search

vfsfitvnm / frida-il2cpp-bridge

A Frida module to dump, trace or hijack any Il2Cpp application at runtime, without needing the global-metadata.dat file.
https://github.com/vfsfitvnm/frida-il2cpp-bridge/wiki
MIT License
1.06k stars 205 forks source link

Error : unable to find module 'libil2cpp.so' #355

Closed XD-jeef closed 1 year ago

XD-jeef commented 1 year ago

I tried and got this line: my game Name Garina Free fire Error : unable to find module 'libil2cpp.so' Use memu player 8.1 emulator In Windows

vfsfitvnm commented 1 year ago

if you are using an emulator, you may need to use --realm=emulated frida flag

ekologic commented 1 year ago

I've been also facing the issue on emulator when using the realm flag, tried in Memu and LdPlayer

 frida -U -f com.some.game -l ./output/hook.js --realm=emulated

     ____
    / _  |   Frida 16.1.3 - A world-class dynamic instrumentation toolkit
   | (_| |
    > _  |   Commands:
   /_/ |_|       help      -> Displays the help system
   . . . .       object?   -> Display information about 'object'
   . . . .       exit/quit -> Exit
   . . . .
   . . . .   More info at https://frida.re/docs/home/
   . . . .
   . . . .   Connected to Android Emulator 5554 (id=emulator-5554)
**Failed to attach: the connection is closed**

Currently trying frida-gadget, on a real device it works, but in emulator it is freezing for some reason on init, some issues loading the injected library (sorry for offtop)

EDIT: after some digging in the logs of the emulator I get this and the similar with frida-gadget: enter native_bridge3_loadLibraryExt /data/local/tmp/re.frida.server/frida-agent-arm.so, 1, 0x3 I mean after this gets stuck on this line

ekologic commented 1 year ago

I believe it has something to do with libc+houdini according to the tombstone logs

    #00 pc 00000cd9  [vdso:f7ea1000] (__kernel_vsyscall+9)
    #01 pc 00082e36  /system/lib/libc.so (offset 0x3f000) (__ppoll+38)
    #02 pc 0003ce1b  /system/lib/libc.so (offset 0x36000) (poll+75)
    #03 pc 000fcde2  /memfd:frida-agent-32.so (deleted) (offset 0xa25000)
Edit:
ahh 
```
09-01 02:54:28.509  4975  4995 V libnb   : enter native_bridge3_loadLibraryExt /data/local/tmp/re.frida.server/frida-agent-arm.so, 1, 0x3

09-01 02:54:28.613 4975 4995 E ziparchive: Zip: lseek on fd -2 failed: Bad file descriptor



I assume a frida issue
vfsfitvnm commented 1 year ago

Yep, it looks like it is. I've had success using frida on the official android emulator image (ref, ARM only), but I guess it won't work if your game can detect emulators and you are not prepared for that

vfsfitvnm commented 1 year ago

360