search

httptoolkit / frida-interception-and-unpinning

Frida scripts to directly MitM all HTTPS traffic from a target mobile application
https://httptoolkit.com/android/
GNU Affero General Public License v3.0
905 stars 178 forks source link

Error: getPackageInfoNoCheck(): has more than one overload, use .overload(<signature>) to choose from: #27

Closed ofcosar closed 1 year ago

ofcosar commented 1 year ago

ı got this error. is there any way to handle it Error: getPackageInfoNoCheck(): has more than one overload, use .overload() to choose from: .overload('android.content.pm.ApplicationInfo', 'android.content.res.CompatibilityInfo') .overload('android.content.pm.ApplicationInfo', 'android.content.res.CompatibilityInfo', 'boolean') at X (frida/node_modules/frida-java-bridge/lib/class-factory.js:569) at K (frida/node_modules/frida-java-bridge/lib/class-factory.js:564) at set (frida/node_modules/frida-java-bridge/lib/class-factory.js:932) at (frida/node_modules/frida-java-bridge/index.js:224) at (frida/node_modules/frida-java-bridge/lib/vm.js:12) at _performPendingVmOpsWhenReady (frida/node_modules/frida-java-bridge/index.js:244) at perform (frida/node_modules/frida-java-bridge/index.js:204) at (/frida/repl-2.js:520) at apply (native) at (frida/runtime/core.js:51)

pimterry commented 1 year ago

Hi @ofcosar. Are you using the script from this repo in your setup, unmodified? I'm not sure how this script could produce that error.

If so, can you let me know which app you're intercepting so I can reproduce it?

The issue is that your Frida script at some point attempts to hook a getPackageInfoNoCheck() method, but that method has multiple overloads, and you haven't specified which one you're hooking. You can't hook all overloads in one go, as that's not how Java works internally.

You need to change some code in your script that looks like:

SomeClass.getPackageInfoNoCheck.implementation = /* ... */

to something like:

SomeClass.getPackageInfoNoCheck
    .implementation
    .overload('android.content.pm.ApplicationInfo', 'android.content.res.CompatibilityInfo') = /* ... */

And then probably duplicate this and do the other overload as well. You can find the relevant code by searching for getPackageInfoNoCheck in your script.

Does that make sense? I don't think that's related to this script though, since it doesn't touch any getPackageInfoNoCheck methods. If you do manage to find the cause and it definitely does come from this script, then a PR to make that fix here would be great of course.

ofcosar commented 1 year ago

Hi @ofcosar. Are you using the script from this repo in your setup, unmodified? I'm not sure how this script could produce that error.

If so, can you let me know which app you're intercepting so I can reproduce it?

The issue is that your Frida script at some point attempts to hook a getPackageInfoNoCheck() method, but that method has multiple overloads, and you haven't specified which one you're hooking. You can't hook all overloads in one go, as that's not how Java works internally.

You need to change some code in your script that looks like:

SomeClass.getPackageInfoNoCheck.implementation = /* ... */

to something like:

SomeClass.getPackageInfoNoCheck
    .implementation
    .overload('android.content.pm.ApplicationInfo', 'android.content.res.CompatibilityInfo') = /* ... */

And then probably duplicate this and do the other overload as well. You can find the relevant code by searching for getPackageInfoNoCheck in your script.

Does that make sense? I don't think that's related to this script though, since it doesn't touch any getPackageInfoNoCheck methods. If you do manage to find the cause and it definitely does come from this script, then a PR to make that fix here would be great of course.

Hello i used the script as unmodified for TikTok and twitter apks. İn addition to this script, i also used various script that i found in Frida codeshare blog. they also give the same error.

I hope that this is not an irrelevant issue because i am a newbie.

Thanks for your answer.

ofcosar commented 1 year ago

Hi @ofcosar. Are you using the script from this repo in your setup, unmodified? I'm not sure how this script could produce that error. If so, can you let me know which app you're intercepting so I can reproduce it? The issue is that your Frida script at some point attempts to hook a getPackageInfoNoCheck() method, but that method has multiple overloads, and you haven't specified which one you're hooking. You can't hook all overloads in one go, as that's not how Java works internally. You need to change some code in your script that looks like:

SomeClass.getPackageInfoNoCheck.implementation = /* ... */

to something like:

SomeClass.getPackageInfoNoCheck
    .implementation
    .overload('android.content.pm.ApplicationInfo', 'android.content.res.CompatibilityInfo') = /* ... */

And then probably duplicate this and do the other overload as well. You can find the relevant code by searching for getPackageInfoNoCheck in your script. Does that make sense? I don't think that's related to this script though, since it doesn't touch any getPackageInfoNoCheck methods. If you do manage to find the cause and it definitely does come from this script, then a PR to make that fix here would be great of course.

Hello i used the script as unmodified for TikTok and twitter apks. İn addition to this script, i also used various script that i found in Frida codeshare blog. they also give the same error.

I hope that this is not an irrelevant issue because i am a newbie.

Thanks for your answer.

other clue is that: after running the script, ı changed the script(added an idle code like console.log) then ı saved it. the process has been done. however, it could not handle all of the certifacations. ı thought that because the app already started.

ofcosar commented 1 year ago

https://stackoverflow.com/questions/73340647/frida-certificate-pinning-is-failing-for-all-the-apps same issue here

ofcosar commented 1 year ago

https://stackoverflow.com/questions/73340647/frida-certificate-pinning-is-failing-for-all-the-apps same issue here

https://github.com/frida/frida/issues/2218 and the other one

pimterry commented 1 year ago

Ah, interesting, good find! That definitely suggests this is a general Frida issue.

Since both of those are new, and I haven't seen it before myself, I suspect this is a bug introduced in one of the Frida releases from the last couple of months, or in the latest Android OS release.

It appears that this fails in some specific environments, when the Java bridge applies this patch as part of its internal setup.

I'm not sure what could cause this (it looks like that specific line hasn't changed for a few years) but it's nothing to do with this specific script, so this will have to be fixed by Frida themselves. I'm going to close this issue, but I'll reply on the Frida thread and we can continue discussing there.

boehs commented 1 year ago

For people experiencing this https://github.com/frida/frida/issues/2218#issuecomment-1239983236