Frida API Monitor API is responding ERROR message for OK response

[Ma-Zijing]

ENVIRONMENT

OS and Version: Ubuntu 20.04
Python Version: 3.11.9
MobSF Version: v4.0.7

EXPLANATION OF THE ISSUE

I write a method to start Frida Instrumentation

def start_Frida_instrument(host_url, api_key, file_hash, default_hooks='api_monitor,ssl_pinning_bypass,root_bypass,debugger_check_bypass', auxiliary_hooks='', frida_code=''):
    """
    Start Frida to monitor API at runtime.
    @param host_url:
    @param api_key:
    @param file_hash:
    @return:
    """
    print("Starting Frida API instrument...")
    api_url = host_url + "/api/v1/frida/instrument"
    headers = {
        "Authorization": api_key
    }
    data = {
        "hash": file_hash,
        "default_hooks": default_hooks,
        "auxiliary_hooks": auxiliary_hooks,
        "frida_code": frida_code
    }
    try:
        response = requests.post(api_url, headers=headers, data=data)
        if response.status_code == 200:
            return response.json()
        else:
            return {"error": response.json(), "status_code": response.status_code}
    except Exception as e:
        return {"error": str(e)}

However, when I execute this method, the response is {'message': 'Failed to instrument app', 'status': 'ok'}.

Other methods I use are as follows:

def upload_file(host_url, api_key, file_path):
    """
    Upload apk file to the server
    @param host_url: ip:port of the server
    @param api_key: API key of MobSF
    @param file_path: file path of the apk
    @return:
    """
    print("Uploading file")
    multipart_data = MultipartEncoder(fields={'file': (file_path, open(file_path, 'rb'), 'application/octet-stream')})
    headers = {'Content-Type': multipart_data.content_type, 'Authorization': api_key}
    response = requests.post(host_url + '/api/v1/upload', data=multipart_data, headers=headers)
    return response.text

def scan_file(host_url, api_key, file_hash):
    print("Starting static scan...")
    api_url = f"{host_url}/api/v1/scan"

    headers = {
        "Authorization": api_key,
    }

    data = {
        "hash": file_hash,
    }

    try:
        response = requests.post(api_url, headers=headers, data=data)
        if response.status_code == 200:
            return response.json() 
        else:
            return {"error": response.text, "status_code": response.status_code}  
    except Exception as e:
        return {"error": str(e)}  

def start_dynamic_analysis(host_url, api_key, file_hash, re_install=1, install=1):
    """
    Start dynamic analysis.
    @param host_url:
    @param api_key:
    @param file_hash:
    @param re_install:
    @param install:
    @return:
    """
    print("Starting dynamic analysis. Probably several minutes...")
    api_url = host_url + "/api/v1/dynamic/start_analysis"
    headers = {
        "Authorization": api_key
    }

    data = {
        "hash": file_hash,
        "re_install": re_install,
        "install": install
    }

    try:
        response = requests.post(api_url, headers=headers, data=data)
        if response.status_code == 200:
            return response.json()
        else:
            print({"error": response.json(), "status_code": response.status_code})
            return None
    except Exception as e:
        return None

STEPS TO REPRODUCE THE ISSUE

1. Upload an APK file via api.
2. Scan the APK and get the hash.
3. Start dynamic analysis via api.
4. Run the start_Frida_instrument method.

LOG FILE

The info log is as follows:

[INFO] 10/Oct/2024 00:38:07 - Test Completed. Resuming HTTPS Proxy
[INFO] 10/Oct/2024 00:38:07 - Installing MobSF RootCA
[INFO] 10/Oct/2024 00:38:07 - Starting HTTPS Proxy on 1337
[INFO] 10/Oct/2024 00:38:07 - Starting Instrumentation
[INFO] 10/Oct/2024 00:38:07 - Frida Server is already running
[INFO] 10/Oct/2024 00:38:07 - Spawning com.FootballStadiumDesign.lukoni
[ERROR] 10/Oct/2024 00:38:08 - Internal Server Error: /api/v1/frida/api_monitor
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] Loaded Frida Script - debugger_check_bypass
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] Loaded Frida Script - root_bypass
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] Loaded Frida Script - ssl_pinning_bypass
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] Loaded Frida Script - api_monitor
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] okhttp CertificatePinner not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] okhttp3 CertificatePinner not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] DataTheorem trustkit not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] Appcelerator PinningTrustManager not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] Apache Cordova SSLCertificateChecker not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] Wultra CertStore.validateFingerprint not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] Xutils not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] httpclientandroidlib not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] Cronet not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [SSL Pinning Bypass] certificatetransparency.CTInterceptorBuilder not found
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [API Monitor] Cannot find org.apache.http.impl.client.AbstractHttpClient.execute
[DEBUG] 10/Oct/2024 00:38:11 - [Frida] [API Monitor] Cannot find com.android.okhttp.internal.http.HttpURLConnectionImpl.getInputStream

[github-actions[bot]]

👋 @Ma-Zijing Issues is only for reporting a bug/feature request. For limited support, questions, and discussions, please join MobSF Slack channel Please include all the requested and relevant information when opening a bug report. Improper reports will be closed without any response.