search

m0bilesecurity / RMS-Runtime-Mobile-Security

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
https://twitter.com/mobilesecurity_
GNU General Public License v3.0
2.64k stars 377 forks source link

Can't attach big Frida scripts - PayloadTooLargeError: request entity too large #126

Closed Anon-Exploiter closed 10 months ago

Anon-Exploiter commented 11 months ago

Describe the bug When a big frida script with a lot of code is attached to an application, rms throws an exception PayloadTooLargeError: request entity too large. Possibly due to the HTTP request body being too large and it maybe a npm error. A good fix for this would be to read the files on the native file storage and execute them instead of showing them and passing them to the HTTP request.

To Reproduce [Required] Steps to reproduce the behavior:

  1. Install the following xamarin sample apk https://github.com/GoSecure/frida-xamarin-unpin/blob/master/dist/com.test.sample.apk
  2. Fetch the following xamarin ssl pinning bypass frida script https://github.com/GoSecure/frida-xamarin-unpin/blob/master/dist/xamarin-unpin.js
  3. Store it in the custom_scripts folder
  4. Run rms from the beginning and attach to the mobile application
  5. Select the shared frida script above and click on "Start RMS"
  6. The exception would be shown

Expected behavior [Optional] The frida script should attach with the application without any issues regardless of how big it is.

Desktop (please complete the following information): [Required]

Smartphone (please complete the following information): [Required]

Console Logs [Required]

PayloadTooLargeError: request entity too large
    at readStream (C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\raw-body\index.js:163:17)
    at getRawBody (C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\raw-body\index.js:116:12)
    at read (C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\body-parser\lib\read.js:79:3)
    at urlencodedParser (C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\body-parser\lib\types\urlencoded.js:116:5)
    at Layer.handle [as handle_request] (C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\express\lib\router\layer.js:95:5)
    at trim_prefix (C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\express\lib\router\index.js:328:13)
    at C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\express\lib\router\index.js:286:9
    at Function.process_params (C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\express\lib\router\index.js:346:12)
    at next (C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\express\lib\router\index.js:280:10)
    at expressInit (C:\Users\User\AppData\Roaming\npm\node_modules\rms-runtime-mobile-security\node_modules\express\lib\middleware\init.js:40:5)
m0bilesecurity commented 11 months ago

Ciao @Anon-Exploiter thanks for the detailed explanation of the bug. Do you have time to work on this? Paolo

Anon-Exploiter commented 11 months ago

Hey mate,

I've created PR #128 for this. The resolution of this issue was simple. Ideally, RMS should natively load the frida scripts off of the disk but that would require a lot of rewriting of the code.

This works best for now.