flikkr
commented
1 year ago Duplicate issue of #31
Open ravibhojwani86 opened 1 year ago
flikkr
commented
1 year ago Duplicate issue of #31
jhlee8804
commented
1 year ago Is there any solutions?
hi ,
For samsung A13 model android 12.0, script is giving false positive for frida detection. It is happening in scan_executable_segments method where checksum is not matching.
Following is the log dump of the same:
2023-01-25 18:18:08.878 20767-20796 DetectMalware pid-20767 E !@ Checksum:[64076][64076], count: 0 2023-01-25 18:18:08.878 20767-20796 DetectMalware pid-20767 E !@ Checksum:[956873][956873], count: 1 2023-01-25 18:18:08.990 20767-20796 DetectMalware pid-20767 E !@ Checksum:[59601097][59680139], count: 0 2023-01-25 18:18:08.990 20767-20796 DetectMalware pid-20767 E !@ Checksum:[1421520][1670286], count: 1
Here we can see that 59601097 and 59680139 is mismatch and 1421520 and 1670286.
Please help. Also if there is documentation which explains clearly on what we are trying to do with scan_executable_segments, will be more helpful.