frida工具的缝合怪

Last update: Jan 09, 2023

Related tags

Deep Learning fridaUiTools

Overview

fridaUiTools

fridaUiTools是一个界面化整理脚本的工具。新人的练手作品。参考项目ZenTracer，觉得既然可以界面化，那么应该可以把功能做的更加完善一些。跨平台支持：win、mac、linux

功能缝合怪。把一些常用的frida的hook脚本简单统一输出方式后，整合进来。并且将自己觉得常用的功能做成界面调用的。还想动态获取一些信息默认的直接展示。后续会根据自己实战的经验。不断完善这个工具。

Hook脚本如下（附加进程前使用）

整合r0capture

整合jnitrace

java层的加解密相关自吐

ssl pining（整合DroidSSLUnpinning）

模糊匹配函数进行批量hook（整合ZenTracer）

native的sub函数批量hook（参数统一方式打印。所以输出只能做参考）

stalker的trace（整合sktrace）

整合frida_hook_libart

脱壳相关（整合frida_dump、FRIDA-DEXDump、fart）

自定义脚本添加

patch汇编代码

调用功能如下（附加进程后使用）

fart主动调用

DUMPDex主动调用

dump打印指定地址

dump指定模块

wallBreak整合

应用信息

附加成功时将一些信息带出来给界面展示。目前仅将module列表和class列表展示出来。可以查询函数以及符号

日志说明

1、操作日志

是对软件操作的所有输出日志。

2、输出日志

所有js返回的日志都在输出日志。并且保存在logs目录中

3、当前hook列表

当前勾选的hook脚本列表展示。可以保存，方便以后直接加载使用。

应用部分界面

使用说明

软件里面有很多地方用到了缓存数据。缓存数据是附加一次进程后，保存下来的module和class列表。这样方便智能的检索。所以一般第一次使用的时候，先附加一次目标进程，就有缓存数据可以使用了。

fart如果第一次使用，需要在上传与下载菜单栏中点击上传fart的so。

软件目前应该还存在很多瑕疵和bug。我会在实用中慢慢修补。

新增功能

frida-server14.2的自动上传到手机

frida-server的启动

自定义脚本功能

fart的dump结果下载

增加patch功能

应用信息显示（adb shell dumpsys取出来的数据）

hookEvent（app的所有控件的点击事件hook）

cmd切换（有些设备是需要adb shell su 0来使用su权限的，有些是adb shell su -c。这里为了通用，可以自己切换）

感谢

Comments

x86用的哪个模拟器？

fridaUiTools_for_window1.0.6版本frida选择的14.2.18，试了“雷电3x/4x-32位”，“逍遥5.1/7.1-32位”，上传frida-server均已失败告终，手动上传并启动，只能获取应用信息，其他功能都无法正常使用。作者大大测试的是哪款模拟器，系统位数，frida版本等信息，请告知。

opened by taotaoli123 3
ubantu 20.04折腾了一天都没运行起来

源码报错如下 ➜ fridaUiTools-1.0.3 ./kmainForm.py File "./kmainForm.py", line 339 res = self.spawnAttachForm.exec() ^ SyntaxError: invalid syntax

打包的 yangmoling-pc% ./fridaUiTools Traceback (most recent call last): File "PyInstaller/loader/pyimod04_ctypes.py", line 53, in init File "ctypes/init.py", line 373, in init OSError: libcapstone.so: cannot open shared object file: No such file or directory

The above exception was the direct cause of the following exception:

Traceback (most recent call last): File "kmainForm.py", line 20, in File "", line 991, in _find_and_load File "", line 975, in _find_and_load_unlocked File "", line 671, in _load_unlocked File "PyInstaller/loader/pyimod03_importers.py", line 476, in exec_module File "forms/Patch.py", line 6, in File "", line 991, in _find_and_load File "", line 975, in _find_and_load_unlocked File "", line 671, in _load_unlocked File "PyInstaller/loader/pyimod03_importers.py", line 476, in exec_module File "utils/AsmUtil.py", line 1, in File "", line 991, in _find_and_load File "", line 975, in _find_and_load_unlocked File "", line 671, in _load_unlocked File "PyInstaller/loader/pyimod03_importers.py", line 476, in exec_module File "capstone/init.py", line 312, in File "capstone/init.py", line 285, in _load_lib File "ctypes/init.py", line 451, in LoadLibrary File "PyInstaller/loader/pyimod04_ctypes.py", line 55, in init pyimod04_ctypes.PyInstallerImportError: Failed to load dynlib/dll 'libcapstone.so'. Most likely this dynlib/dll was not found when the application was frozen. [2061672] Failed to execute script 'kmainForm' due to unhandled exception!

opened by yangmoling 3
关于端口转发的问题

用wifi连接，启动frida命令中并没有体现出来 (没有替换转发端口27042) adb shell su 0 /data/local/tmp/frida-server-16.0.2-android-arm64 -l 192.168.0.102:6666 adb forward tcp:27042 tcp:27042 adb forward tcp:27043 tcp:27043

这里的两个端口不应该对应么希望大佬有时间回答一下。

opened by Rungjen 2
mac下无法使用

Last login: Wed Dec 14 16:23:59 on ttys002 /Users/mac/Downloads/fridaUiTools_for_mac/kmainForm_14 ; exit; macdeiMac-4:~ mac$ /Users/mac/Downloads/fridaUiTools_for_mac/kmainForm_14 ; exit; Traceback (most recent call last): File "kmainForm.py", line 22, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "forms/Patch.py", line 6, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "utils/AsmUtil.py", line 1, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "capstone/init.py", line 315, in ImportError: ERROR: fail to load the dynamic library. [2538] Failed to execute script 'kmainForm' due to unhandled exception: ERROR: fail to load the dynamic library. [2538] Traceback: Traceback (most recent call last): File "kmainForm.py", line 22, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "forms/Patch.py", line 6, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "utils/AsmUtil.py", line 1, in File "PyInstaller/loader/pyimod02_importers.py", line 493, in exec_module File "capstone/init.py", line 315, in ImportError: ERROR: fail to load the dynamic library.

logout Saving session... ...copying shared history... ...saving history...truncating history files... ...completed.

[进程已完成]

opened by wulliwui 1
frida_dexdump

android10 pip 安装使用报 Set read permission for memory range: 0x7041abff-0x704211e000错误用 ui 使用报Error: access violation accessing 0x32c00000错误考虑到应该是访问内存的问题大佬知道该怎么解决么？

opened by Rungjen 1
自定义脚本

自定义脚本那里，我用下面代码在原来的frida能用，但在window你这工具没信息显示？ Java.perform(function() { var targetClass='com.shandui.common.utils.MD5Util'; var methodName='getMD5'; var gclass = Java.use(targetClass); gclass[methodName].overload('java.lang.String').implementation = function(arg0) { console.log('\nGDA[Hook getMD5(java.lang.String)]'+'\n\targ0 = '+arg0); var i=thismethodName; console.log('\treturn '+i); return i; } })

日志以下，没显示 2022-12-07 09:44:59 default.js init hook success 2022-12-07 09:45:00 加载appinfo 2022-12-07 09:49:23 default.js init hook success 2022-12-07 09:49:23 加载appinfo

opened by book9602 2

Releases(v1.0.11)

v1.0.11(Dec 29, 2022)

新增过frida检测和支持frida16版本
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_mac.zip(423.41 MB)
v1.0.10(Dec 2, 2022)

修复搜索内存功能中的一些bug，搜索到的结果新增右键查询模块信息功能。修复一些细节问题
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_mac.zip(251.89 MB)
fridaUiTools_for_window.zip(280.57 MB)
v1.0.9(Nov 25, 2022)

新增功能搜索内存中的内容，附加后使用。参考来源基于frida的android游戏内存扫描器_初稿新增功能内存断点trace，附加后使用。参考来源fridaMemoryAccessTrace fridaMemoryAccessTrace的里面有例子，使用测试可以先安装他的apk。然后module填libnative-lib.so，symbol填test_value，length填4。实现比较简单，测试比较少。发现bug再修吧。
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_mac.zip(248.98 MB)
v1.0.8(Nov 21, 2022)

修复register_native_hook，修复了spawn启动会缺少一点数据的问题优化FCAnd_jnitrace可以选择指定模块和函数
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_mac.zip(248.84 MB)
fridaUiTools_for_window.zip(280.06 MB)
v1.0.7(Nov 15, 2022)

新增修改frida默认端口新增可关闭输出日志，在文件选项中关闭（有些脚本输出数据过多，可以关掉ui上面显示的日志，直接在log目录中查看文件即可）调整r0capture,默认将抓到的包保存在pcap目录下前面发布的win版本的14版本有点问题。已修复。
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_mac.zip(248.84 MB)
fridaUiTools_for_window.zip(280.05 MB)
v1.0.6(Nov 10, 2022)

参考项目FridaContainer。添加功能anti_debug简单的一键反调试添加功能jnitrace，和原来版本的区别是不用指定so，不用指定函数，打印更加完整添加内置r0gson，在自定义模块中有例子调用打印java类,需要先在上传选项中点上传gson
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_mac.zip(287.67 MB)
fridaUiTools_for_window.zip(279.80 MB)
v1.0.5(Nov 9, 2022)

添加frida版本切换的功能，由于打包时会将当前环境的frida-python直接打包到二进制中。导致运行的时候默认使用我本地打包时的python环境中的frida，如果你是需要随时切换frida版本，都能生效。请用pycharm打开源码的运行，否则可以运行我打包好的对应版本。
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_mac.zip(287.66 MB)
v1.0.4(Aug 31, 2022)

修复 ERROR.无法获取到进程列表
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_mac.zip(129.72 MB)
fridaUiTools_for_window.zip(146.19 MB)
v1.0.3(Nov 10, 2021)

新增wifi连接方式，frida更新到15.1.9。修复新版本frida无法附加的问题。如果是使用我的工具的启动frida-server。切换连接方式后，请用工具重新启动frida-server。
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_Linux.tar.gz(113.42 MB)
fridaUiTools_for_window.zip(85.35 MB)
v1.0.2(Nov 4, 2021)

如果无法运行,请将libcapstone.so复制到/usr/local/lib中
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_Linux.tar.gz(112.22 MB)
fridaUiTools_for_window.zip(77.23 MB)
v1.0.1(Jul 8, 2021)

修复Failed to execute script kmainForm问题。以及后续增加的新功能 Mac的需要把libcapstone.dylib拷贝到/usr/lib下。或者将应用工作目录添加到PATH中。
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_mac.zip(128.13 MB)
fridaUiTools_for_window.zip(77.23 MB)
v1.0.0(Jun 29, 2021)

第一版，问题应该挺多的。fridaUiTools_for_window_test.zip这种带test的版本是打包的带命令行窗口的。
Source code(tar.gz)
Source code(zip)
fridaUiTools_for_Linux.tar.xz(98.11 MB)
fridaUiTools_for_window.zip(75.99 MB)
fridaUiTools_for_window_test.zip(75.99 MB)

Owner

diveking

GitHub Repository

[arXiv] What-If Motion Prediction for Autonomous Driving ❓🚗💨

WIMP - What If Motion Predictor Reference PyTorch Implementation for What If Motion Prediction [PDF] [Dynamic Visualizations] Setup Requirements The W

96 Dec 29, 2022

Code of our paper "Contrastive Object-level Pre-training with Spatial Noise Curriculum Learning"

CCOP Code of our paper Contrastive Object-level Pre-training with Spatial Noise Curriculum Learning Requirement Install OpenSelfSup Install Detectron2

21 Dec 13, 2022

Adds timm pretrained backbone to pytorch's FasterRcnn model

Operating Systems Lab (ETCS-352) Experiments for Operating Systems Lab (ETCS-352) performed by me in 2021 at uni. All codes are written by me except t

12 Dec 03, 2022

This is the repository for our paper Ditch the Gold Standard: Re-evaluating Conversational Question Answering

Ditch the Gold Standard: Re-evaluating Conversational Question Answering This is the repository for our paper Ditch the Gold Standard: Re-evaluating C

38 Dec 16, 2022

Adversarial-autoencoders - Tensorflow implementation of Adversarial Autoencoders

Adversarial Autoencoders (AAE) Tensorflow implementation of Adversarial Autoencoders (ICLR 2016) Similar to variational autoencoder (VAE), AAE imposes

236 Nov 13, 2022

An energy estimator for eyeriss-like DNN hardware accelerator

Energy-Estimator-for-Eyeriss-like-Architecture- An energy estimator for eyeriss-like DNN hardware accelerator This is an energy estimator for eyeriss-

2 Mar 26, 2022

VACA: Designing Variational Graph Autoencoders for Interventional and Counterfactual Queries

VACA Code repository for the paper "VACA: Designing Variational Graph Autoencoders for Interventional and Counterfactual Queries (arXiv)". The impleme

16 Oct 10, 2022

Convolutional 2D Knowledge Graph Embeddings resources

ConvE Convolutional 2D Knowledge Graph Embeddings resources. Paper: Convolutional 2D Knowledge Graph Embeddings Used in the paper, but do not use thes

586 Dec 24, 2022

Official Code Release for "CLIP-Adapter: Better Vision-Language Models with Feature Adapters"

Official Code Release for "CLIP-Adapter: Better Vision-Language Models with Feature Adapters" Pipeline of CLIP-Adapter CLIP-Adapter is a drop-in modul

157 Dec 26, 2022

Official PyTorch Implementation of "Self-supervised Auxiliary Learning with Meta-paths for Heterogeneous Graphs". NeurIPS 2020.

Self-supervised Auxiliary Learning with Meta-paths for Heterogeneous Graphs This repository is the implementation of SELAR. Dasol Hwang* , Jinyoung Pa

48 Nov 09, 2022

Deep Learning: Architectures & Methods Project: Deep Learning for Audio Super-Resolution

Deep Learning: Architectures & Methods Project: Deep Learning for Audio Super-Resolution Figure: Example visualization of the method and baseline as a

16 Dec 23, 2022

Generative Models for Graph-Based Protein Design

Graph-Based Protein Design This repo contains code for Generative Models for Graph-Based Protein Design by John Ingraham, Vikas Garg, Regina Barzilay

159 Dec 15, 2022

Model-based Reinforcement Learning Improves Autonomous Racing Performance

Racing Dreamer: Model-based versus Model-free Deep Reinforcement Learning for Autonomous Racing Cars In this work, we propose to learn a racing contro

38 Dec 06, 2022

SBINN: Systems-biology informed neural network

SBINN: Systems-biology informed neural network The source code for the paper M. Daneker, Z. Zhang, G. E. Karniadakis, & L. Lu. Systems biology: Identi

15 Nov 19, 2022

UNAVOIDS: Unsupervised and Nonparametric Approach for Visualizing Outliers and Invariant Detection Scoring

UNAVOIDS: Unsupervised and Nonparametric Approach for Visualizing Outliers and Invariant Detection Scoring Code Summary aggregate.py: this script aggr

1 Dec 28, 2021

Pytorch implementation of paper "Efficient Nearest Neighbor Language Models" (EMNLP 2021)

57 Jan 01, 2023

Smart edu-autobooking - Johnson @ DMI-UNICT study room self-booking system

smart_edu-autobooking Sistema di autoprenotazione per l'aula studio [email protected]

17 Jun 20, 2022

Repository for the paper "PoseAug: A Differentiable Pose Augmentation Framework for 3D Human Pose Estimation", CVPR 2021.

PoseAug: A Differentiable Pose Augmentation Framework for 3D Human Pose Estimation Code repository for the paper: PoseAug: A Differentiable Pose Augme

328 Dec 17, 2022

Deep motion transfer

animation-with-keypoint-mask Paper The right most square is the final result. Softmax mask (circles): \ Heatmap mask: \ conda env create -f environmen

9 Nov 01, 2022

"Reinforcement Learning for Bandit Neural Machine Translation with Simulated Human Feedback"

This is code repo for our EMNLP 2017 paper "Reinforcement Learning for Bandit Neural Machine Translation with Simulated Human Feedback", which implements the A2C algorithm on top of a neural encoder-

131 Oct 21, 2022

frida工具的缝合怪

Related tags

Overview

fridaUiTools

Hook脚本如下（附加进程前使用）

调用功能如下（附加进程后使用）

应用信息

日志说明

1、操作日志

2、输出日志

3、当前hook列表

应用部分界面

使用说明

新增功能

感谢

Comments

x86用的哪个模拟器？

ubantu 20.04折腾了一天都没运行起来

关于端口转发的问题

mac下无法使用

frida_dexdump

自定义脚本

Releases(v1.0.11)

v1.0.11(Dec 29, 2022)

v1.0.10(Dec 2, 2022)

v1.0.9(Nov 25, 2022)

v1.0.8(Nov 21, 2022)

v1.0.7(Nov 15, 2022)

v1.0.6(Nov 10, 2022)

v1.0.5(Nov 9, 2022)

v1.0.4(Aug 31, 2022)

v1.0.3(Nov 10, 2021)

v1.0.2(Nov 4, 2021)

v1.0.1(Jul 8, 2021)

v1.0.0(Jun 29, 2021)