darvincisec / DetectFrida

Detect Frida for Android
MIT License
690 stars 138 forks source link

This project was not build. #22

Closed halilozel1903 closed 2 years ago

halilozel1903 commented 3 years ago

Hi, @darvincisec

I cloned this project on Mac M1 device. I got an error while I was building.

Build command failed.
Error while executing process /Users/halilozel/Library/Android/sdk/cmake/3.10.2.4988404/bin/ninja with arguments {-C /Users/halilozel/Desktop/DetectFrida/app/.cxx/cmake/debug/arm64-v8a native-lib}
ninja: Entering directory `/Users/halilozel/Desktop/DetectFrida/app/.cxx/cmake/debug/arm64-v8a'
[1/2] Building C object CMakeFiles/native-lib.dir/native-lib.c.o
FAILED: CMakeFiles/native-lib.dir/native-lib.c.o 
/Users/halilozel/Desktop/DetectFrida/app/src/main/c/../../../../../o-llvm-binary/ollvm-tll/build/bin_Darwin/clang --target=aarch64-none-linux-android21 --gcc-toolchain=/Users/halilozel/Library/Android/sdk/ndk/23.0.7599858/toolchains/llvm/prebuilt/darwin-x86_64 --sysroot=/Users/halilozel/Library/Android/sdk/ndk/23.0.7599858/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -D_64_BIT -Dnative_lib_EXPORTS -I/Users/halilozel/Desktop/DetectFrida/app/src/main/c/arch/arm64-v8a -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security  -mllvm -sub -mllvm -bcf -mllvm -fla -O0 -fno-limit-debug-info  -fPIC -MD -MT CMakeFiles/native-lib.dir/native-lib.c.o -MF CMakeFiles/native-lib.dir/native-lib.c.o.d -o CMakeFiles/native-lib.dir/native-lib.c.o   -c /Users/halilozel/Desktop/DetectFrida/app/src/main/c/native-lib.c
/bin/sh: /Users/halilozel/Desktop/DetectFrida/app/src/main/c/../../../../../o-llvm-binary/ollvm-tll/build/bin_Darwin/clang: No such file or directory
ninja: build stopped: subcommand failed.

I don't know what to do. I tried the solutions but it didn't work. Can you help me?

darvincisec commented 3 years ago

It looks to be just a path problem. Have you cloned the ollvm repo and tried?

halilozel1903 commented 3 years ago

Where is the ollvm? I'dont understand.

darvincisec commented 3 years ago

i meant the path in my repo

GacaSD commented 3 years ago

Hi to all, I have similar problem:

Build command failed. Error while executing process /Users/gaca/Library/Android/sdk/cmake/3.10.2.4988404/bin/ninja with arguments {-C /Users/gaca/Documents/workplace/DetectFrida/app/.cxx/cmake/debug/armeabi-v7a native-lib} ninja: Entering directory `/Users/gaca/Documents/workplace/DetectFrida/app/.cxx/cmake/debug/armeabi-v7a' [1/2] Building C object CMakeFiles/native-lib.dir/native-lib.c.o FAILED: CMakeFiles/native-lib.dir/native-lib.c.o /Users/gaca/Documents/workplace/DetectFrida/app/src/main/c/../../../../../o-llvm-binary/ollvm-tll/build/bin_Darwin/clang --target=armv7-none-linux-androideabi19 --gcc-toolchain=/Users/gaca/Library/Android/sdk/ndk/21.4.7075529/toolchains/llvm/prebuilt/darwin-x86_64 --sysroot=/Users/gaca/Library/Android/sdk/ndk/21.4.7075529/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -D_32_BIT -Dnative_lib_EXPORTS -I/Users/gaca/Documents/workplace/DetectFrida/app/src/main/c/arch/armeabi-v7a -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -march=armv7-a -mthumb -Wformat -Werror=format-security -mllvm -sub -mllvm -bcf -mllvm -fla -O0 -fno-limit-debug-info -fPIC -MD -MT CMakeFiles/native-lib.dir/native-lib.c.o -MF CMakeFiles/native-lib.dir/native-lib.c.o.d -o CMakeFiles/native-lib.dir/native-lib.c.o -c /Users/gaca/Documents/workplace/DetectFrida/app/src/main/c/native-lib.c In file included from /Users/gaca/Documents/workplace/DetectFrida/app/src/main/c/native-lib.c:1: /Users/gaca/Library/Android/sdk/ndk/21.4.7075529/toolchains/llvm/prebuilt/darwin-x86_64/sysroot/usr/include/jni.h:27:10: fatal error: 'stdarg.h' file not found

include

     ^~~~~~~~~~

1 error generated. ninja: build stopped: subcommand failed.

Please help.

gabcarneiro commented 3 years ago

Im facing the same issue as @GacaSD

gabcarneiro commented 3 years ago

I made a hard reset to the commit 17961461a08adfb21c2ae0403fbe12b930a9061e and got the project to compile.

When running a frida-server(version 15.0.18) on a rooted device i get the expected output on Logcat.

10-06 11:15:24.890 1153 1185 W DetectFrida: Frida specific thread found. Act now!!! 10-06 11:15:24.895 1153 1185 W DetectFrida: Frida specific named pipe found. Act now!!! 10-06 11:15:24.945 1153 1185 W DetectFrida: Executable Section Manipulated, maybe due to Frida or other hooking framework.Act Now!!!

But when i run the app on a clean non-rooted physical device(Android 11), the detection seems to acuse a false positive.

10-06 11:20:29.434 1615 1639 W DetectFrida: Executable Section Manipulated, maybe due to Frida or other hooking framework.Act Now!!! 10-06 11:20:29.434 1615 1639 W DetectFrida: Executable Section Manipulated, maybe due to Frida or other hooking framework.Act Now!!! 10-06 11:20:29.435 1615 1639 W DetectFrida: Executable Section Manipulated, maybe due to Frida or other hooking framework.Act Now!!! 10-06 11:20:29.435 1615 1639 W DetectFrida: Executable Section Manipulated, maybe due to Frida or other hooking framework.Act Now!!! 10-06 11:20:29.440 1615 1639 W DetectFrida: Executable Section Manipulated, maybe due to Frida or other hooking framework.Act Now!!! 10-06 11:20:29.441 1615 1639 W DetectFrida: Executable Section Manipulated, maybe due to Frida or other hooking framework.Act Now!!! 10-06 11:20:29.447 1615 1639 W DetectFrida: Executable Section Manipulated, maybe due to Frida or other hooking framework.Act Now!!!

darvincisec commented 3 years ago

@gabcarneiro the fix for the false positive is done after this commit. For the compilation issue, you can copy the stdarg.h files from clang llvm into the sysroot path or try downgrading the ndk version.

darvincisec commented 2 years ago

closing as there is no further activity on this issue