search

chame1eon / jnitrace

A Frida based tool that traces usage of the JNI API in Android apps.
MIT License
1.62k stars 260 forks source link

App crashing - Tracing. Press any key to quit... #62

Open dipa96 opened 1 year ago

dipa96 commented 1 year ago

Hi, I have been experiencing problems with jnitrace. Meanwhile, thank you for developing this great tool 🥇

Workspace:

Tested App: ViewerJNI from Google Drive Folder You can also find a PoC, youtube video, here

My scenario: run: jnitrace -l libnative-lib.so com.example.viewerjni and tools reply with: Tracing. Press any key to quit...

In the same time, app open and crash.

Logcat stacktrace info:

[...]
library "/vendor/lib64/egl/libGLESv1_CM_emulation.so" ("/vendor/lib64/egl/libGLESv1_CM_emulation.so") needed or dlopened by "/memfd:frida-agent-64.so (deleted)" is not accessible for the namespace: [name="(default)", ld_library_paths="", default_library_paths="/system/lib64", permitted_paths="/system/lib64/drm:/system/lib64/extractors:/system/lib64/hw:/system/product/lib64:/system/framework:/system/app:/system/priv-app:/vendor/framework:/vendor/app:/vendor/priv-app:/odm/framework:/odm/app:/odm/priv-app:/oem/app:/system/product/framework:/system/product/app:/system/product/priv-app:/data:/mnt/expand"]
[...]
Android/sdk_gphone_arm64/generic_arm64:9/PSR1.210301.009.B6/9767327:userdebug/dev-keys
[...]
channel 'dd8ad63 com.example.viewerjni/com.example.viewerjni.MainActivity (server)' ~ Channel is unrecoverably broken
dipa96 commented 1 year ago

Looking closer, I found this issues in the repo: https://github.com/chame1eon/jnitrace-engine/issues/13 . Workaround in this case: jnitrace -m attach -l libnative-lib.so viewerjni , tool work fine now. Do we know if anyone has solved it without using the attach method?

Cheers :)

JustTalDevelops commented 8 months ago

Having this same issue. Attach does seem to work somewhat, but fails to hook onto other functions etc. Is there any status or workarounds for this at the moment? thanks.