User Tools

Site Tools


android:fridump

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
android:fridump [2019/04/29 14:31] percyandroid:fridump [2019/05/06 17:54] (current) – [Install android server] percy
Line 3: Line 3:
   * https://github.com/Nightbringer21/fridump   * https://github.com/Nightbringer21/fridump
   * https://www.frida.re/docs/android/   * https://www.frida.re/docs/android/
 +  * http://pentestcorner.com/introduction-to-fridump/
  
 ====== Install ====== ====== Install ======
Line 17: Line 18:
  
 Find the frida server android Find the frida server android
-  * https://github.com/frida/frida/releases/download/12.4.8/frida-server-12.4.8-android-x86.xz+  * https://github.com/frida/frida/releases/download/12.4.8/frida-server-12.4.8-android-x86_64.xz
  
 ==== Start android server ==== ==== Start android server ====
 +  adb root
   adb push frida-server-12.4.8-android-x86_64 /data/local/frida-server   adb push frida-server-12.4.8-android-x86_64 /data/local/frida-server
   adb shell chmod +x /data/local/frida-server   adb shell chmod +x /data/local/frida-server
   adb shell /data/local/frida-server   adb shell /data/local/frida-server
 +Or just one put it one line: 
 +  adb root && adb push frida-server-12.4.8-android-x86_64 /data/local/frida-server && adb shell chmod +x /data/local/frida-server && adb shell /data/local/frida-server
 ==== Start dump ==== ==== Start dump ====
 Then you can use the script to dump the App you want Then you can use the script to dump the App you want
-  python fridump.py -U -s com.xxxx.android+  python fridump.py --max-size 2097152 -U -s com.xxxx.android 
 + 
 +Then it will generate the "dump/", and you can check dump/strings.txt 
 +  grep "string2find" dump/* 
 + 
 +Also the memory dump files are binary, you can convert to hex by `xxd` 
 +  xxd dump/0x12c00000_dump.data >xxd.hex 
 +==== frida commands ==== 
 +  frida-ps -U 
 +  frida-trace -U -i "open*" com.xxx.android 
 +   
 +==== frida scripts ==== 
 +  * https://github.com/0xdea/frida-scripts 
 + 
 +Update raptor_frida_android_trace.js, and then run 
 + 
 +  frida -l raptor_frida_android_trace.js -U -f com.xxxx.android --no-pause
/var/www/dokuwiki/wiki/data/attic/android/fridump.1556519504.txt.gz · Last modified: 2019/04/29 14:31 by percy