![]() ![]() It is also able to set a process-wide exception handler. But is also able to provide information about loaded modules, their addresses and enumerating memory ranges. The Process module provides information from the instrumented process, this covers obtaining the architecture, pointer sizes, code signing policies, thread IDs. The Thread module provides functionality to operate with threads, sleeping them and obtaining backtraces. Here the ones I consider the most important: There are however, exceptions to this rule such as the Java module which is only available in Android and the ObjC module that is only available as long as there is an Objective-C runtime present. These features are mostly cross-platform and thus work in almost every environment. The Frida Javascript API has several modules that provide functionality to the users. The reasoning behind this is that it saves time(and space in the book) and scripts are easily usable/debuggable in Frida's command-line with no extra steps(transpiling the project into JavaScript). Throughout the book, the examples are written in JavaScript for the most part. On the contrary, for bigger and more complex instrumentation scripts TypeScript is greatly recommended. In essence, the TypeScript agent requires being transpiled to compatible JavaScript first.Īs a general rule of thumb, if you are writing a simple and quick script you can stick with JavaScript for most of it. Loading external modules like the ones mentioned above is a feature exclusive to TypeScript development.Īlthough this process is seen in detail in Section 5.10, here is a small diagram displaying the main difference between developing an agent in TypeScript versus JavaScript: It is also possible to use modules developed by other users like frida-panic (provides easy crash-reporting functions) and swift-frida (provides interop with Swift's data types). However, the latter will not prevent any runtime error that ends up wrongly manipulating an instrumented process. The main reasoning behind writing instrumentation tools using TypeScript would be the assistance of code auto-completion as well as modularity and compile-time errors. JavaScript vs TypeScript ¶įrida supports writing instrumentation code in JavaScript(JS) and TypeScript(TS) and while the usage of TypeScript is encouraged, everything can be written using JS. Whenever Frida (in capital letters) is mentioned the text refers to the toolkit as a whole.įrida development can be done using JavaScript or TypeScript although the later is transpiled into compatible JavaScript, in the next section the differences between both are shown. Important: From now on, whenever frida is mentioned it refers to Frida's CLI. For more information on the frida-tools package refer to Section 5.2. The frida package includes the libraries that can be used from Python and the frida-tools package include the prebuilt command line tools of Frida. Injecting our scripts using Frida's command line Hexdump: getting a picture from a memory region Practical use case: Reading a WinAPI UTF16 string parameter Dealing with strings: Reading and allocation ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |