search

frida / frida-core

Frida core library intended for static linking into bindings
https://frida.re
Other
618 stars 199 forks source link

`device.resume` is not working on iOS #462

Closed ChiChou closed 2 months ago

ChiChou commented 1 year ago

I got a lot of issues regarding weird crashes. After a while I finally realized the root cause. When an app is spawned by frida, it never gets resumed, causing SpringBoard to kill it (a.k.a. 0x8badf00d).

Reproduce:

const frida = require('frida')

async function main() {
    const dev = await frida.getUsbDevice();
    const pid = await dev.spawn('com.google.chrome.ios');
    await dev.resume(pid);
}

main()

Or

import frida

dev = frida.get_usb_device()
pid = dev.spawn('com.google.chrome.ios')

import time
time.sleep(1)

dev.resume(pid)

However frida-tools -f works perfectly on iOS.

I checked the source and it's no different than the python test case above, which makes no sense.

ChiChou commented 1 year ago

I realized that I need to attach the target to make it really resume...

oleavr commented 1 year ago

Thanks for reporting! It is not a requirement to attach() before resume(). So we should figure out what's causing this.