search

frida / frida-python

Frida Python bindings
Other
766 stars 145 forks source link

Can frida be used in python to wait for Android app spawn ? #240

Open a2t2 opened 5 months ago

a2t2 commented 5 months ago

In frida-trace there is a -W option that can be used to await spawn, i.e. one can specify API filter with -j flag for a Android APK and use -W to have frida wait for the app to be started.

In python, I see the following APIs: https://github.com/frida/frida-python/blob/ebd797e4bc248b8d895d68ebf244a34744cb3ea9/frida/core.py#L821

  1. device.spawn(package name) and device.resume(pid) --> spawn process to attachable state, resume process from attachable state
  2. device.attach(pid) --> attach to a process to give session

https://github.com/frida/frida-python/blob/ebd797e4bc248b8d895d68ebf244a34744cb3ea9/frida/core.py#L571

  1. session.create_script() --> create a new script

So based on the above, it appears the app has to be started before JS scripts can be added to monitor APIs.

My questions are as follows:

  1. How is attachable state defined ? Does it mean process has started executing ?
  2. Is there a way in python to match behavior of the -W flag, i.e. mention which scripts need to be loaded before app process is started, and then start the app process ?
  3. Does spawn / resume by default starts the main activity of the specified app ?