26
edits
Changes
Jump to navigation
Jump to search
Line 4:
Line 4: − + − + +
→Questions:
# Successfully built up Frida-Server pipeline. Without modifying the source code of app. I can dynamically output all data that flows in interesting functions. Besides, I can get calling relationships(stack trace back) dynamically.
# Successfully built up Frida-Server pipeline. Without modifying the source code of app. I can dynamically output all data that flows in interesting functions. Besides, I can get calling relationships(stack trace back) dynamically.
=== Questions: ===
=== Questions: ===
Question: MP-->''Could please explain more what Frida could do?''
* Question: MP-->''Could please explain more what Frida could do?''
Answer: [https://frida.re/docs/home/ Here] explains that Frida can easily inject our logics into app's functions, which exposes the information that the functions are called or not(We could inject some logging code into target functions, and when they are called, our logs will show up); besides, we can show the parameters(data). All things I did before(modify SMALI code of apps -> compile the modified code -> build and sign app -> run the app -> watch console and find our logs to see what happens in a target function) CAN BE REPLACE by Frida Server. Because this tool can help us easily inject codes into an app without modifying the app even when the app is running(I submit the injected scripts and then results will be available right away)! To conclude, this tool can help us analyze the SDKs efficiently. But at the end, we still have to modify smali code to get our product after we find the target functions and understand the logits.
* Answer: [https://frida.re/docs/home/ Here] explains that Frida can easily inject our logics into app's functions, which exposes the information that the functions are called or not(We could inject some logging code into target functions, and when they are called, our logs will show up); besides, we can show the parameters(data). All things I did before(modify SMALI code of apps -> compile the modified code -> build and sign app -> run the app -> watch console and find our logs to see what happens in a target function) CAN BE REPLACE by Frida Server. Because this tool can help us easily inject codes into an app without modifying the app even when the app is running(I submit the injected scripts and then results will be available right away)! To conclude, this tool can help us analyze the SDKs efficiently. But at the end, we still have to modify smali code to get our product after we find the target functions and understand the logits.
=== Plans: ===
=== Plans: ===
# Try to find all class names by code or tool. And the class names can be fed into my scripts and then I can hook all functions in the app at one shot.
# Try to find all class names by code or tool. And the class names can be fed into my scripts and then I can hook all functions in the app at one shot.