Frida Operating Manual
PS: by: @hluwa @r0ysue
changelog:
| date | log |
|---|
| 2019-5-4 | 4.4 FRIDA脚本系列(四)更新篇:几个主要机制的大更新 |
| 2019-3-29 | 4.3 FRIDA脚本系列(三)超神篇:百度AI“调教”抖音AI |
| 2019-1-16 | Brida Operation Guide |
| 2019-1-11 | 4.2 FRIDA脚本系列(二)成长篇:动静态结合逆向WhatsApp |
| 2019-1-9 | Other scripts in the FRIDA script series: Introduction to several scripts used by frida in Android reverse and delayed Hook techniques |
| 2019-1-2 | Share on frida at SRC White Hat Salon: The King Of Hooking Tools.pptx |
| 2018-12-18 | Start writing Android script series 4.2 FRIDA脚本系列(一)入门篇:在安卓8.1上dump蓝牙接口和实例 |
| 2018-12-13 | Add subdirectory: frida advanced applications: summary of FRIDA detection methods |
| 2018-12-13 | Imyang bigwig released CVE-2017-4901 Analysis of VMware virtual machine escape vulnerability [Frida Windows instance], arranged in the section [frida Advanced Application: Comprehensive Offensive and Defense] |
| 2018-12-11 | Complete 03.基本案例上手/3.5 Android section, explaining FRIDA hook parameters, modification results, remote calls, dynamic modification and other functions |
| 2018-12-08 | Completed the Android part in 01.多平台环境安装/1.3.Android-iOS.md article, Android version is 8.1 |
| 2018-12-06 | Complete the directory and upload it to github |
| 2018-12-05 | Preface 02: FRIDA-HOOK channel opening |
| 2018-11-24 | Preface 01: Like water and flowing years |
Preface
1. Like water flowing
2. FRIDA/HOOK channel opening
Chapter 1. Multi-platform environment installation
1.1 FRIDA basic architecture
1.2 Windows/macOS/Linux
1.3 Android/iOS (Android 8.1)
1.3.1 Android root
1.3.2 Android frida-server installation
1.4 Source code compilation
Chapter 2. FRIDA Tools
2.1 Frida CLI
2.2 Frida-ps
2.3 Frida-trace
2.4 Frida-discover
2.5 Frida-ls-devices
2.6 Frida-kill
Chapter 3. Get started with basic cases
3.1 Windows
3.1.1 CVE-2017-4901 VMware virtual machine escape vulnerability analysis [Frida Windows instance]
3.2 macOS
3.3 Linux
3.4 iOS
3.5 [Android]
3.5.1 An article will help you understand the essence of Frida (based on Android 8.1)
3.5.2 Basic abilities: hook parameters, modification results
3.5.3 Intermediate ability: remotely call RPC
3.5.4 Advanced capabilities: interconnection, dynamic modification (Dwarf debugger)
Chapter 4. FRIDA SCRIPT
4.1 iOS
4.2 Android (Android 8.1)
4.2.1 "hello world" of FRIDA SCRIPT
4.2.2 Enumerate all classes and locate classes
4.2.3 Enumerate all methods of the class and locate methods
4.2.4 Case 1: Comprehensive Case: Dump Bluetooth interface and instance on Android 8.1
4.2.5 All overloads of hook method
4.2.6 All methods of hook class
4.2.7 All classes under hook package
4.2.8 Export function of hook local library
4.2.9 Case 2: Comprehensive Case: Dynamic and Static Combination of Reverse WhatsApp
4.2.5 Hook io InputStream
4.2.6 Android make Toast
4.2.7 Await for specific module to load
4.2.8 Print stacktrace
4.2.9 String comparison(Only working in dvm)
4.2.10 Hook JNI
4.2.11 Hook constructor
4.2.12 Hook Java reflection
4.2.13 Trace class
4.2.14 SSL pinning bypass
Other script 1: Introduction to several scripts used by frida in Android reverse and delayed Hook techniques
... ...
Chapter 5. Frida Advanced Application
5.1 Static analysis (r2frida, IDA plugin)
5.2 Dynamic Analysis
5.3 Data Extraction
5.4 Process Analysis
5.5 Interface Analysis
5.6 Protocol Analysis
5.7 Fuzz
5.7.1 In-Process Fuzzing With Frida
5.8 Catch and unpack (brida)
5.9 Package replay (brida)
5.10 Encryption and decryption
5.11 De-shelling and removing protection
5.12 Various detections bypass
5.13 Anti-debugging and Anti-debugging
5.14 Summary of FRIDA detection methods
Chapter 6. Summary of hook skills (Java, C/C++, ObjC,...)
6.1 C/C++(CModule)
6.2 Java
6.2.1 Variables, parameters, custom parameters
6.2.2 Functions, hidden functions, constructors, and overloading
6.2.3 Custom classes, inner classes, anonymous inner classes, abstract classes
6.2.4 ......
6.3 ObjC
6.4 Hook multi-process
Chapter 7. Secondary development case
7.1 Appmon
7.2 brida
7.3 r2frida
7.4 objection
7.5 ssl_logger
7.6 passwordfruit
