frida - 简单入门

最新推荐文章于 2025-03-26 16:59:13 发布

黄靖翔

最新推荐文章于 2025-03-26 16:59:13 发布

阅读量948

点赞数

分类专栏： android逆向

本文链接：https://blog.youkuaiyun.com/eyulove/article/details/104487496

版权

android逆向专栏收录该内容

4 篇文章

订阅专栏

安装python环境（自己百度搜）
pip install frida
pip install frida-tools
下载frida-server 对应的cpu平台版本，如x86 ，arm，arm64等，frida版本也要对应，电脑用usb连接手机，打开调试模式，然后adb push frida-server /data/local/tmp
adb shell
su
cd /data/local/tmp
chmod 777 frida-server (赋予权限)
./frida-server (运行frida-server)
写个app，com.frida.demo

class MainActivity : AppCompatActivity() {

    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        setContentView(R.layout.activity_main)
    }

    fun click_hook_you(view: View) {

        Toast.makeText(this,getInfoFromYou(),Toast.LENGTH_SHORT).show()

    }

    fun getInfoFromYou():String {

        return "fuck you!!!!!"
    }
}

<?xml version="1.0" encoding="utf-8"?>
<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
    xmlns:app="http://schemas.android.com/apk/res-auto"
    xmlns:tools="http://schemas.android.com/tools"
    android:layout_width="match_parent"
    android:layout_height="match_parent"
    tools:context=".MainActivity">

    <Button
        android:id="@+id/button"
        android:layout_width="wrap_content"
        android:layout_height="wrap_content"
        android:onClick="click_hook_you"
        android:text="@string/button_name"
        app:layout_constraintBottom_toTopOf="@+id/guideline"
        app:layout_constraintEnd_toEndOf="parent"
        app:layout_constraintHorizontal_bias="0.498"
        app:layout_constraintStart_toStartOf="parent"
        app:layout_constraintTop_toTopOf="parent" />

    <androidx.constraintlayout.widget.Guideline
        android:id="@+id/guideline"
        android:layout_width="wrap_content"
        android:layout_height="wrap_content"
        android:orientation="horizontal"
        app:layout_constraintGuide_begin="264dp" />
</androidx.constraintlayout.widget.ConstraintLayout>

安装到手机，打开
编写frida脚本，命名hello.py

import frida, sys



jscode = """
Java.perform(function() {
    console.log('\\n----- [stat hook 咯] -----');
    var mainactivity = Java.use('com.frida.demo.MainActivity'); 
    mainactivity.getInfoFromYou.implementation = function() { 
        var a = this.getInfoFromYou();
        console.log('\\n----- [stat hook 咯] -----'+a);
        return "already hook me !!!fuck!!!!"; // 返回
    }
});
"""
#jscode = open('script.js', 'r',encoding='utf-8').read() # 获取js脚本内容
print(jscode)
process = frida.get_usb_device(timeout=5).attach('com.frida.demo')
script = process.create_script(jscode)
script.load()
sys.stdin.read()

运行frida脚本python hello.py