1. Home
  2. kushjasrapuria
  3. Anti Frida Bypass

Anti Frida Bypass

by
4 views 72cab3c1...

Description

Bypass frida detection

How to Use

Download the script and run it with Frida CLI:

Download Script

Then run with Frida:

frida -U -f YOUR_PACKAGE_NAME -l anti-frida-bypass.js

Replace YOUR_PACKAGE_NAME with the target app's package name.

Source Code

JavaScript 
// Github: https://github.com/kushjasrapuria

var fgetsPtr = Module.findExportByName("libc.so", "fgets");
var fgets = new NativeFunction(fgetsPtr, 'pointer', ['pointer', 'int', 'pointer']);

Interceptor.replace(fgetsPtr, new NativeCallback(function (buffer, size, fp) {        
  var retval = fgets(buffer, size, fp);
  var bufstr = Memory.readUtf8String(buffer);
  if (bufstr.indexOf("frida") > -1) {
    Memory.writeUtf8String(buffer, "ByeByeFrida:\t0");
  }
  if (bufstr.indexOf("xposed") > -1) {
    Memory.writeUtf8String(buffer, "ByeByeXposed:\t0");
  }
  return retval;
}, 'pointer', ['pointer', 'int', 'pointer']));
Share this script:
Twitter LinkedIn

Comments

Login or Sign up to leave a comment.
Loading comments...