Mobile Security Tools-series:
Part 1: scrcpy
Part 2: Frida
What is Frida?
Frida is a free and open-source instrumentation toolkit that can be used to test and evaluate Android apps.
It can technically be used without rooting a phone, but to make things easier, you should have a rooted phone. Frida allows users to modify and inject code into running applications in order to analyze their behavior.
It can be used for tasks such as reverse engineering, debugging, and security testing.
There are many features, such as:
- modifying original binary images
- bypassing SSL pinning
- decrypting encrypted traffic
- analyzing applications
- runtime manipulation
Tutorial
Let's install and use Frida next. Note that you will need a rooted phone for this.
Prerequisites
You need a rooted Android phone to follow this tutorial. I used Magisk for that, but this tutorial won't go through the process of rooting your phone.
My setup:
A rooted Pixel 6a
Android 13
Ubuntu 22.04.3 LTS
Android Platform Tools downloaded
If you are new to adb, I recommend you first read what it is.
Install Frida
We will use pip, a package manager for Python packages, to install Frida. If you don't have pip, install it by running:
sudo apt install python3-pip
You can ensure the installation was successful by checking the version of pip:
pip --version
Install Frida using pip:
sudo pip install frida-tools
Check the version of Frida:
frida --version
Find processor version of your phone
To install the correct version of the Frida server on your phone, you need to know the processor version.
Plug your phone into your computer, navigate to the platform-tools folder, and open a device shell:
./adb shell
Run the following command to get the version:
getprop ro.product.cpu.abi
Download Frida server
Go to Frida Github and find the link to a Frida server that matches both the Frida version installed and the processor version of your phone.
So for example in my case, Frida version was 16.1.4
and the processor version was arm64-v8a
. So I chose frida-server-16.1.4-android-arm64.xz
from the list.
Open another tab in the terminal and download the chosen Frida server:
wget https://github.com/frida/frida/releases/download/[YOUR-VERSION]/frida-server-[YOUR-VERSION]-android-arm64.xz
Extract the downloaded package:
xz -d frida-server-[YOUR-VERSION]-android-arm64.xz
Lastly, push the extracted binary to the device. Navigate to the platform-tools folder and push the file to the /data/local/tmp
folder on your phone:
./adb push /path-to-file/frida-server-[YOUR-VERSION]-android-arm64 /data/local/tmp
If you don't know the path, you can use the pwd
command in the terminal to find the current folder's path.
Execute Frida server on the device
In the adb shell
tab on the terminal, switch to the root user on the device:
su
Navigate to the folder where you pushed the Frida server file:
cd /data/local/tmp
Give the file execute permission:
chmod +x frida-server-[YOUR-VERSION]-android-arm64
Run Frida server:
./frida-server-[YOUR-VERSION]-android-arm64 &
That's it!
This was a tutorial on how to set up Frida on your Android phone. Next time I will show you what you can use Frida for, but this was all for now!
You can also follow my Instagram @whatminjahacks if you are interested to see more about my days as a Cyber Security consultant and learn more about cyber security with me!