cd /data/local/tmp
su 
cd frida-server
chmod +777 data
./data 连接成功

3：开始工作

frida-ps -U
结果如下：
   PID  Name
-----  ---------------------------------------------------
 2357  .dataservices                                      
 3635  .dataservices                                      
 2499  .qtidataservices                                   
 1001  ATFWD-daemon                                       
 3666  AudioFX                                            
 3719  MT管理器                                              
 5960  Magisk                                             
 5942  Official TWRP App                                  
 5860  WhatsApp                                           
  740  adb_root                                           
 3502  adbd                                               
  731  adsprpcd                                           
 2650  android.ext.services                               
  577  android.hardware.audio@2.0-service                 
 1043  android.hardware.biometrics.fingerprint@2.1-service
  578  android.hardware.bluetooth@1.0-service-qti         
  579  android.hardware.camera.provider@2.4-service       
  580  android.hardware.cas@1.1-service                   
  581  android.hardware.configstore@1.1-service           
  582  android.hardware.drm@1.0-service                   
  583  android.hardware.drm@1.2-service.clearkey          
  584  android.hardware.drm@1.2-service.widevine          
  585  android.hardware.gatekeeper@1.0-service            
  586  android.hardware.gnss@2.0-service-qti              
  587  android.hardware.graphics.allocator@2.0-service    
  589  android.hardware.graphics.composer@2.1-service     
  590  android.hardware.health@2.0-service.leeco_8996     
  573  android.hardware.ir@1.0-service.leeco_8996         
  478  android.hardware.keymaster@3.0-service             
  594  android.hardware.light@2.0-service.leeco_8996      
  595  android.hardware.memtrack@1.0-service              
  597  android.hardware.power@1.2-service-qti             
  598  android.hardware.sensors@1.0-service               
  599  android.hardware.thermal@1.0-service               
  600  android.hardware.usb@1.0-service.basic             
  613  android.hardware.vibrator@1.0-service              
  614  android.hardware.vr@1.0-service                    
  618  android.hardware.wifi@1.0-service                  
  574  android.hidl.allocator@1.0-service                 
 3762  android.process.media                              
  477  android.system.suspend@1.0-service                 
  487  apexd                                              
  648  ashmemd                                            
  651  audioserver                                        
  744  cameraserver                                       
  892  cnd                                                
  995  cnss-daemon                                        
 6145  com.android.cellbroadcastreceiver                  
 5379  com.android.exchange                               
 7572  com.android.inputmethod.latin                      
 2612  com.android.launcher3                              
 2305  com.android.networkstack                           
 2523  com.android.phone                                  
 5649  com.android.providers.calendar                     
 3621  com.android.se                                     
 3736  com.android.smspush                                
 2191  com.android.systemui                               
 5720  com.android.traceur                                
 7637  com.android.webview:webview_service                
 2825  com.qualcomm.qcrilmsgtunnel                        
 5753  com.qualcomm.qti.biometrics.fingerprint.service    
 2448  com.qualcomm.qti.telephonyservice                  
 3859  com.quark.browser                                  
 7407  com.ss.android.ugc.aweme:push                      
 8948  com.ss.android.ugc.aweme:sandboxed_process1        
 6037  com.tencent.mm:push                                
 3541  com.uei.quicksetsdk.letv                              
 6645  data                                               
  895  dpmQmiMgr                                          
 1037  dpmd                                               
 1080  dpmd                                               
  746  drmserver                                          
 6663  frida-helper-32                                    
 1023  gatekeeperd                                        
  670  gpuservice                                         
  576  healthd                                            
  739  hvdcp_opti                                         
  438  hwservicemanager                                   
 1680  ims_rtp_daemon                                     
 1095  imsdatadaemon                                      
  902  imsqmidaemon                                       
  903  imsrcsd                                            
  779  incidentd                                          
    1  init                                               
  427  init                                               
  428  init                                               
  784  installd                                           
  767  ip6tables-restore                                  
 1045  ipacm                                              
  766  iptables-restore                                   
  825  keystore                                           
  671  lmkd                                               
  999  loc_launcher                                       
 4121  logcat                                             
 6647  logcat                                             
  436  logd                                               
 1074  lowi-server                                        
  522  lspd                                               
  496  magiskd                                            
  891  media.codec                                        
  859  media.extractor                                    
  867  media.metrics                                      
  969  media.swcodec                                      
  845  mediadrmserver                                     
  875  mediaserver                                        
  726  mm-pp-dpps                                         
  992  mm-qcamera-daemon                                  
  647  msm_irqbalance                                     
  541  netd                                               
  918  netmgrd                                            
 2469  org.lineageos.consumerirtransmitter                
 5790  org.lineageos.lineageparts                         
 3699  org.lineageos.settings.device                      
 3585  org.lineageos.settings.doze                        
 5825  org.lineageos.updater                              
  715  pm-proxy                                           
  637  pm-service                                         
  933  port-bridge                                        
 1018  qfp-daemon                                         
  440  qseecomd                                           
  528  qti                                                
  736  rild                                               
  954  rild                                               
  517  rirud                                              
  673  rmt_storage                                        
  641  sensors.qti                                        
  437  servicemanager                                     
 4919  sh                                                 
 5909  sh                                                 
  878  statsd                                             
  886  storaged                                           
 5905  su                                                 
  672  surfaceflinger                                     
 1098  system_server                                      
  676  tftp_server                                        
  729  thermal-engine                                     
  904  time_daemon                                        
 1025  tombstoned                                         
  429  ueventd                                            
  622  vendor.display.color@1.0-service                   
 1047  vendor.lineage.livedisplay@2.0-service-sdm         
  625  vendor.lineage.touch@1.0-service.leeco_8996        
  626  vendor.lineage.trust@1.0-service                   
  628  vendor.qti.hardware.alarm@1.0-service              
  479  vendor.qti.hardware.cryptfshw@1.0-service-qti.qsee 
  629  vendor.qti.hardware.perf@2.0-service               
  634  vendor.qti.hardware.qdutils_disp@1.0-service-qti   
  439  vndservicemanager                                  
  447  vold                                               
 2416  webview_zygote                                     
  890  wificond                                           
  894  wifidisplayhalservice                              
 2232  wpa_supplicant                                     
 1077  xtra-daemon                                        
  544  zygote                                             
  542  zygote64                                           
12744  企业微信                                               
 4729  夸克                                                 
 5041  安全证书                                               
 4207  微信                                                 
 6794  抖音                                                 
 4474  搜狗输入法                                              
 5329  电子邮件                                               
 5458  短信                                                 
 5687  设置

这里我测试下微信：

frida -U com.tencent.mm
____
    / _  |   Frida 16.0.2 - A world-class dynamic instrumentation toolkit
   | (_| |
    > _  |   Commands:
   /_/ |_|       help      -> Displays the help system
   . . . .       object?   -> Display information about 'object'
   . . . .       exit/quit -> Exit
   . . . .
   . . . .   More info at https://frida.re/docs/home/
   . . . .
   . . . .   Connected to LEX820 (id=6b4a96b2)
Failed to spawn: unable to find process with name 'com.tencent.mm'

这里出错了，会提示不能找到process.

注意这里需要根据上述获取到的名称来使用：

frida -U 微信（并不是包名）
     ____
    / _  |   Frida 16.0.2 - A world-class dynamic instrumentation toolkit
   | (_| |
    > _  |   Commands:
   /_/ |_|       help      -> Displays the help system
   . . . .       object?   -> Display information about 'object'
   . . . .       exit/quit -> Exit
   . . . .
   . . . .   More info at https://frida.re/docs/home/
   . . . .
   . . . .   Connected to LEX820 (id=6b4a96b2)
                                                                                
[LEX820::微信 ]->

可以看到这时候，连接成功了。