this is my environment:
genymotion: 3.2.1 + Samsung Galaxy S7 6.0-API 23,also test on Google Nexus 5X 8.0-API 26
frida-server: frida-server-15.1.17-android-x86,also tested frida-server-15.1.14-android-x86 and frida-server-15.0.0-android-x86
script: https://github.com/frida/frida-python/blob/master/examples/child_gating.py
I only changed the argv to myappid
def _start(self):
argv = [myappid]
and I got these outputs:
✔ spawn(argv=['myappid'])
✔ attach(pid=4486)
✔ enable_child_gating()
✔ create_script()
✔ resume(pid=4486)
⚡ child_added: Child(pid=4602, parent_pid=4486, origin=fork)
✔ attach(pid=4602)
✔ enable_child_gating()
✔ create_script()
✔ resume(pid=4602)
⚡ child_removed: Child(pid=4602, parent_pid=4486, origin=fork)
⚡ child_added: Child(pid=4602, parent_pid=4602, origin=exec, ......)
✔ attach(pid=4602)
Exception in thread Thread-1:
Traceback (most recent call last):
File "/home/nothing/miniconda3/lib/python3.7/threading.py", line 926, in _bootstrap_inner
self.run()
File "/home/nothing/miniconda3/lib/python3.7/threading.py", line 870, in run
self._target(*self._args, self._kwargs)
File "/home/nothing/miniconda3/lib/python3.7/site-packages/frida_tools/application.py", line 765, in _run
work()
File "lavpn.usa_spawn_gating.py", line 20, in
self._device.on("child-added", lambda child: self._reactor.schedule(lambda: self._on_child_added(child)))
File "lavpn.usa_spawn_gating.py", line 61, in _on_child_added
self._instrument(child.pid, child)
File "lavpn.usa_spawn_gating.py", line 45, in _instrument
session = self._device.attach(pid)
File "/home/nothing/miniconda3/lib/python3.7/site-packages/frida/core.py", line 26, in wrapper
return f(*args, *kwargs)
File "/home/nothing/miniconda3/lib/python3.7/site-packages/frida/core.py", line 165, in attach
return Session(self._impl.attach(self._pid_of(target), args, kwargs))
frida.NotSupportedError: unable to inject library into process without libc
We can see that when attach the child process which origin is fork,it's ok.
but when attach the same process which origin changed to exec,the error occurs.
I searched and find https://github.com/frida/frida/issues/936,but no lucky.
I think maybe because I used genymotion emulator, but why first attach is ok?
this is my environment: genymotion: 3.2.1 + Samsung Galaxy S7 6.0-API 23,also test on Google Nexus 5X 8.0-API 26 frida-server: frida-server-15.1.17-android-x86,also tested frida-server-15.1.14-android-x86 and frida-server-15.0.0-android-x86 script: https://github.com/frida/frida-python/blob/master/examples/child_gating.py I only changed the argv to myappid def _start(self): argv = [myappid]
and I got these outputs:
✔ spawn(argv=['myappid']) ✔ attach(pid=4486) ✔ enable_child_gating() ✔ create_script() ✔ resume(pid=4486) ⚡ child_added: Child(pid=4602, parent_pid=4486, origin=fork) ✔ attach(pid=4602) ✔ enable_child_gating() ✔ create_script() ✔ resume(pid=4602) ⚡ child_removed: Child(pid=4602, parent_pid=4486, origin=fork) ⚡ child_added: Child(pid=4602, parent_pid=4602, origin=exec, ......) ✔ attach(pid=4602) Exception in thread Thread-1: Traceback (most recent call last): File "/home/nothing/miniconda3/lib/python3.7/threading.py", line 926, in _bootstrap_inner self.run() File "/home/nothing/miniconda3/lib/python3.7/threading.py", line 870, in run self._target(*self._args, self._kwargs) File "/home/nothing/miniconda3/lib/python3.7/site-packages/frida_tools/application.py", line 765, in _run work() File "lavpn.usa_spawn_gating.py", line 20, in
self._device.on("child-added", lambda child: self._reactor.schedule(lambda: self._on_child_added(child)))
File "lavpn.usa_spawn_gating.py", line 61, in _on_child_added
self._instrument(child.pid, child)
File "lavpn.usa_spawn_gating.py", line 45, in _instrument
session = self._device.attach(pid)
File "/home/nothing/miniconda3/lib/python3.7/site-packages/frida/core.py", line 26, in wrapper
return f(*args, *kwargs)
File "/home/nothing/miniconda3/lib/python3.7/site-packages/frida/core.py", line 165, in attach
return Session(self._impl.attach(self._pid_of(target), args, kwargs))
frida.NotSupportedError: unable to inject library into process without libc
We can see that when attach the child process which origin is fork,it's ok. but when attach the same process which origin changed to exec,the error occurs. I searched and find https://github.com/frida/frida/issues/936,but no lucky. I think maybe because I used genymotion emulator, but why first attach is ok?