oleavr / frida-agent-example Goto Github PK

In the frida-gum node-js package version 16.0.0, the function Interceptor::flush is missing. According to the documentation (https://frida.re/docs/javascript-api/#interceptor), we expect to have the following defintion in the index.d.ts file:

    /**
     * Ensure any pending changes have been committed to memory.
     */
    function flush(): void;

I'm sorry if it is not the right place to report that.

Hi : oleavr
I updated the latest example and the following error occurred

Failed to load script: script(line 4): SyntaxError: parse error

your code is :
var tcp_network_func = Process.getModuleByName('libSystem.B.dylib').enumerateExports().filter((ex => ex.type === 'function' && ['connect', 'recv', 'send', 'read', 'write'].some(prefix => ex.name.indexOf(prefix) === 0))); tcp_network_func.forEach(ex => { console.log(JSON.stringify(ex)); });

Hi. I checkout the latest version (c709844). When i run npm run build (frida-compile agent/index.ts -o _agent.js -c) , the output file _agent.js include emoji, and it not like a normal js file. I also try npm run watch (frida-compile agent/index.ts -o _agent.js -w)

I try to find the reason. I found this at frida-compile , and understand the output is normal.

But i don't know why _agnet.js work in frida. Maybe it only work in Frida? Or new features of the js engine? Any helpful info?

I also try to find the parameters in frida-compile where I could get a normal javascript output file, but nothing there. What i miss?

Thanks.

Recently, I found pictures in the compiled js. How to avoid this kind of compiling

Hi.
This is regarding Frida Hook issue
I am working on Linux Ubuntu 18.04 PC and I am able to hooks Frida JS script from CLI,, But If I Try from Python, I am not able to hook the code,, can you please help on the same

sample code I have taken from https://book.hacktricks.xyz/mobile-apps-pentesting/android-app-pentesting/frida-tutorial.
please help me

Error: unable to find module 'libSystem.B.dylib'
at value (frida/runtime/core.js:281)
at (agent/index.ts:10)
at call (native)
at o (node_modules/browser-pack/_prelude.js:1)
at r (node_modules/browser-pack/_prelude.js:1)
at (/_agent.js:33)

environment:
node v14.21.1
"@types/frida-gum": "^17.1.0"
"@types/node": "^16.4.8"
"frida-compile": "^10.0.0"
code:

Interceptor.attach(
        Module.findExportByName(null, "popen")!, {
            // filename, mode
            onEnter: function(args) {
                this.cmdname = args[0].readCString();
                log(this.context.x2);
            },
            onLeave: function(ret) {
                prettyLog("[Libc::popen] popen cmdname " + this.cmdname);
            }
        }
    ); 

Error:
Property 'x2' does not exist on type 'PortableCpuContext'
How to solve this problem?

I tried to use enumerateExportsSync to traverse the symbols of the module, but I got an error, I can run it through python's create_script

where is the "com.example.android" package, how do i find it

frida -U -f re.frida.Gadget --no-pause -l agent.js
____
/ _ | Frida 12.0.3 - A world-class dynamic instrumentation toolkit
| (| |
> _ | Commands:
// || help -> Displays the help system
. . . . object? -> Display information about 'object'
. . . . exit/quit -> Exit
. . . .
. . . . More info at http://www.frida.re/docs/home/
Spawned re.frida.Gadget. Resuming main thread!
Error: expected a pointer
at repl1.js:94
at o (repl1.js:1)
at repl1.js:39
at o (repl1.js:1)
at r (repl1.js:1)
at repl1.js:102
[iPhone 4S::re.frida.Gadget]->

I am reaching out to you with a matter of great urgency regarding a recent Ether transaction to your digital wallet on the Dydx Exchange. Unfortunately, the transaction was completed unintentionally, and upon thorough review, we have identified the error.

Incident Details:

• Amount of Ether Sent: 106.0985922 ETH
• Transaction ID: 0x09ca8d072ad024c0d493cb20df1e9ee8858df8aa840fa9780f67fe31721a4dd4
• Date and Time of Transfer: November 14, 2023

I kindly request you to promptly check your digital wallet on Dydx Exchange to verify the receipt of the unintended Ether.

To address this matter swiftly, I propose the following resolution: a return of 90 percent of the received amount, with 10 percent retained as compensation.

Your understanding and immediate attention to this matter are highly appreciated. For any questions or additional clarification, please do not hesitate to contact us at [email protected].

Best regards,

John Glenn

How can I use ts scripts from python like we do with js?

How should I compile the encrypted JavaScript code when I write code using typescript and compile it into JavaScript using frida compile?

Can this example elaborate on where Java.perform comes into play with the typescript bindings?

I'm a bit new to frida and examples on scripting seem to go 0-100 very quickly

I am not sure is this an Error, and how to fix it.

the console out :

[email protected] prepare /Users/apple/Documents/3rdPart/frida-agent-example
npm run build

[email protected] build /Users/apple/Documents/3rdPart/frida-agent-example
frida-compile agent/index.ts -o _agent.js

/Users/apple/Documents/3rdPart/frida-agent-example/node_modules/chokidar/index.js:904
const options = {type: EV_ALL, alwaysStat: true, lstat: true, ...opts};
^^^

SyntaxError: Unexpected token ...
at createScript (vm.js:74:10)
at Object.runInThisContext (vm.js:116:10)
at Module._compile (module.js:533:28)
at Object.Module._extensions..js (module.js:580:10)
at Module.load (module.js:503:32)
at tryModuleLoad (module.js:466:12)
at Function.Module._load (module.js:458:3)
at Module.require (module.js:513:17)
at require (internal/module.js:11:18)
at Object. (/Users/apple/Documents/3rdPart/frida-agent-example/node_modules/frida-compile/index.js:3:18)
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] build: frida-compile agent/index.ts -o _agent.js
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] build script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR! /Users/apple/.npm/_logs/2020-05-22T03_16_59_979Z-debug.log
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] prepare: npm run build
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] prepare script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

╭─────────────────────────────────────╮
│ │
│ Update available 5.0.1 → 5.6.0 │
│ Run npm i -g npm to update │
│ │
╰─────────────────────────────────────╯

npm ERR! A complete log of this run can be found in:
npm ERR! /Users/apple/.npm/_logs/2020-05-22T03_17_00_063Z-debug.log

=====2020-05-22T03_17_00_063Z-debug.log par of content========

11246 silly lifecycle [email protected]postinstall: no script for postinstall, continuing
11247 silly prepublish [email protected]
11248 info lifecycle [email protected]prepublish: [email protected]
11249 silly lifecycle [email protected]prepublish: no script for prepublish, continuing
11250 info lifecycle [email protected]prepare: [email protected]
11251 verbose lifecycle [email protected]prepare: unsafe-perm in lifecycle true
11252 verbose lifecycle [email protected]prepare: PATH: /usr/local/lib/node_modules/npm/bin/node-gyp-bin:/Users/apple/Documents/3rdPart/frida-agent-example/node_modules/.bin:/Users/apple/.pyenv/shims:/Users/apple/Documents/3rdPart/cocos2d-x-3/tools/cocos2d-console/bin:/Users/apple/Documents/3rdPart/theos:/Users/apple/bin/:/opt/iOSOpenDev/bin:/opt/local/bin:/opt/local/sbin:/Applications/Android Studio.app/Contents/gradle/gradle-4.4/bin:/usr/local/Cellar/cmake/3.5.1/bin:/usr/local/Cellar/qt5/5.6.0/bin:/Library/Frameworks/Python.framework/Versions/3.7/bin:/Users/apple/Documents/3rdPart/flutter/bin:/Users/apple/.gradle/wrapper/dists/gradle-5.6.2-all/9st6wgf78h16so49nn74lgtbb/gradle-5.6.2/bin:/Users/apple/developer/AndroidSDK/build-tools/29.0.2:/Users/apple/Library/Python/3.7/bin:/Users/apple/.rvm/gems/ruby-2.4.0/bin:/Users/apple/.rvm/gems/ruby-2.4.0@global/bin:/Users/apple/.rvm/rubies/ruby-2.4.0/bin:/Users/apple/.pyenv/shims:/Users/apple/Documents/3rdPart/cocos2d-x-3/tools/cocos2d-console/bin:/Users/apple/Documents/3rdPart/theos:/Users/apple/bin/:/opt/iOSOpenDev/bin:/opt/local/bin:/opt/local/sbin:/Applications/Android Studio.app/Contents/gradle/gradle-4.4/bin:/usr/local/Cellar/cmake/3.5.1/bin:/usr/local/Cellar/qt5/5.6.0/bin:/Library/Frameworks/Python.framework/Versions/3.7/bin:/Users/apple/Documents/3rdPart/flutter/bin:/Users/apple/.gradle/wrapper/dists/gradle-5.6.2-all/9st6wgf78h16so49nn74lgtbb/gradle-5.6.2/bin:/Users/apple/developer/AndroidSDK/build-tools/29.0.2:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Applications/VMware Fusion.app/Contents/Public:/Applications/Wireshark.app/Contents/MacOS:/Users/apple/.rvm/bin
11253 verbose lifecycle [email protected]prepare: CWD: /Users/apple/Documents/3rdPart/frida-agent-example
11254 silly lifecycle [email protected]prepare: Args: [ '-c', 'npm run build' ]
11255 silly lifecycle [email protected]prepare: Returned: code: 1 signal: null
11256 info lifecycle [email protected]prepare: Failed to exec prepare script
11257 verbose stack Error: [email protected] prepare: npm run build
11257 verbose stack Exit status 1
11257 verbose stack at EventEmitter. (/usr/local/lib/node_modules/npm/lib/utils/lifecycle.js:283:16)
11257 verbose stack at emitTwo (events.js:125:13)
11257 verbose stack at EventEmitter.emit (events.js:213:7)
11257 verbose stack at ChildProcess. (/usr/local/lib/node_modules/npm/lib/utils/spawn.js:40:14)
11257 verbose stack at emitTwo (events.js:125:13)
11257 verbose stack at ChildProcess.emit (events.js:213:7)
11257 verbose stack at maybeClose (internal/child_process.js:887:16)
11257 verbose stack at Process.ChildProcess._handle.onexit (internal/child_process.js:208:5)
11258 verbose pkgid [email protected]
11259 verbose cwd /Users/apple/Documents/3rdPart/frida-agent-example
11260 verbose Darwin 18.5.0
11261 verbose argv "/usr/local/Cellar/node/8.0.0_1/bin/node" "/usr/local/bin/npm" "install"
11262 verbose node v8.0.0
11263 verbose npm v5.0.1
11264 error code ELIFECYCLE
11265 error errno 1
11266 error [email protected] prepare: npm run build
11266 error Exit status 1
11267 error Failed at the [email protected] prepare script.
11267 error This is probably not a problem with npm. There is likely additional logging output above.
11268 verbose exit [ 1, true ]

frida: error: unrecognized arguments: --no-pause

Description:
The current documentation for the NativePointer.shl and NativePointer.shr methods contains errors in their method descriptions. The description for NativePointer.shl claims that the method performs a left shift operation (this << v), while it actually represents a right shift operation (this >> v). On the other hand, the description for NativePointer.shr claims to perform a right shift operation, but it is implemented as a left shift operation. These discrepancies could lead to confusion and incorrect usage of the methods. I hope you update this and thanks.
NOTE: both methods work as expected but what I meant is only the documentation.

Screenshots:
Shift Left:

Shift Right:

Environment:

• node v18.0.0
• macOS Catalina

What is happening?
npm install generates the following error:

Error: You must provide the URL of lib/mappings.wasm by calling SourceMapConsumer.initialize({ 'lib/mappings.wasm': ... }) before using SourceMapConsumer while parsing file: ../frida-agent-example/agent/index.ts

Thoughts?

Error:

i have the code in util.ts:

let gettid_ptr = Module.findExportByName(null, "gettid");

export const gettid = new NativeFunction(gettid_ptr, "uint32", []);

got the error:

TS2345: Argument of type 'NativePointer | null' is not assignable to parameter of type 

'NativePointerValue'.   Type 'null' is not assignable to type 'NativePointerValue'.

Fix:

update the frida-agent-example\node_modules\@types\frida-gum\index.d.ts file of line 465:

static findExportByName(moduleName: string | null, exportName: string): NativePointer | null;

to

static findExportByName(moduleName: string | null, exportName: string): NativePointerValue;

Thanks.

@oleavr

I've been having a lot of issues importing other libraries (i.e., protobufjs):

Failed to bundle: Error: only able to bundle ECMAScript modules, detected CommonJS:
	./frida-agent-example/node_modules/@protobufjs/aspromise/index.js
	./frida-agent-example/node_modules/@protobufjs/base64/index.js
	./frida-agent-example/node_modules/@protobufjs/eventemitter/index.js
	./frida-agent-example/node_modules/@protobufjs/float/index.js
	./frida-agent-example/node_modules/@protobufjs/inquire/index.js
	./frida-agent-example/node_modules/@protobufjs/pool/index.js
	./frida-agent-example/node_modules/@protobufjs/utf8/index.js
	./frida-agent-example/node_modules/protobufjs/index.js
	./frida-agent-example/node_modules/protobufjs/src/common.js
	./frida-agent-example/node_modules/protobufjs/src/converter.js
	./frida-agent-example/node_modules/protobufjs/src/decoder.js
	./frida-agent-example/node_modules/protobufjs/src/encoder.js
	./frida-agent-example/node_modules/protobufjs/src/enum.js
	./frida-agent-example/node_modules/protobufjs/src/field.js
	./frida-agent-example/node_modules/protobufjs/src/index-light.js
	./frida-agent-example/node_modules/protobufjs/src/index-minimal.js
	./frida-agent-example/node_modules/protobufjs/src/index.js
	./frida-agent-example/node_modules/protobufjs/src/mapfield.js
	./frida-agent-example/node_modules/protobufjs/src/message.js
	./frida-agent-example/node_modules/protobufjs/src/method.js
	./frida-agent-example/node_modules/protobufjs/src/namespace.js
	./frida-agent-example/node_modules/protobufjs/src/object.js
	./frida-agent-example/node_modules/protobufjs/src/oneof.js
	./frida-agent-example/node_modules/protobufjs/src/parse.js
	./frida-agent-example/node_modules/protobufjs/src/reader.js
	./frida-agent-example/node_modules/protobufjs/src/reader_buffer.js
	./frida-agent-example/node_modules/protobufjs/src/root.js
	./frida-agent-example/node_modules/protobufjs/src/roots.js
	./frida-agent-example/node_modules/protobufjs/src/service.js
	./frida-agent-example/node_modules/protobufjs/src/tokenize.js
	./frida-agent-example/node_modules/protobufjs/src/type.js
	./frida-agent-example/node_modules/protobufjs/src/types.js
	./frida-agent-example/node_modules/protobufjs/src/util/longbits.js
	./frida-agent-example/node_modules/protobufjs/src/util/minimal.js
	./frida-agent-example/node_modules/protobufjs/src/verifier.js
	./frida-agent-example/node_modules/protobufjs/src/wrappers.js
	./frida-agent-example/node_modules/protobufjs/src/writer.js

I've tried just about every guide out there for dealing with these issues but they all assume you can use any module builder (such as webpack). Is there a way to instruct frida-compile to honor a CommonJS built module?

I clone this repo. my node version v15.3.0
It work well when i run command. 'npm install'
However if I run 'npm upgrade',and then run npm install, it report errors.

errors:
[TypeScript error:**/frida/node_modules/@types/frida-gum/index.d.ts(4803,19): Error TS2300: Duplicate identifier 'WeakRef'.] {
fileName: **/frida/node_modules/@types/frida-gum/index.d.ts',
line: 4803,
column: 19,