Debug any Android app using Frida
What will you do when examining a published Android app from the Playstore. Yes, you can obtain their APK and just decompile/reverse it to get the source code. But sometimes you may be too lazy to read the code, especially in cases where they are heavily obfuscated.
Do you remember what those cool-geeky-hackerz-leets said when static analysis did not work anymore? Do dynamic analysis!
We can use Frida to help us doing this dynamic analysis. Let's see this code:
1
Java.perform(function() {
2
const targetClass = Java.use('com.example.TargetClass');
3
targetClass.targetMethod.implementation = function() {
4
const argumentsJson = JSON.stringify(arguments, null, 2);
5
const returnValue = targetClass.targetMethod.apply(this, arguments);
6
7
console.log('TARGETED_METHOD_CALLED');
8
console.log('ARGUMENTS:', argumentsJson);
9
console.log('RETURN_VALUE:', returnValue);
10
11
return returnValue;
12
}
13
});
Copied!
Well, actually the above script is more about outputting the calling method's arguments values and the resulting return value.
Last modified 5mo ago
Copy link