search

dpnishant / appmon

Documentation:
http://dpnishant.github.io/appmon
Apache License 2.0
1.56k stars 276 forks source link

iOS AppMon intruder cant start #16

Closed illnino closed 7 years ago

illnino commented 7 years ago

1. Environment

1.1 Frida version

Mac: 8.1.12 iPad Mini4: 8.1.12

1.2 OS

Mac: 10.11.6 iPad: 9.3.3

1.3 AppMon

commit 21bcd6379ef9963379521f169673c97b8790d72b

2. Reproduction Steps:

  1. Connect jailbroken iPad Mini4 to MBP.
  2. Run below command
  3. Error found
➜  intruder git:(master) ✗ python appintruder.py -a <my_app> -p ios -s scripts/iOS/touchID.js
[ERROR] unable to communicate with remote frida-server; please ensure that major versions match and that the remote Frida has the feature you are trying to use
Traceback (most recent call last):
  File "appintruder.py", line 212, in init_session
    session = device.attach(app_name)
  File "/Library/Python/2.7/site-packages/frida-7.3.6-py2.7-macosx-10.11-intel.egg/frida/core.py", line 96, in attach
    return Session(self._impl.attach(self._pid_of(target)))
  File "/Library/Python/2.7/site-packages/frida-7.3.6-py2.7-macosx-10.11-intel.egg/frida/core.py", line 108, in _pid_of
    return self.get_process(target).pid
  File "/Library/Python/2.7/site-packages/frida-7.3.6-py2.7-macosx-10.11-intel.egg/frida/core.py", line 66, in get_process
    matching = [process for process in self._impl.enumerate_processes() if fnmatch.fnmatchcase(process.name.lower(), process_name_lc)]
ProtocolError: unable to communicate with remote frida-server; please ensure that major versions match and that the remote Frida has the feature you are trying to use
^CTraceback (most recent call last):
  File "appintruder.py", line 252, in <module>
    script.unload()
NameError: name 'script' is not defined

But frida-ps works well.

➜  intruder git:(master) ✗ frida-ps -U
 PID  Name
----  -------------------
1829  1Password
1562  Calendar
1771  Mail
1849  Safari
1776  Settings
1754  User Authentication
1679  AppleIDAuthAgent
1556  AssetCacheLocato
1228  BTServer
1245  BlueTool
1579  CMFSyncAgent
1979  CacheDeleteAppCo
1977  CacheDeleteITune

Start frida-server on iPad - Failed. Frida-server should have been started.

➜  ~ ssh root@192.168.1.212
isrs-iPad:~ root# frida-server &
[1] 2211
isrs-iPad:~ root# Unable to start server: Error binding to address: Address already in use
dpnishant commented 7 years ago

Hi @illnino,

It seems to be an version mismatch of the Frida client and server installation. I would suggest you try out the following steps to troubleshoot.

  1. Reboot both the iOS device and the mac and connect each other over USB.
  2. Open terminal and run the command frida -U -p 0 ** In the REPL, run the command Frida.version and note down the output version number
  3. Repeat Step 2, but now with frida -p 0 command
  4. Run the command pip list --format=legacy | grep frida or just pip list | grep frida (whichever works for you depending upon your pip version) to note down the version.
  5. Update as required to make sure all the reported versions of Frida match (by repeating Step 2, 3 & 4). Use Cyida on the iOS device and/or via pip on the host for the update.
  6. If you install the frida package from Cydia (which is recommended on a jailbroken device, btw) there is no need to start the frida-server manually. However if you are on a non-jailbroken device I suggest you to check out this wiki page
illnino commented 7 years ago

Upgrading frida to 8.2.2 solves the problem. Thanks.