Open 350030173 opened 3 months ago
and the output is :
λ frida -U -l C:\Users\Administrator\Desktop\test.js -f com.xxxxxx
____
/ _ | Frida 16.1.11 - A world-class dynamic instrumentation toolkit
| (_| |
> _ | Commands:
/_/ |_| help -> Displays the help system
. . . . object? -> Display information about 'object'
. . . . exit/quit -> Exit
. . . .
. . . . More info at https://frida.re/docs/home/
. . . .
. . . . Connected to 22021211RC (id=9c5f9a93)
Spawned `com.xxxxxx`. Resuming main thread!
[22021211RC::com.xxxxxx ]->
7007a000-7007b000 r-xp 000ab000 fc:13 63 /apex/com.android.art/javalib/arm64/boot.oat
7ae1286000-7ae1287000 rwxp 00286000 fc:13 108 /apex/com.android.art/lib64/libart.so
Process crashed: Bad access due to invalid address
***
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'Redmi/munch/munch:12/SKQ1.211006.001/V13.0.5.1.22.DEV:user/release-keys'
Revision: '0'
ABI: 'arm64'
Timestamp: 2024-04-16 15:08:13.002795367+0800
Process uptime: 0s
Cmdline: com.xxxxxx
pid: 18268, tid: 18268, name: cksimulator2024 >>> com.xxxxxx <<<
uid: 12259
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2584db664f4faf
x0 b400007abec9cd80 x1 00000000ffff0013 x2 000000000000002f x3 0000000000000002
x4 0000000000000008 x5 000000000000006f x6 0000000000000036 x7 7f7f7f7f7f7f7fff
x8 00000000000000b4 x9 c9780c52f2eb5598 x10 000000003f800000 x11 0000007a634b5b58
x12 00000000ccf61ab3 x13 0000000000007b5f x14 000000000000cb9b x15 000000000000cb9d
x16 0000007b73148d60 x17 0000007b73138874 x18 0000007b8c89c000 x19 0000007fd8c7ca00
x20 b400007abec9cd80 x21 000000000001a94c x22 86f1ef31d0362dbf x23 00000000a46f434f
x24 00000000f426db45 x25 0000000003a2c317 x26 00000000ffffe7d8 x27 ec6e5e4fb82999b0
x28 3a2584db664f4fa7 x29 0000007fd8c7c9e8
lr 0000007a63493fc8 sp 0000007fd8c7c910 pc 0000007a63493fe8 pst 0000000060001000
backtrace:
#00 pc 000000000003ffe8 /data/app/~~7QtHL7iiKK_eHpMaUb0sXg==/com.xxxxxx-YNi9xiaFL7diArCnzmoVlQ==/lib/arm64/libpairipcore.so
***
[22021211RC::com.xxxxxx ]->
Thank you for using Frida!
for AntiFrida_Google.js, I failed to hook using the following code because I thought it would be too slow to hook using javascript and could be faster using cmodule instead