Closed datNurd closed 3 weeks ago
It's hard to know I'm afraid. If you run the app with Frida without any scripts, does it still crash? Some apps do try to detect Frida and/or root configurations in general (not just specific scripts) and fail like this in those environments. If that's the case, then it's not related to these scripts, and I'd suggest asking in a more general forum.
If that's not the case, and it is these scripts triggering this issue, then it would be helpful to reduce the number of scripts you're using and comment out chunks bit by bit, until you work out exactly what code is causing this.
Yes the app does crash even without any scripts. Also, the application has play safetynet. Does SateyNet have the capability to detect frida during runtime ? (was able to bypass other safetynet checks using magisk, so without frida attached the app does work on a rooted device)
SafetyNet monitors overall device state I think, not whether there's anything attached to this specific app, so I don't think that'll be relevant here, given that the app does work when Frida is not attached.
If the app is crashing when run with Frida without any scripts though, it must have some specific Frida detection, or (less likely imo) there's a Frida bug here. You'll need to investigate that yourself, which will probably require reverse engineering into the source in depth. There's a general reverse engineering guide here: https://httptoolkit.com/blog/android-reverse-engineering/. I'd suggest looking through lots of public Frida detection approaches and anti-detection scripts to find the kind of thing they look for, and then dig into the source to see if you can find anything similar.
Regardless, this isn't related to these scripts specifically so I'm going to close this. If you're looking for more help, I'd suggest looking at general reverse engineering communities & other places where Frida gets discussed more generally.
I am trying to intercept an appllication and simply terminates when I try to attach or spawn using frida
frida -U -l ./config.js -l ./native-connect-hook.js -l ./native-tls-hook.js -l ./android/android-proxy-override.js -l ./android/android-system-certificate-injection.js -l ./android/android-certificate-unpinning.js -l ./android/android-certificate-unpinning-fallback.js -f in.gov.uidai.mAadhaarPlus
I don't see what exactly is casing this issue.
I've learnt that Anti debugging could be enabled for some apps. So I've downloaded the script from the following git link https://github.com/apkunpacker/FridaScripts/blob/main/AntiDebug.js found only and attached it to the chain for scripts like this
frida -U -l./AntiDebug.js -l ./config.js -l ./native-connect-hook.js -l ./native-tls-hook.js -l ./android/android-proxy-override.js -l ./android/android-system-certificate-injection.js -l ./android/android-certificate-unpinning.js -l ./android/android-certificate-unpinning-fallback.js -f in.gov.uidai.mAadhaarPlus
but still no luck
What could be happening here why does the app automatically get closed when frida is attached how can I overcome or understand what or what check is causing it