Ideas on how to hook Android local strategies with Frida (Noob helpful)

In an earlier blog post we got an example Android application and now we thought that we want to replace element of it with an execution in C/C++. On this page we will incorporate that application and we’ll just be sure to connect the Jniint function we produced within the C signal.

This tutorial is noob friendly and its particular purpose should expose folks in hooking techniques with Frida and more specifically indigenous techniques. We will found the complete processes from having simply the apk and move forward detail by detail. If you’d like to grab the apk associated with application made in all of our earlier post kindly make use of this website link. We now have Java strategies and C features to deal with contained in this tutorial, i will make use of the words interchangeably as they generally imply a similar thing!

The first step would be to research in the event that apk has any discussed libraries which are becoming packed. A simple way to validate that is by simply extracting the belongings in the apk. Don’t ignore that apk is a wrapper your genuine program and so you’re able to draw out the items like unzipping a zipped document. Pick your favorite unzipping program and unzip the apk.

Inside lib service we see the compiled variations associated with the library regarding the different architectures. Allows usually the one suitable all of our device, within my situation x86 and step inside. We have to assess this shared item to see the functions it provides. We can effortlessly do that aided by the following command nm –demangle –dynamic libnative-lib.so . The outcome include revealed below:

Initial things to have all of our attention could be the current of the two performance, namely Java_com_erev0s_jniapp_MainActivity_Jniint together with Jniint . In case you would want to understand story of why there are two features there you should check this area within our earlier blog post. All of our intent will be to alter the flow of performance of this apk in an effort the Jniint is coming back a value identified by us.

1. We connect on the Java layer, and thus we intercept the Java phone calls towards the JNI and therefore we really do not must deal anyway with all the C laws.
2. We jump to your utilization of the Jniint in C and now we render our variations there.

Normally it is better to do the very first, but there are times where the second can prove to be helpful. Everything is dependent upon exactly what the application is doing and what you’re wanting to attain. We intend to discover both practices and comment on the strategies.

Starting our very own assessment atmosphere

For reason for this tutorial and in my basic protection tests in Android os I like to utilize Genymotion. It’s a super wonderful emulator, very light-weight and you can furthermore incorporate they inside Android os Studio. The main thing inside the device/emulator you are likely to pick as your examination planet will be need root accessibility. Well it is really not required to own underlying to be able to perform the hooking(there is certainly an alternative) but it’s the way we are going to heed on this page. If you use Genymotion you are likely to posses root access for the emulator be standard.

Installing Frida on your desktop

This task is actually super simple and easy they best need having Python set up and run two directions. The foremost is pip install frida-tools that will download the fundamental tooling we are going to make use of therefore the second is actually pip install frida which installs the python bindings which you may see helpful on your trip with Frida.