Briskinfosec - Global Cybersecurity Service Providers

  • +91 86086 34123

  • contact@briskinfosec.com

Stay Connected:

Getting Started with Frida | Briskinfosec
Image

Getting Started with Frida

In recent times, InfoSec field has been buzzing about Frida and tools based on Frida API. So what exactly is Frida?

Frida is a dynamic instrumentation toolkit. It is mainly created for testers, developers and reverse engineering enthusiasts. For mobile app security testers, Frida is like Swiss army knife. Using Frida tool, we can inject our own JavaScript into apps of Windows, macOS, GNU/Linux, iOS, Android, and QNX.

CONTENTS:

  • Installation
  • Setting up Frida on Android
  • Setting up Frida-server on iOS devices
  • Frida basic commands
  • Loading scripts
  • Conclusion
  • How Briskinfosec helps you?
  • Curious to read our case study?
  • Last but not the least
  • You may be interested on

Installation:

 Setting up Frida on Kali Linux:

Installing Frida tool is pretty easy but make sure you have installed the below requirements and OS options:

  • Python – latest version 3.x is highly recommended.
  • Windows, macOS, or GNU/Linux supported OS.

As given in their official site, use pip command to install frida in Windows, macOS, or GNU/Linux.

# pip install frida-tools

Once it is installed, verify whether it’s working or not. To know that, use the below command to verify.

# frida-ps

frida-ps will show you the running process name and its PID.

Verify the installed frida version using below command:

# frida –-version

Note down the installed version number, needed for installing Frida server in mobile devices.

Setting up Frida on Android:

Before installing Frida on Android, you need a rooted Android device or rooted emulators. If you want to use it in non-rooted phone, you need to repack the target app with frida-gadget.  Now, we will use the rooted device to install the frida server.

For installation, you need an ADB tool which you can use from Android SDK (Software Development Kit), or use Android studio tool which will have an inbuilt ADB in Android studio SDK path. Example for kali Linux - it will be in /root/Android/Sdk/platform-tools/path.

First, you need to download the Frida server for your specific android platform (arm, arm64, X86, X86_64). You can download the Frida servers from their official release page (https://github.com/frida/frida/releases).

Once you downloaded the frida server zip file, unzip it, and rename the filename into “frida-sever”.

Step 1: Copy the frida-server file into the Android phone’s tmp directory using adb push command.

 $ adb push frida-server /data/local/tmp/

Step 2: Change the permission of the frida-server file.

$ adb shell "chmod 755 /data/local/tmp/frida-server"

Step 3: Run the frida-server file.

$ adb shell "/data/local/tmp/frida-server &"

Every time, you must run the frida-server file to connect with desktop terminal. Now, connect your device over USB or Wi-Fi. Also, use adb devices to confirm whether the device is connected or not.

# adb devices

Now, everything is ready. From desktop terminal, we can connect frida-server by using the below command:

# frida-ps -U 

If everything works fine for you, it will give you the running process id’s and names from your device. Now, you’re good to go with frida.

Setting up frida-server on iOS device

Like Android, we can use jail break device or non- jail break device. Here, we will use jail break device to install the frida-server. Comparing to android, in iOS, it’s pretty easy.

Step 1: Go to Cydia app and add Frida’s repository by going to Manage -> Sources -> Edit -> Add and enter https://build.frida.re.  It will add a new source in the source list. Go to the frida source, now you should install the Frida package.

Now, go back to your system. It’s time to make sure the basics are working.

# frida-ps -U

Frida Basic Commands:

# frida-ls-devices:

This command is used to list all the attached devices.

# frida-ps

This command is used for listing processes, which will return all the running processes. To return the process from the connected device over USB, add -U option. 

$ frida-ps -D 192.168.59.101:5555

This command is used to connect Frida to the specific device listed from frida-ls-devices

$ frida-ps -Uai

This will list the installed applications in the device.

$ frida-ps -Ua

This will list all the running applications in the device.

Loading scripts:

# frida -U -f owasp.mstg.uncrackable1 -l disableroot.js

Using these commands, we can load external scripts (javascript) into the application by adding -l options with Javascript file. Option -f is for finding the application, and then to hook it.

Conclusion:

Best things about Frida tool are, it’s free and open source, and supports multi platforms such as Windows, Linux, and macOS. Frida supports scripting which means, we can inject our own scripts and hook any functions, even an API without application source code. Based on Frida, in GitHub, there are so many tools available with different features. They’re truly awesome. Try them out now!

How Briskinfosec helps you?

Briskinfosec has a well experienced team of security engineers whom are highly skilled in providing top notch security assessments for various security sectors like Network, Mobile, Web, Database, Wireless, Docker, and much more. Frida is used for mobile applications and with regards to mobile security testing, we use our also our own framework, MAST-NCDRC (Mobile Application Security Testing- National Cyber Defence and Research Centre). It was officially released by NCDRC. This catapults us to a place, much ahead of other security firms.

Curious to read our case study?

Our stakeholders, one of the globally leading telecommunication organization, asked us to conduct an effective security assessment on their mobile applications. We performed an intense security assessment on all mobile apps using tools like Frida, sorted out the furtively taunting vulnerabilities, and strengthened their security defences to the best. Check out our case study to know the way we won the battle against cyber threats.

Last but not the least:

We do agree that, it’s a tedious task to search one by one about all the dangerous and recent cyberattacks that have happened globally. But, we have a question?

Why must you waste so much of time in this process, despite the providence of Threatsploit Adversary report by Briskinfosec. It’s a report that contains the globally happened cyberattacks, the impacts that organisations faced, the assets they’ve lost, and much more. What else you’re waiting for? Just a single click on our report, you’ll get all your needs.

You may be interested on:


Image

Dinesh Dinz

Security Engineer

He is an enthusiastic and passionate information security professional and expertise in Application Security (Mobile & Web) and Network Security. Co-Author of MAST framework released by NCDRC. Holding Hall-of-Fame in different Companies for finding security vulnerabilities. Active Bug Hunter on different bounty Platforms.

Add Your Comments

Name*
Email*
Your Comments*