编译官方fridaserver或者strongFrida并替换系统内置版本
描述
主要内容:
下载官方frida源码并编译安卓版本的fridaserver,然后替换内置版本
编译反检测版本fridaserver工程strongFrida并替换系统内置版本
1.编译环境前期准备
1.1 操作系统准备
ubuntu系统: ubuntu-20.04 java环境: JDK 1.8 Python环境: >=3.7 git工具: 安装任一版本就行。
1.2 ndk下载准备
当前最新frida源码编译安卓版本需要ndk-r22版本,不然会提示错误。
ndk下载地址:
https://dl.google.com/android/repository/android-ndk-r22-linux-x86_64.zip
下载以后解压到一个目录后续使用。比如我个人的存放目录:
/home/qiang/androidndk/android-ndk-r22
1.3 安装依赖
分别执行如下命令:
qiang@ubuntu:~/myproject/frida/frida$ sudo apt-get update qiang@ubuntu:~/myproject/frida/frida$ sudo apt-get install build-essential tree ninja-build gcc-multilib g++-multilib lib32stdc++-9-dev flex bison xz-utils ruby ruby-dev python3-requests python3-setuptools python3-dev python3-pip libc6-dev libc6-dev-i386 -y qiang@ubuntu:~/myproject/frida/frida$ sudo python -m pip install colorama prompt-toolkit pygments qiang@ubuntu:~/myproject/frida/frida$ python -m pip install lief
1.4 frida源码下载
执行如下命令下载:
git clone --recurse-submodules https://github.com/frida/frida
比如我下载存储目录:
/home/qiang/myproject/frida/frida
2.编译操作
2.1 官方版本编译
(1).设置ANDROID_NDK_ROOT变量
qiang@ubuntu:~/myproject/frida/frida$ export ANDROID_NDK_ROOT=/home/qiang/androidndk/android-ndk-r22
(2).进入frida源码根目录分别执行如下命令编译android版本的frida
qiang@ubuntu:~/myproject/frida/frida/frida$ pwd /home/qiang/myproject/frida/frida/frida qiang@ubuntu:~/myproject/frida/frida/frida$ ls build COPYING frida-gum frida-qml frida-tools Makefile.macos.mk README.md config.mk frida-clr frida-node frida.sln Makefile Makefile.sdk.mk releng CONTRIBUTING.md frida-core frida-python frida-swift Makefile.linux.mk Makefile.toolchain.mk qiang@ubuntu:~/myproject/frida/frida/frida$ qiang@ubuntu:~/myproject/frida/frida/frida$ make core-android-arm64 qiang@ubuntu:~/myproject/frida/frida/frida$ qiang@ubuntu:~/myproject/frida/frida/frida$ make core-android-arm qiang@ubuntu:~/myproject/frida/frida/frida$
(3).编译完成之后的目标存储目录
frida-android-arm存放目录:
qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm/bin$ qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm/bin$ pwd /home/qiang/myproject/frida/frida/frida/build/frida-android-arm/bin qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm/bin$ ls -la total 36316 drwxr-xr-x 2 qiang qiang 4096 3月 31 22:25 . drwxrwxr-x 6 qiang qiang 4096 3月 31 22:25 .. -rwxr-xr-x 1 qiang qiang 17846012 3月 31 22:25 frida-inject -rwxr-xr-x 1 qiang qiang 17669844 3月 31 22:25 frida-server -rwxr-xr-x 1 qiang qiang 1660900 3月 31 22:25 gum-graft qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm/bin$ qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm/bin$
frida-android-arm64存储目录:
qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm64/bin$ ls -la total 83204 drwxr-xr-x 2 qiang qiang 4096 3月 31 22:28 . drwxrwxr-x 6 qiang qiang 4096 3月 31 22:28 .. -rwxr-xr-x 1 qiang qiang 41620872 3月 31 22:28 frida-inject -rwxr-xr-x 1 qiang qiang 41383216 3月 31 22:28 frida-server -rwxr-xr-x 1 qiang qiang 2182096 3月 31 22:28 gum-graft qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm64/bin$ pwd /home/qiang/myproject/frida/frida/frida/build/frida-android-arm64/bin qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm64/bin$ qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm64/bin$ ls frida-inject frida-server gum-graft qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm64/bin$ qiang@ubuntu:~/myproject/frida/frida/frida/build/frida-android-arm64/bin$
2.2 strongR-frida-android版本编译
2.2.1 简介
strongR-frida-android主要是通过patch代码的方式,为frida官方源码进行一些修改,抹除一些关键特征,为Android构建反检测版本的frida-server。
2.2.2 patch补丁文件
patch补丁项目地址:
https://github.com/AAAA-Project/Patchs
2.2.3 编译以及测试流程
strongR-frida-android编译和官方frida编译方式是一样的,差异在于编译frida源码之前,需要先下载frida官方的源码,然后使用git am命令将patch代码应用到frida官方源码中。以下说一下具体patch补丁的流程。
(1)、为frida源码patch 反检测补丁
详细流程参考如下命令:
qiang@ubuntu:~/myproject/frida/frida$ qiang@ubuntu:~/myproject/frida/frida$ git clone https://github.com/AAAA-Project/Patchs Cloning into 'Patchs'... remote: Enumerating objects: 40, done. remote: Counting objects: 100% (40/40), done. remote: Compressing objects: 100% (22/22), done. remote: Total 40 (delta 19), reused 32 (delta 11), pack-reused 0 Unpacking objects: 100% (40/40), 12.04 KiB | 280.00 KiB/s, done. qiang@ubuntu:~/myproject/frida/frida$ cd frida/frida-core/ qiang@ubuntu:~/myproject/frida/frida/frida/frida-core$ git am ../../Patchs/strongR-frida/frida-core/*.patch Applying: strongR-frida: string_frida_rpc Applying: strongR-frida: io_re_frida_server Applying: strongR-frida: pipe_linjector Applying: strongR-frida: io_frida_agent_so Applying: strongR-frida: symbol_frida_agent_main Applying: strongR-frida: thread_gum_js_loop Applying: strongR-frida: thread_gmain Applying: strongR-frida: protocol_unexpected_command qiang@ubuntu:~/myproject/frida/frida/frida/frida-core$ qiang@ubuntu:~/myproject/frida/frida/frida/frida-core$ qiang@ubuntu:~/myproject/frida/frida/frida/frida-core$
(2)、编译源码操作
和编译官方frida源码一样的流程。
(3). 替换手机内置版本测试
通过adb push进去替换。具体请参考"不用刷机情况下升级或者降级系统中的fridaserver"。
4. 可参考的集成编译脚本
编译官方frida的shell脚本参考:
# build for frida android # sudo apt-get update sudo apt-get install build-essential tree ninja-build gcc-multilib g++-multilib lib32stdc++-9-dev flex bison xz-utils ruby ruby-dev python3-requests python3-setuptools python3-dev python3-pip libc6-dev libc6-dev-i386 -y sudo python -m pip install colorama prompt-toolkit pygments # set ANDROID_NDK_ROOT export ANDROID_NDK_ROOT=/home/qiang/androidndk/android-ndk-r22 # delete frida rm -rf frida # download again git clone --recurse-submodules https://github.com/frida/frida cd frida # clean building cache make clean # building frida android arm make core-android-arm # building frida android arm64 make core-android-arm64
编译strong frida脚本参考如下:
# build for strong frida android # sudo apt-get update sudo apt-get install build-essential tree ninja-build gcc-multilib g++-multilib lib32stdc++-9-dev flex bison xz-utils ruby ruby-dev python3-requests python3-setuptools python3-dev python3-pip libc6-dev libc6-dev-i386 -y sudo python -m pip install colorama prompt-toolkit pygments # export ANDROID_NDK_ROOT=/home/qiang/androidndk/android-ndk-r22 rm -rf Patchs # Download Paths git clone https://github.com/AAAA-Project/Patchs rm -rf frida # Download frida souce code git clone --recurse-submodules https://github.com/frida/frida cd frida/frida-core echo "start to patch source code " git am ../../Patchs/strongR-frida/frida-core/*.patch echo "finish to patch source code " sleep 2 cd .. make clean make core-android-arm make core-android-arm64
审核编辑:汤梓红
声明:本文内容及配图由入驻作者撰写或者入驻合作网站授权转载。文章观点仅代表作者本人,不代表电子发烧友网立场。文章及其配图仅供工程师学习之用,如有内容侵权或者其他违规问题,请联系本站处理。
举报投诉
-
视音频矩阵控制/切换系统2011-03-04 0
-
STM32 uClinux 编译器2015-08-05 0
-
查看交叉编译工具链版本的时候提示没有文件2016-11-14 0
-
【液晶显示屏试用体验】编译官方例子出现的问题及解决方法2017-04-20 0
-
韦东山鸿蒙系统移植课程:下载源码并编译2020-09-30 0
-
如何退出鸿蒙HarmonyOS 2.0 Beta测试计划,并还原为官方稳定版本?2021-05-24 0
-
请问大佬应该怎么换系统?2021-12-30 0
-
RK3288 Android 7.1.2内置时编译User版本源码出错是什么原因呢2022-03-03 0
-
官方EVT里的程序通过keil编译的hex无法运行是为什么?2022-06-15 0
-
使用命令行编译官方例程helloworld,ESP-IDF编译报错怎么处理?2023-02-10 0
-
根据官方文档下载和配置好esp-idf后,编译官方提供的webcamera例程时,发生了cmake编译错误的问题如何解决?2023-02-21 0
-
编译官网最新的v4.3rc example中的i2s例子,编译时报I2S0找不到的错误怎么解决?2023-02-21 0
-
ESP-IDF使用命令行编译官方例程helloworld报错求解2023-03-03 0
-
基于网络的切换系统综述2018-01-05 641
-
CubeMX版本编译代码的教程2020-10-10 4230
全部0条评论
快来发表一下你的评论吧 !
