Closed enovella closed 2 months ago
It used to work!
@trufae FYI - The native library is not loaded until you press the button at the bottom of the screen.
Seems a Frida bug:
[Pixel 4a::com.scottyab.rootbeer.sample ]-> var test = Process.getModuleByName("libtool-checker.so")
[Pixel 4a::com.scottyab.rootbeer.sample ]-> test
{
"base": "0x773b794000",
"name": "libtool-checker.so",
"path": "/data/app/~~4Uu8HmOowBu7iVyv8KKjgg==/com.scottyab.rootbeer.sample-ZTsctaKJ0O9P8Nl3TA1XWQ==/lib/arm64/libtool-checker.so",
"size": 16384
}
[Pixel 4a::com.scottyab.rootbeer.sample ]-> test.enumerateExports()
[]
@as0ler you're right and with Frida 15, it works! /cc for viz @oleavr
[Pixel ::com.scottyab.rootbeer.sample ]-> Frida
{
"version": "15.2.2"
}
[Pixel ::com.scottyab.rootbeer.sample ]-> %resume
[Pixel ::com.scottyab.rootbeer.sample ]-> var test = Process.getModuleByName("libtool-checker.so")
[Pixel ::com.scottyab.rootbeer.sample ]-> test.enumerateExports()
[
{
"address": "0x73fc2d79cc",
"name": "Java_com_scottyab_rootbeer_RootBeerNative_setLogDebugMessages",
"type": "function"
},
{
"address": "0x73fc2d7b98",
"name": "_ZN7_JNIEnv14GetArrayLengthEP7_jarray",
"type": "function"
},
{
"address": "0x73fc2d7ad4",
"name": "Java_com_scottyab_rootbeer_RootBeerNative_checkForRoot",
"type": "function"
},
{
"address": "0x73fc2d7a18",
"name": "_Z6existsPKc",
"type": "function"
},
{
"address": "0x73fc2d7bd0",
"name": "_ZN7_JNIEnv21GetObjectArrayElementEP13_jobjectArrayi",
"type": "function"
},
{
"address": "0x73fc2d7c10",
"name": "_ZN7_JNIEnv17GetStringUTFCharsEP8_jstringPh",
"type": "function"
},
{
"address": "0x73fc2d7c50",
"name": "_ZN7_JNIEnv21ReleaseStringUTFCharsEP8_jstringPKc",
"type": "function"
}
]
0x00000070e8121000 0x00000070e8125000 libtool-checker.so
0x00000073f8863000 0x00000073f8864000 linux-vdso.so.1
[0x00000000]> s 0x00000070e8121000
[0x70e8121000]> :iE
0x70e81219cc f Java_com_scottyab_rootbeer_RootBeerNative_setLogDebugMessages
0x70e8121b98 f _ZN7_JNIEnv14GetArrayLengthEP7_jarray
0x70e8121ad4 f Java_com_scottyab_rootbeer_RootBeerNative_checkForRoot
0x70e8121a18 f _Z6existsPKc
0x70e8121bd0 f _ZN7_JNIEnv21GetObjectArrayElementEP13_jobjectArrayi
0x70e8121c10 f _ZN7_JNIEnv17GetStringUTFCharsEP8_jstringPh
0x70e8121c50 f _ZN7_JNIEnv21ReleaseStringUTFCharsEP8_jstringPKc
[0x70e8121000]> :?V
{"version":"15.2.2"}
please try again. i think the bug was not in enumerateExports, but in the way we got the current module. i fixed that thing in r2frida, so please try again and confirm the bug is fixed now
Fixed
Radare2 anal
R2 is capable of detecting the exports of the native library:
R2Frida (steps to reproduce)
R2Frida is not able to identify the exports or imports at runtime:
Setup
Latest Frida, r2 and r2frida APK: com.scottyab.rootbeer.sample.apk.zip