User Tools

Site Tools


android:fridump

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
android:fridump [2019/04/29 14:14] percyandroid:fridump [2019/05/06 17:54] (current) – [Install android server] percy
Line 3: Line 3:
   * https://github.com/Nightbringer21/fridump   * https://github.com/Nightbringer21/fridump
   * https://www.frida.re/docs/android/   * https://www.frida.re/docs/android/
 +  * http://pentestcorner.com/introduction-to-fridump/
  
 +====== Install ======
  
-===== Download android =====+  pip install frida 
 +  pip install frida-tools 
 +  git clone https://github.com/Nightbringer21/fridump.git     
 +  python fridump.py -h 
 + 
 + 
 +===== Install android server =====
 Download Android server Download Android server
   * https://github.com/frida/frida/releases   * https://github.com/frida/frida/releases
 +
 +Find the frida server android
 +  * https://github.com/frida/frida/releases/download/12.4.8/frida-server-12.4.8-android-x86_64.xz
  
 ==== Start android server ==== ==== Start android server ====
 +  adb root
   adb push frida-server-12.4.8-android-x86_64 /data/local/frida-server   adb push frida-server-12.4.8-android-x86_64 /data/local/frida-server
   adb shell chmod +x /data/local/frida-server   adb shell chmod +x /data/local/frida-server
   adb shell /data/local/frida-server   adb shell /data/local/frida-server
 +Or just one put it one line:
 +  adb root && adb push frida-server-12.4.8-android-x86_64 /data/local/frida-server && adb shell chmod +x /data/local/frida-server && adb shell /data/local/frida-server
 +==== Start dump ====
 +Then you can use the script to dump the App you want
 +  python fridump.py --max-size 2097152 -U -s com.xxxx.android
 +
 +Then it will generate the "dump/", and you can check dump/strings.txt
 +  grep "string2find" dump/*
 +
 +Also the memory dump files are binary, you can convert to hex by `xxd`
 +  xxd dump/0x12c00000_dump.data >xxd.hex
 +==== frida commands ====
 +  frida-ps -U
 +  frida-trace -U -i "open*" com.xxx.android
 +  
 +==== frida scripts ====
 +  * https://github.com/0xdea/frida-scripts
 +
 +Update raptor_frida_android_trace.js, and then run
  
 +  frida -l raptor_frida_android_trace.js -U -f com.xxxx.android --no-pause
/var/www/dokuwiki/wiki/data/attic/android/fridump.1556518489.txt.gz · Last modified: 2019/04/29 14:14 by percy