Closed JohnWickJM closed 7 years ago
Yes, self
is in args[0]
, the selector is in args[1]
, and actual method arguments (if any) follow from there. Your example would almost work, except:
Memory.readUtf8String()
to a variable.Memory.readByteArray()
and use console.log(hexdump(buffer, { ansi: true }));
(But if you're building an application/tool you probably don't want to use console.log()
, but rather send()
structured data to your application. That way you can even batch events to improve performance – see the send()
documentation for details.)You can do this, but frida-trace doesn't support this yet. You can implement your own breakpoints by using a blocking recv()
, i.e. send('breakpoint-x'); recv('breakpoing-x-resume', function () {}).wait();
. See the Messages tutorial. It's also very easy to eval()
code and build your own REPL/introspection. (But if you're interested in contributing this kind of improvements to frida-trace
, that would rock! It's still a tiny tool, less than 1000 LOC, and quite barebones in terms of functionality. It was built quickly to showcase what kind of tools can be built on top of Frida.)
Could you assist with clarifying the following:
Can you break on each instance from within frida? I know you can do a backtrace to see who called the method etc...How do you use the values listed above from within frida?
I know you can achieve most of this from within lldb, just wondering what the approach would be from frida..