search

suifei / fridare

强大的 Frida 重打包工具,用于 iOS 和 Android。轻松修改 Frida 特征,增强隐蔽性,绕过检测。简化逆向工程和安全测试。Powerful Frida repackaging tool for iOS and Android. Easily modify Frida servers to enhance stealth and bypass detection. Streamlines reverse engineering and security testing.
MIT License
198 stars 54 forks source link

frida-tools cannot run after patch-tools #13

Open petersiow opened 1 week ago

petersiow commented 1 week ago

First, Install the frida-tools and confirm it can run

(base) <username>@MacBook fridare % pip3 install frida
Collecting frida
  Using cached frida-16.5.5-cp37-abi3-macosx_11_0_arm64.whl.metadata (2.0 kB)
Requirement already satisfied: typing-extensions in /Users/<username>/miniforge3/lib/python3.10/site-packages (from frida) (4.12.2)
Using cached frida-16.5.5-cp37-abi3-macosx_11_0_arm64.whl (30.9 MB)
Installing collected packages: frida
Successfully installed frida-16.5.5
(base) <username>@MacBook fridare % pip3 install frida-tools
Collecting frida-tools
  Using cached frida_tools-13.3.0-py3-none-any.whl
Requirement already satisfied: colorama<1.0.0,>=0.2.7 in /Users/<username>/miniforge3/lib/python3.10/site-packages (from frida-tools) (0.4.4)
Requirement already satisfied: frida<17.0.0,>=16.2.2 in /Users/<username>/miniforge3/lib/python3.10/site-packages (from frida-tools) (16.5.5)
Requirement already satisfied: prompt-toolkit<4.0.0,>=2.0.0 in /Users/<username>/miniforge3/lib/python3.10/site-packages (from frida-tools) (3.0.43)
Requirement already satisfied: pygments<3.0.0,>=2.0.2 in /Users/<username>/miniforge3/lib/python3.10/site-packages (from frida-tools) (2.17.2)
Requirement already satisfied: websockets<14.0.0,>=13.0.0 in /Users/<username>/miniforge3/lib/python3.10/site-packages (from frida-tools) (13.1)
Requirement already satisfied: typing-extensions in /Users/<username>/miniforge3/lib/python3.10/site-packages (from frida<17.0.0,>=16.2.2->frida-tools) (4.12.2)
Requirement already satisfied: wcwidth in /Users/<username>/miniforge3/lib/python3.10/site-packages (from prompt-toolkit<4.0.0,>=2.0.0->frida-tools) (0.2.12)
Installing collected packages: frida-tools
Successfully installed frida-tools-13.3.0
(base) <username>@MacBook fridare % ls                      
(base) <username>@MacBook fridare % frida-ps
  PID  Name
-----  ------------------------------------------------
  724  AMPDeviceDiscoveryAgent                         
94610  Accessibility Services                          
  5128  Adobe Content Synchronizer                      
  5826  Adobe Content Synchronizer Finder Extension     
  52858  Adobe Crash Handler                             
  3310  Adobe Crash Handler                             
  66196  Adobe Crash Processor                           
  377  AirPlayXPCHelper                                
  2661  AirPlay螢幕鏡像輸出                                   
  3223  Android File Transfer Agent

Patch tools, no error

(base) <username>@MacBook fridare % ./fridare.sh pt name abcde
工作目录:/Users/<username>/Documents/Frida/fridare
环境信息:
  Conda 环境: /Users/<username>/miniforge3
  Python 路径: /Users/<username>/miniforge3/bin/python
  Python 版本: Python 3.10.12
  Frida 版本: 16.5.5
  Frida 路径: /Users/<username>/miniforge3/lib/python3.10/site-packages/frida
  Golang 版本: go version go1.23.2 darwin/arm64
  GOPATH: /Users/<username>/go
  操作系统: Darwin
  系统版本: 24.1.0

配置信息:
  FRIDA_SERVER_PORT: 8899
  CURL_PROXY: 
  AUTO_CONFIRM: false
  FRIDA_NAME: abcde

[SUCC] 找到 frida-tools 路径: /Users/<username>/miniforge3/lib/python3.10/site-packages/frida
是否确认使用此路径?
请输入 (y/n)y
[INFO] 开始给 frida-tools 打补丁...
[INFO] 备份已存在: /Users/<username>/miniforge3/lib/python3.10/site-packages/frida/_frida.abi3.so.fridare
[INFO] Python 库文件: /Users/<username>/miniforge3/lib/python3.10/site-packages/frida/_frida.abi3.so
[INFO] Frida 名称: abcde

Detected file format: 1
MachO: CPU: ARM64, Byte Order: Little Endian, File Type: Bundle
Replaced 5 occurrences
Successfully patched __cstring section
Replaced 21 occurrences
Successfully patched __const section
Patch success
Backup already exists: /Users/<username>/miniforge3/lib/python3.10/site-packages/frida/core.py.fridare
Replaced "frida:rpc" with "abcde:rpc"
Replaced "frida:rpc" with "abcde:rpc"
Replacement complete. Made 2 replacements.
[SUCC] frida-tools 修改完成

It died after patched

(base) <username>@MacBook fridare % frida-ps
zsh: killed     frida-ps

Also unable to reinstall

(base) <username>@MacBook fridare % ./fridare.sh pt restore
工作目录:/Users/<username>/Documents/Frida/fridare
环境信息:
  Conda 环境: /Users/<username>/miniforge3
  Python 路径: /Users/<username>/miniforge3/bin/python
  Python 版本: Python 3.10.12
[WARN]   Frida 未安装或无法检测
  Golang 版本: go version go1.23.2 darwin/arm64
  GOPATH: /Users/<username>/go
  操作系统: Darwin
  系统版本: 24.1.0

配置信息:
  FRIDA_SERVER_PORT: 8899
  CURL_PROXY: 
  AUTO_CONFIRM: false
  FRIDA_NAME: abcde

[SUCC] 找到 frida-tools 路径: 
是否确认使用此路径?
请输入 (y/n)y
[INFO] 开始恢复 frida-tools 到原版...
[WARN] 未找到 Python 库文件的备份

Environment: Macbook M2 fridare version: 3.1.7 firda version / python version: see the log

elvis-iOS commented 1 week ago

same problem