CreditTone
commented
3 years ago frida-ps -U 检测下frida-server是否正常启动
Closed shuo997218243 closed 3 years ago
CreditTone
commented
3 years ago frida-ps -U 检测下frida-server是否正常启动
shuo997218243
commented
3 years ago frida-ps -U 检测下一个frida-server是否正常启动
我的Frida是正常启动的,我单独调用某一个目录下的hooking或者attach是没有问题的 xinit和Radar是否需要手动创建呢
CreditTone
commented
3 years ago 方便发下apk吗
shuo997218243
commented
3 years ago 方便发下apk吗
微信8.0.2版本
CreditTone
commented
3 years ago xinit和Radar不需要手动创建
shuo997218243
commented
3 years ago xinit和Radar不需要手动创建
我的用的设备是 pixel 2xl magisk root的 每次进入都需要su root,这个我不知道会不会有影响
shuo997218243
commented
3 years ago frida-ps -U 检测下frida-server是否正常启动
try: if remoteDriver: rdev = frida.get_device_manager().add_remote_device(remoteDriver) elif platform.system().find("Windows") != -1: warn("推荐使用linux或mac操作系统获得更好的兼容性.") rdev = frida.get_remote_device() else: rdev = frida.get_usb_device(1000) online_session = rdev.attach(packageName)
找到原因了
rdev = frida.get_usb_device(1000)
online_session = rdev.attach(packageName)
运行到 online_session = rdev.attach(packageName) 这句话回报错,请问有什么解决方法么
CreditTone
commented
3 years ago 我mac os系统,是正常运行的
stephen@m:~/eclipse-workspace/hooker$ ./hooker
PID Name Identifier
----- --------------------------- ----------------------------------------------------
3414 AI虚拟助手 com.xiaomi.aiasst.service
3380 Analytics com.miui.analytics
2741 Android Services Library android.ext.services
11549 Android System WebView com.google.android.webview
2086 Android 系统 android
2086 FingerprintExtensionSer… com.fingerprints.extension.service
3106 GFManager com.goodix.fingerprint
4534 Joyose com.xiaomi.joyose
2086 LocationServices com.qualcomm.location
3186 Mi RCS com.xiaomi.mircs
3245 MiuiBiometric com.miui.face
3138 MiuiDaemon com.miui.daemon
4725 ON Semiconductor AOL com.bsquare.ucdetectservice
3147 SecureElementApplicati… com.android.se
2691 USIM卡应用 com.android.stk
6927 WMService com.miui.wmsvc
3319 com.android.smspush com.android.smspush
2642 com.qti.dpmserviceapp com.qti.dpmserviceapp
2691 com.qti.qualcomm.data… com.qti.qualcomm.datastatusnotification
2673 com.qualcomm.qcrilmsg… com.qualcomm.qcrilmsgtunnel
5204 com.qualcomm.qti.autor… com.qualcomm.qti.autoregistration
5310 com.qualcomm.qti.smci… com.qualcomm.qti.smcinvokepkgmgr
2661 com.qualcomm.qti.telep… com.qualcomm.qti.telephonyservice
2642 com.quicinc.cne.CNESer… com.quicinc.cne.CNEService
2691 org.codeaurora.ims org.codeaurora.ims
2642 uceShimService com.qualcomm.qti.uceShimService
3259 下载管理程序 com.android.providers.downloads
3259 媒体存储设备 com.android.providers.media
3089 小爱同学 com.miui.voiceassist
9090 小米SIM卡激活服务 com.xiaomi.simactivate.service
12203 小米云服务 com.miui.cloudservice
4946 小米互传 com.miui.mishare.connectivity
5427 小米互联通信服务 com.xiaomi.mi_connect_service
3739 小米帐号 com.xiaomi.account
3203 小米服务框架 com.xiaomi.xmsf
11455 应用商店 com.xiaomi.market
3119 应用程序扩展服务 com.miui.contentcatcher
12311 微信 com.tencent.mm
3442 快应用服务框架 com.miui.hybrid
3339 手机管家 com.miui.securitycenter
3772 授权管理 com.lbe.security.miui
4475 搜狗输入法小米版 com.sohu.inputmethod.sogou.xiaomi
8127 搜索 com.android.quicksearchbox
8757 易车 com.yiche.autoeasy
7046 智能服务 com.miui.systemAdSolution
3233 查找手机 com.xiaomi.finddevice
2691 电话和短信存储 com.android.providers.telephony
2691 电话服务 com.android.phone
3276 电量和性能 com.miui.powerkeeper
12272 相机 com.android.camera
2458 系统 UI com.android.systemui
2704 系统桌面 com.miui.home
3996 网络位置服务 com.xiaomi.metoknlp
3276 耗电检测 com.xiaomi.powerchecker
4018 融合位置服务 com.xiaomi.location.fused
11344 设置 com.android.settings
2086 设置存储 com.android.providers.settings
3173 语音唤醒 com.miui.voicetrigger
12079 软件包权限帮助程序 com.android.defcontainer
4999 通知管理 com.miui.notification
2086 通话管理 com.android.server.telecom
Enter the need to attach package.
: com.tencent.mm
It's com.tencent.mm that you have attached app.
--------------------------------------------------
Please enter e, s, j, c or ex command.
a: Discovering activities.
b: Discovering services.
c: Discovering object. eg:'c {objectId}'
d: Object2Explain. eg:'d {objectId}'
v: Discovering view. eg:'v {viewId}'
e: Determines whether a class exists. eg:'e android.app.Application'
s: Discovering classes by a class'regex. eg:'s com.tencent.mm.Message.*'
t: Discovering offspring classes by a class'name. eg:'t com.tencent.mm.BasicActivity'
j: Generating hooked js. eg:'j okhttp3.Request$Builder:build'
k: Generating hooked the string generation js with a keyword. eg:'k {YourKeyword}'
l: Generating hooked the param generation js with a param keyword. eg:'l {YourKeyword}'
m: Discovering so module.
ex: Exit to the upper layer. eg:'ex'
: a
Found Activities: 3
------------------0--------------------
Activity Title: 微信
Activity Class: com.tencent.mm.ui.LauncherUI
Activity SuperClass: com.tencent.mm.plugin.secdata.ui.MMSecDataFragmentActivity
Activity ImplementInterfaces:
Activity OnTop: false
Activity Paused: true
Activity Stopped: true
Activity Fields: 22
name:QcV static:false fromExtends:false type:com.tencent.mm.sdk.event.IListener objectId:v8himIU9aR value:com.tencent.mm.ui.LauncherUI$1@264872986
name:QcW static:false fromExtends:false type:com.tencent.mm.sdk.event.IListener objectId:oa6qaXpGwI value:com.tencent.mm.ui.LauncherUI$2@254111933
name:QcX static:false fromExtends:false type:com.tencent.mm.ui.HomeUI objectId:rTWgxOXo8x value:com.tencent.mm.ui.HomeUI@112986408
name:QcY static:false fromExtends:false type:com.tencent.mm.ui.q objectId:m3rDQ4pWp6 value:com.tencent.mm.ui.q@97142337
name:QcZ static:false fromExtends:false type:boolean value:false
name:Qda static:false fromExtends:false type:boolean value:false
name:Qdb static:false fromExtends:false type:boolean value:false
name:Qdc static:false fromExtends:false type:com.tencent.mm.plugin.wallet_index.c.b value:null
name:Qdd static:false fromExtends:false type:com.tencent.mm.pluginsdk.t objectId:RaOSYfv9Qo value:com.tencent.mm.pluginsdk.t@265152486
name:Qdf static:false fromExtends:false type:boolean value:false
name:Qdg static:false fromExtends:false type:com.tencent.mm.sdk.platformtools.MMHandler objectId:mecYTuTXjE value:Handler (com.tencent.mm.sdk.platformtools.MMHandler$2) {b9bf3a0}
name:Qdh static:false fromExtends:false type:java.lang.Runnable objectId:nmb6IFKEEf value:com.tencent.mm.ui.LauncherUI$6@225177535
name:Qdi static:false fromExtends:false type:boolean value:false
name:Qdj static:false fromExtends:false type:int value:0
name:chattingTabUI static:false fromExtends:false type:com.tencent.mm.ui.NewChattingTabUI objectId:sZwHBnJOvJ value:com.tencent.mm.ui.NewChattingTabUI@87295357
name:eak static:false fromExtends:false type:android.content.Intent objectId:57a9XoNBQc value:android.content.Intent@77170883
name:QcQ static:true fromExtends:false type:java.util.ArrayList objectId:cBl9C7MfxM size:1 value:java.util.ArrayList@198762811
name:QcR static:true fromExtends:false type:java.util.ArrayList objectId:I5s2ilE2ky size:1 value:java.util.ArrayList@75529368
name:QcS static:true fromExtends:false type:boolean value:true
name:QcT static:true fromExtends:false type:long value:1618996182219
name:QcU static:true fromExtends:false type:boolean value:false
name:Qde static:true fromExtends:false type:boolean value:false
Activity Methods: 46
public com.tencent.mm.ui.LauncherUI()
public void onNewIntent(android.content.Intent)
public void onActivityResult(int,int,android.content.Intent)
private void bC(android.content.Intent)
private void bD(android.content.Intent)
public void onBackPressed()
public void onResume()
public boolean dispatchKeyEvent(android.view.KeyEvent)
static boolean bdR()
public java.util.Set importUIComponents()
public void onConfigurationChanged(android.content.res.Configuration)
public void finish()
public void onRequestPermissionsResult(int,java.lang.String[],int[])
public void onStop()
public void onDestroy()
public static void kw(android.content.Context)
public boolean onCreateOptionsMenu(android.view.Menu)
private void kv(android.content.Context)
public void onSwipe(float)
static void b(com.tencent.mm.ui.LauncherUI)
static void a(com.tencent.mm.ui.LauncherUI)
public com.tencent.mm.ui.HomeUI getHomeUI()
public boolean onOptionsItemSelected(android.view.MenuItem)
public final void startChatting(java.lang.String,android.os.Bundle,boolean)
public void onRestoreInstanceState(android.os.Bundle)
public void startActivityForResult(android.content.Intent,int,android.os.Bundle)
public android.view.ActionMode onWindowStartingActionMode(android.view.ActionMode$Callback)
public static com.tencent.mm.ui.LauncherUI getInstance()
public void onWindowFocusChanged(boolean)
private void CH(boolean)
public void onMultiWindowModeChanged(boolean)
private void hgO()
public void onCreate(android.os.Bundle)
private boolean hgQ()
private void hgP()
private void hgS()
private boolean hgR()
public static boolean hgU()
public final void closeChatting(boolean)
private void hgT()
public void onPause()
public boolean forceRemoveNoMatchOnPath()
public com.tencent.mm.ui.MMFragment getCurrentFragmet()
public static int getCurrentTabIndex()
public void onSettle(boolean,int)
public void onSaveInstanceState(android.os.Bundle)
------------------1--------------------
Activity Title: 微信
Activity Class: com.tencent.mm.plugin.account.ui.MobileInputUI
Activity SuperClass: com.tencent.mm.ui.MMActivity
Activity ImplementInterfaces:
Activity OnTop: false
Activity Paused: true
Activity Stopped: false
Activity Fields: 46
name:countryCode static:false fromExtends:false type:java.lang.String objectId:xEZVo2slA0 value:86
name:iTY static:false fromExtends:false type:int value:0
name:jst static:false fromExtends:false type:java.lang.String objectId:QhX5KAxUSL value:中国大陆
name:kCJ static:false fromExtends:false type:java.lang.String objectId:36Hwz35ulI value:
name:kCO static:false fromExtends:false type:boolean value:false
name:kCd static:false fromExtends:false type:com.tencent.mm.sdk.event.IListener objectId:WLdNCj6yGv value:com.tencent.mm.plugin.account.ui.MobileInputUI$1@176830490
name:kDF static:false fromExtends:false type:android.widget.Button viewId:2131304136 objectId:EC67Rj60mQ value:android.widget.Button@255331774
name:kDL static:false fromExtends:false type:[I value:[I@235007519
name:kDZ static:false fromExtends:false type:com.tencent.mm.platformtools.x objectId:rRoebFl3f9 value:com.tencent.mm.platformtools.x@140117356
name:kDg static:false fromExtends:false type:android.widget.EditText viewId:2131299997 objectId:3AeGefDos3 value:com.tencent.mm.plugin.account.sdk.MMImeClearEditText@159606581
name:kDm static:false fromExtends:false type:android.widget.Button viewId:2131304153 objectId:quFn5f5luB value:android.widget.Button@42631738
name:kDn static:false fromExtends:false type:android.widget.Button viewId:2131304155 objectId:GW4emPNuGz value:android.widget.Button@26118150
name:kDo static:false fromExtends:false type:android.view.View viewId:2131301992 objectId:QQqHvxDaXR value:android.widget.RelativeLayout@230057032
name:kDp static:false fromExtends:false type:android.widget.Button viewId:2131304160 objectId:0IcrW0gy62 value:android.widget.Button@15127265
name:kDv static:false fromExtends:false type:com.tencent.mm.plugin.account.ui.ResizeLayout viewId:2131307468 objectId:UwHqAsbhNK value:com.tencent.mm.plugin.account.ui.ResizeLayout@6376763
name:kEV static:false fromExtends:false type:com.tencent.mm.ui.base.MMFormInputView viewId:2131305133objectId:wpwodbvEC5 value:com.tencent.mm.plugin.account.sdk.MMImeFormInputView@189121651
name:kEW static:false fromExtends:false type:android.widget.EditText viewId:2131299997 objectId:mMztn9no3y value:com.tencent.mm.plugin.account.sdk.MMImeClearEditText@177358181
name:kEX static:false fromExtends:false type:com.tencent.mm.ui.base.MMFormVerifyCodeInputView viewId:2131308521 objectId:dz5b4nfutn value:com.tencent.mm.ui.base.MMFormVerifyCodeInputView@160448945
name:kEY static:false fromExtends:false type:android.view.View viewId:2131307230 objectId:HTmeOxklJe value:android.widget.LinearLayout@106305174
name:kEZ static:false fromExtends:false type:android.widget.CheckBox viewId:2131307237 objectId:TQ5tunrwRQ value:android.widget.CheckBox@193823255
name:kEm static:false fromExtends:false type:com.tencent.mm.ui.base.MMFormInputView viewId:2131308216objectId:66CGQRgp0s value:com.tencent.mm.plugin.account.sdk.MMImeFormInputView@229479940
name:kEq static:false fromExtends:false type:com.tencent.mm.plugin.account.ui.MMKeyboardUperView viewId:2131307882 objectId:5IyLAFjeeD value:com.tencent.mm.plugin.account.ui.MMKeyboardUperView@132047319
name:kEr static:false fromExtends:false type:boolean value:false
name:kEt static:false fromExtends:false type:int value:128
name:kFa static:false fromExtends:false type:android.widget.TextView viewId:2131307236 objectId:KCPgXW7NaT value:android.widget.TextView@47515170
name:kFb static:false fromExtends:false type:android.widget.Button viewId:2131305800 objectId:JtvIOwDa4w value:android.widget.Button@40687529
name:kFc static:false fromExtends:false type:android.widget.TextView viewId:2131307255 objectId:iLkzxi6n23 value:android.widget.TextView@215886003
name:kFd static:false fromExtends:false type:android.widget.TextView viewId:2131304169 objectId:vZqESsVGRg value:android.widget.TextView@170921389
name:kFe static:false fromExtends:false type:android.widget.TextView viewId:2131305130 objectId:mngZDgnYY9 value:android.widget.TextView@113014249
name:kFf static:false fromExtends:false type:android.widget.Button viewId:2131304148 objectId:bCOFfGQO1s value:android.widget.Button@42065712
name:kFg static:false fromExtends:false type:android.view.View viewId:2131297703 objectId:iC1TJuIea9 value:android.widget.RelativeLayout@100653764
name:kFh static:false fromExtends:false type:boolean value:true
name:kFi static:false fromExtends:false type:java.lang.String objectId:hhUpo2XiOL value:
name:kFj static:false fromExtends:false type:java.lang.String objectId:DWLM0H4lRa value:
name:kFk static:false fromExtends:false type:int value:1
name:kFl static:false fromExtends:false type:com.tencent.mm.plugin.account.ui.MobileInputUI$b objectId:NjBb7zN032 value:com.tencent.mm.plugin.account.ui.j@17632451
name:kFm static:false fromExtends:false type:boolean value:false
name:kFn static:false fromExtends:false type:java.lang.String objectId:b5htDIwYpF value:
name:kFo static:false fromExtends:false type:java.lang.String objectId:D5ftGoqHl2 value:
name:krZ static:false fromExtends:false type:android.widget.LinearLayout viewId:2131299342 objectId:f3WdpyvHf6 value:android.widget.LinearLayout@191805666
name:ksX static:false fromExtends:false type:java.lang.String objectId:6j4o1g6IeQ value:
name:ksb static:false fromExtends:false type:android.widget.TextView viewId:2131299344 objectId:7SLjfpWIul value:android.widget.TextView@120468687
name:ksd static:false fromExtends:false type:java.lang.String objectId:NEdDETN6vg value:
name:kup static:false fromExtends:false type:com.tencent.mm.ui.base.q value:null
name:mController static:false fromExtends:true type:com.tencent.mm.ui.w objectId:xuieGVZyCL value:com.tencent.mm.ui.MMActivity$1@92839183
name:landscapeMode static:false fromExtends:true type:boolean value:false
Activity Methods: 33
public com.tencent.mm.plugin.account.ui.MobileInputUI()
public void onActivityResult(int,int,android.content.Intent)
public void onResume()
public boolean onKeyDown(int,android.view.KeyEvent)
public void finish()
private static void Y(android.content.Context,java.lang.String)
static void Z(android.content.Context,java.lang.String)
public void onRequestPermissionsResult(int,java.lang.String[],int[])
public void onDestroy()
public int getLayoutId()
static boolean e(com.tencent.mm.plugin.account.ui.MobileInputUI)
static void d(com.tencent.mm.plugin.account.ui.MobileInputUI)
static java.lang.String g(com.tencent.mm.plugin.account.ui.MobileInputUI)
static boolean f(com.tencent.mm.plugin.account.ui.MobileInputUI)
static void i(com.tencent.mm.plugin.account.ui.MobileInputUI)
static java.lang.String h(com.tencent.mm.plugin.account.ui.MobileInputUI)
static void k(com.tencent.mm.plugin.account.ui.MobileInputUI)
static com.tencent.mm.plugin.account.ui.MMKeyboardUperView j(com.tencent.mm.plugin.account.ui.MobileInputUI)
static void c(com.tencent.mm.plugin.account.ui.MobileInputUI)
static void b(com.tencent.mm.plugin.account.ui.MobileInputUI)
private boolean bxB()
private boolean bxA()
private void bxD()
public final boolean bxC()
private void bxE()
public void onWindowFocusChanged(boolean)
public void onCreate(android.os.Bundle)
public void onPause()
public void setRequestedOrientation(int)
static java.lang.String b(com.tencent.mm.plugin.account.ui.MobileInputUI,java.lang.String)
static java.lang.String a(com.tencent.mm.plugin.account.ui.MobileInputUI,java.lang.String)
private void goBack()
public void initView()
------------------2--------------------
Activity Title: 微信
Activity Class: com.tencent.mm.plugin.account.ui.WelcomeActivity
Activity SuperClass: com.tencent.mm.ui.MMFragmentActivity
Activity ImplementInterfaces:
Activity OnTop: false
Activity Paused: true
Activity Stopped: true
Activity Fields: 6
name:kBY static:false fromExtends:false type:com.tencent.mm.ui.h.a.d value:null
name:kCo static:false fromExtends:false type:com.tencent.mm.ui.h.a.c value:null
name:kCr static:false fromExtends:false type:com.tencent.mm.g.b.a.ll objectId:FFYqQZjphm value:com.tencent.mm.g.b.a.ll@148735909
name:kDZ static:false fromExtends:false type:com.tencent.mm.platformtools.x objectId:dEp8EjFomf value:com.tencent.mm.platformtools.x@71645050
name:kJV static:false fromExtends:false type:com.tencent.mm.plugin.account.ui.WelcomeSelectView viewId:-1objectId:4uZACi1tKm value:com.tencent.mm.plugin.account.ui.WelcomeSelectView@180091691
name:kBz static:true fromExtends:false type:[Ljava.lang.String; objectId:zRisIkOvuQ value:[Ljava.lang.String;@121895201
Activity Methods: 15
public com.tencent.mm.plugin.account.ui.WelcomeActivity()
public void onActivityResult(int,int,android.content.Intent)
public void onBackPressed()
public void onResume()
static com.tencent.mm.ui.h.a.c e(com.tencent.mm.plugin.account.ui.WelcomeActivity)
static void f(com.tencent.mm.plugin.account.ui.WelcomeActivity)
static void c(com.tencent.mm.plugin.account.ui.WelcomeActivity)
static com.tencent.mm.ui.h.a.d d(com.tencent.mm.plugin.account.ui.WelcomeActivity)
static com.tencent.mm.g.b.a.ll a(com.tencent.mm.plugin.account.ui.WelcomeActivity)
static void b(com.tencent.mm.plugin.account.ui.WelcomeActivity)
public void onRequestPermissionsResult(int,java.lang.String[],int[])
public void onDestroy()
private void byj()
public void onWindowFocusChanged(boolean)
public void onCreate(android.os.Bundle)
Please enter e, s, j, c or ex command.
a: Discovering activities.
b: Discovering services.
c: Discovering object. eg:'c {objectId}'
d: Object2Explain. eg:'d {objectId}'
v: Discovering view. eg:'v {viewId}'
e: Determines whether a class exists. eg:'e android.app.Application'
s: Discovering classes by a class'regex. eg:'s com.tencent.mm.Message.*'
t: Discovering offspring classes by a class'name. eg:'t com.tencent.mm.BasicActivity'
j: Generating hooked js. eg:'j okhttp3.Request$Builder:build'
k: Generating hooked the string generation js with a keyword. eg:'k {YourKeyword}'
l: Generating hooked the param generation js with a param keyword. eg:'l {YourKeyword}'
m: Discovering so module.
ex: Exit to the upper layer. eg:'ex'
:
frida-ps -U 检测下frida-server是否正常启动
try: if remoteDriver: rdev = frida.get_device_manager().add_remote_device(remoteDriver) elif platform.system().find("Windows") != -1: warn("推荐使用linux或mac操作系统获得更好的兼容性.") rdev = frida.get_remote_device() else: rdev = frida.get_usb_device(1000) online_session = rdev.attach(packageName)
找到原因了 rdev = frida.get_usb_device(1000) online_session = rdev.attach(packageName) 运行到 online_session = rdev.attach(packageName) 这句话回报错,请问有什么解决方法么
你python3进入py的动态命令行,然后 import frida rdev = frida.get_usb_device(1000) print(rdev) online_session = rdev.attach(packageName) print(online_session)
看看到底是怎么回事。。。。。。。
CreditTone
commented
3 years ago 修复了可以给我提个pull request,谢谢!
CreditTone
commented
3 years ago xinit和Radar不需要手动创建
我的用的设备是 pixel 2xl magisk root的 每次进入都需要su root,这个我不知道会不会有影响
面具的root不完善的,建议到magisk-->选项-->取消hide root
CreditTone
commented
3 years ago xinit和Radar不需要手动创建
我的用的设备是 pixel 2xl magisk root的 每次进入都需要su root,这个我不知道会不会有影响
我有N个手机, pixel 2 N5X 小米max2 小米max3 都有不同的root方式。确实magisk的手机问题多点。
CreditTone
commented
3 years ago 解决了吗
shuo997218243
commented
3 years ago 解决了吗
刚才那个问题解决了,手机重启一下就解决了,感觉像是frida进程的问题。。。,感谢🙏,
还有一个小问题,就是我的设备在com.tencent.mm radar.dex 没有自动生成。。。,我手动推的,再加上777的权限就行了,Xinit 也没有自动创建
感觉就是权限的问题,不过不影响使用自动创建一下就可以了
a: Discovering activities. b: Discovering services. c: Discovering object. eg:'c {objectId}'
frida.ProcessNotRespondingError: process with pid 14550 either refused to load frida-agent, or terminated during injection
File "hooker.py", line 241, in printActivitys info(online_script.exports.activitys()) AttributeError: 'NoneType' object has no attribute 'exports'