Frida for all! Pt. 1

What is it?

Frida is a rapid instrumentation and reverse engineering platform that works across all 5 major platforms (windows, linux, OSX, iOS, and Android) as well as incoming support for MIPS processors and probably a lot more.

Kk, how does it work?

Well, it sounds nuts, but it let’s you inject javascript into a running process, invoked by a python/node.js/whatever script.

No lie. Let’s read that again, only with more explanation:

  • Frida triggers a version of the google V8 javascript engine
  • This gets hooked into the running process’ runtime
  • Our javascript becomes bytecode and our bytecode gets executed in the place we specify

Ok, so the python/node/whatever is just a loader script that invokes the frida-core running locally to interact with services.

But how does this work with iOS or Android? Well, there are pre-compiled binary agents that run on each platform. Here’s how they work:

  • Android:
    • frida-server can be loaded over adb, and then invoked, ideally as root
    • This is then communicated over ssh/USB by frida-core
  • iOS:
    • frida-server can be run on the device by deploying the package through Cydia (if jailbroken)
    • the frida.dylib can be packaged into an iOS app, which can then be re-signed and deployed to run the frida gadget from within the app itself.

But what are the advantages?

  1. Speed - seriously, nothing is as fast at instrumenting and app
  2. Flexibility - the use of JS means it’s trivially easy to learn and very easy to expand upon.
  3. Singular RE Platform - no need to learn different systems for different platforms. Frida is the same thing to all platforms!

What are the drawbacks?

If we’re being honest, the documentation isn’t great (working on it!), but the release notes and API docs are complete! There just isn’t much by way of ‘newb-proof’ technical introductions that can be read by people maybe new to RE. But this is slowly changing, and is now looking not too shabby!

Who the hell are you to comment on Frida?

Well, I wrote a load of tutorial code/examples, and I use it pretty much every other engagement I do, now, so go figure…

Getting Started

Ok, this is going to be incomplete, but as a basic introduction, let’s use python…

How to install

pip install frida

Well, that was easy. Might need to be sudo…

How to run

If you’re curious about a particular applciation, then start with frida-discover

How to use

/…to follow…/

Worked Example

See the Frida Docs for how to do this. I wrote a chunk of it, so I’m probably to blame if it doesn’t work!!