實踐是檢驗真理的唯一标準,程式設計更是如此。-----箴言
Frida的安裝與初步使用:
1. 官網:
https://frida.re/docs/home/
https://www.frida.re/docs/javascript-api/
2. 安裝:
(1)安裝:
(sudo) pip install frida
(sudo) pip install frida-tools
(2)驗證python指令 :
cmd 輸入python ,進入python
繼續輸入 import frida
如果什麼都沒顯示,恭喜應該是安裝好了。
例如:
aaaaa:frida$ python
Python 3.8.2 (v3.8.2:7b3ab5921f, Feb 24 2020, 17:52:18)
[Clang 6.0 (clang-600.0.57)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import frida
>>>
驗證成功。
3. push frida-server:
push到木木模拟器:
先連接配接模拟器:adb kill-server && adb server && adb shell;
下載下傳好對應的frida-server的版本,并且,push和改名到/data/local/tmp/frida-server,改權限并運作;
adb push frida-server /data/local/tmp/
adb shell
cd /data/local/tmp
chmod 755 frida-server
./frida-server (&)
1400
4. Frida工具使用:(1)frida-ps常用指令:
frida-ps --version
frida-ps (-U)
frida-ps --help
frida-ps -h
frida-ps -j
frida-ps -a
frida-ps -Ua
frida-ps -Uai
(2)frida指令:
frida -h (--help)
frida --version
(3)frida-trace 追蹤某個函數:
它主要的工作方式是将腳本庫注入到目标程序,在目标程序執行腳本。這裡需要注意的是,它是将腳本庫注入到已經啟動的程序.
aaaaa:Downloads$ frida-trace -i "open" -U com.test.myglibtestapp
Instrumenting...
open: Auto-generated handler at "/Users/user1/Downloads/__handlers__/gralloc.x86.so/open.js"
Started tracing 1 function. Press Ctrl+C to stop.
/* TID 0x645 */
11531 ms open(path="/dev/ashmem", oflag=0x2)
14864 ms open(path="/dev/ashmem", oflag=0x2)
![記一次利用動态調試so包破解協定 (2)[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)