search

nowsecure / r2frida

Radare2 and Frida better together.
MIT License
1.19k stars 121 forks source link

Run frida script at r2frida load #514

Closed nitanmarcel closed 1 year ago

nitanmarcel commented 1 year ago

Is there a way to run frida scripts when using r2 frida://... to handle any app crashes caused by frida detection?

Right now it seems that I can run :. ./script.js to run my script but I have to do it very fast.

trufae commented 1 year ago

Use spawn instead of launch or run the script with -c so you run it before the program starts

nitanmarcel commented 1 year ago

Use spawn instead of launch or run the script with -c so you run it before the program starts

The app crashes even if I don't resume it.

And I think I tried with -c but it didn't worked

trufae commented 1 year ago

That makes no sense. But if thats the case that looks like an issue in frida or the device. I dont know which version or os is the host or the target either.

but if you are doing this on iOS. The system have a watchdog that kills apps not responding after few seconds. You can do early instrumentation to disable this. But if the crash happens while spawning looks like a bug in frida or the device to me and i would suggest to disable any yweaks or mobile substrate libs

nitanmarcel commented 1 year ago

That makes no sense. But if thats the case that looks like an issue in frida or the device. I dont know which version or os is the host or the target either.

but if you are doing this on iOS. The system have a watchdog that kills apps not responding after few seconds. You can do early instrumentation to disable this. But if the crash happens while spawning looks like a bug in frida or the device to me and i would suggest to disable any yweaks or mobile substrate libs

I'm using it on Android 13.

I disabled any magisk module I had enabled (in kernelsu), and made sure I downloaded the latest version of frida server, and I tried with other apps but with the same results.

Also I said crash, but it isn't really a crash. The app is still stuck on the splash screen but the r2frida message says that the process has been terminated.

[0x00000000]> INFO: DetachReason: FRIDA_SESSION_DETACH_REASON_PROCESS_TERMINATED

nitanmarcel commented 1 year ago

Looks like the issue is frida, I opened an issue on their repository https://github.com/frida/frida/issues/2606