search

muellerberndt / frida-detection

A couple of methods for detecting Frida on Android.
440 stars 118 forks source link

clang++: error: linker command failed with exit code 1 #5

Open sushi2k opened 5 years ago

sushi2k commented 5 years ago

I am getting the following error after checking out the repo, opening it in Android Studio and when trying to build the app:

Android/Source Code /Anti_Frida/app/src/main/cpp/native-lib.cpp:80: error: undefined reference to 'my_openat'
Android/Source Code /Anti_Frida/app/src/main/cpp/native-lib.cpp:165: error: undefined reference to 'my_read'
clang++: error: linker command failed with exit code 1 (use -v to see invocation)
ninja: build stopped: subcommand failed.
sushi2k commented 5 years ago

After trying to rebuild I got the following error

image

I did a manual gradlew in the android project directory and printed the stracktrace:

$ ./gradlew build --stacktrace
... 
]== "CMake Server" ==]

CMake Error: CMake was unable to find a build program corresponding to "Ninja".  CMAKE_MAKE_PROGRAM is not set.  You probably need to select a different build tool.
CMake Error: CMake was unable to find a build program corresponding to "Ninja".  CMAKE_MAKE_PROGRAM is not set.  You probably need to select a different build tool.

So I installed Ninja via brew:

$ brew install ninja

Now I can build and install the app, but Frida is not detected (even though the app is now running on a rooted device with frida server running.

enovella commented 5 years ago 
[17:05 edu@unix debug] >  adb logcat -s FridaDetectionTest
04-02 17:59:12.085  9036  9058 V FridaDetectionTest: FRIDA DETECTED [1] - frida server running on port 27042!

It seems that the assembly syscalls need a bit of massage. Got this working by using libc wrappers instead of assembly syscalls.

sushi2k commented 5 years ago

Thanks! Can you share your fix as PR?

enovella commented 5 years ago

Basically this replacement s/myopenat/open/g and s/my_open/open/g. Getting rid of the assembly syscalls