Giter Club home page Giter Club logo

zygiskfrida's Introduction

ZygiskFrida

Frida is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers

Zygisk part of Magisk allows you to run code in every Android application's Process.

Introduction

ZygiskFrida is a zygisk module allowing you to inject frida gadget in Android applications in a more stealthy way.

  • The gadget is not embedded into the APK itself. So APK Integrity/Signature checks will still pass.
  • The process is not being ptraced like it is with frida-server. Avoiding ptrace based detection.
  • Control about the injection time of the gadget.
  • Allows you to load multiple arbitrary libraries into the process.

This repo also provides a Riru flavor in case you are still using riru with an older magisk version rather than zygisk.

How to use the module

Quick start

  • Download the latest release from the Release Page
    If you are using riru instead of zygisk choose the riru-release. Otherwise choose the normal version.
  • Transfer the ZygiskFrida zip file to your device and install it via Magisk.
  • Reboot after install
  • Create the config file and adjust the package name to your target app (replace your.target.application in the commands)
adb shell 'su -c cp /data/local/tmp/re.zyg.fri/config.json.example /data/local/tmp/re.zyg.fri/config.json'
adb shell 'su -c sed -i s/com.example.package/your.target.application/ /data/local/tmp/re.zyg.fri/config.json'
  • Launch your app. It will pause at startup allowing you to attach f.e. frida -U -N your.target.application or frida -U -n Gadget

This assumes that you don't have any other frida server running (f.e. by using MagiskFrida). You can still run it together with frida-server but you would have to configure the gadget to use a different port.

Configuration

This module also supports adding a start up delay that can delay injection of the gadget to avoid checks run at startup time, loading arbitrary libraries and child gating.

Please take a look at the configuration guide for this.

How to build

  • Checkout the project
  • Run ./gradlew :module:assembleRelease
  • The build magisk module should then be in the out directory.

You can also build and install the module to your device directly with ./gradlew :module:flashAndRebootZygiskRelease

Caveats

  • For emulators this will start the gadget in native realm. This means that you will be able to hook Java but not native functions.

Credits

zygiskfrida's People

Contributors

lico-n avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.