Jinitrace with frida gadget

[euzada]

Hi, first thank you for writing this script.

I am trying to run it on unrooted android using frida gadget.

The server has been included correctly in the apk and loaded correctly (confirmed with frida-ps -R).

But can't run it using jnitrace.

I started the app with gadget config set to "wait". I tried the following code but all failed with error related to target: jnitrace: error: the following arguments are required: target

The command tested are the following:

jnitrace -l -R Gadget jnitrace -l -R re.frida.Gadget jnitrace -l -R localhost jnitrace -l -R localhost:27042 jnitrace -l -R 127.0.0.1:27042 jnitrace -l -R 127.0.0.1

None are working.

If I tried to run:

frida --codeshare chame1eon/jnitrace -R Gadget

It works but the output is a little messy and prefer using the python wrapper of jnitrace instead.

Any idea how to make it work? Thank you.

[chame1eon]

Hi,

Thank you. I'm glad you like the tool.

So I think the issue is that you need to combine the commands you are trying. If you are connecting to a remote device you need the following:

jnitrace -l * -R : Gadget

If the device is local you should just need this:

jnitrace -l * Gadget

Let me know if that helps.

Thanks

[euzada]

Thank you for your answer.

I forgot to mention that I am using termux on the actual device to trace jni. I don't know if termux needs different command.

Unfortunately, it didn't work. Both solutions failed.

For the first idea, here is the error:

~/.../shared/Download $ jnitrace -l libnex Gadget Traceback (most recent call last): File "/data/data/com.termux/files/usr/bin/jnitrace", line 33, in sys.exit(load_entry_point('jnitrace==3.2.2', 'console_scripts', 'jnitrace')()) File "/data/data/com.termux/files/usr/lib/python3.9/site-packages/jnitrace/jnitrace.py", line 576, in main device = frida.get_usb_device(3) File "/data/data/com.termux/files/usr/lib/python3.9/site-packages/frida/init.py", line 82, in get_usb_device return get_device_matching(lambda d: d.type == 'usb', timeout, kwargs) File "/data/data/com.termux/files/usr/lib/python3.9/site-packages/frida/init.py", line 90, in get_device_matching return get_device_manager().get_device_matching(predicate, timeout, kwargs) File "/data/data/com.termux/files/usr/lib/python3.9/site-packages/frida/core.py", line 26, in wrapper return f(args, **kwargs) File "/data/data/com.termux/files/usr/lib/python3.9/site-packages/frida/core.py", line 58, in get_device_matching return Device(self._impl.get_device_matching(lambda d: predicate(Device(d)), raw_timeout)) frida.InvalidArgumentError: device not found

For the second, the error is slightly different:

~/.../shared/Download $ jnitrace -l libnex -R : Gadget Traceback (most recent call last): File "/data/data/com.termux/files/usr/bin/jnitrace", line 33, in sys.exit(load_entry_point('jnitrace==3.2.2', 'console_scripts', 'jnitrace')()) File "/data/data/com.termux/files/usr/lib/python3.9/site-packages/jnitrace/jnitrace.py", line 584, in main pid = device.get_process(args.target).pid File "/data/data/com.termux/files/usr/lib/python3.9/site-packages/frida/core.py", line 26, in wrapper return f(args, **kwargs) File "/data/data/com.termux/files/usr/lib/python3.9/site-packages/frida/core.py", line 106, in get_process matching = [process for process in self._impl.enumerate_processes() if fnmatch.fnmatchcase(process.name.lower(), process_name_lc)] frida.InvalidArgumentError: if a ':' character is given, it must be followed by a port (in hostname ':').

[chame1eon]

Okay, can you try this:

jnitrace -l libnex* -R 127.0.0.1:27042 re.frida.Gadget

[WanghongLin]

What I have done is making frida to read a customized configuration and listen in all interfaces

{
  "interaction": {
    "type": "listen",
    "address": "0.0.0.0",
    "port": 27042,
    "on_port_conflict": "fail",
    "on_load": "wait"
  }
}

Run the app with frida gadget integrated, and wait.

Then invoke the following command to use jni trace from PC in the same LAN

jnitrace -l libname.so -R 10.0.0.3:27042 Gadget -m attach

[chame1eon]

Are you having the same issues for this one on newer Frida versions?