1. Home
  2. x90nopslide
  3. Anti Frida Bypass

Anti Frida Bypass

by
3 views a7cb31cb...

Description

Bypass frida detection

How to Use

Download the script and run it with Frida CLI:

Download Script

Then run with Frida:

frida -U -f YOUR_PACKAGE_NAME -l anti-frida-bypass.js

Replace YOUR_PACKAGE_NAME with the target app's package name.

Source Code

JavaScript 
// Github: https://github.com/kushjasrapuria

var fgetsPtr = Module.findExportByName("libc.so", "fgets");
var fgets = new NativeFunction(fgetsPtr, 'pointer', ['pointer', 'int', 'pointer']);

Interceptor.replace(fgetsPtr, new NativeCallback(function(buffer, size, fp) {
    var retval = fgets(buffer, size, fp);
    var bufstr = Memory.readUtf8String(buffer);
    if (bufstr.indexOf("frida") > -1) {
        Memory.writeUtf8String(buffer, "ByeByeFrida:\t0");
    }
    if (bufstr.indexOf("xposed") > -1) {
        Memory.writeUtf8String(buffer, "ByeByeXposed:\t0");
    }
    return retval;
}, 'pointer', ['pointer', 'int', 'pointer']));
Share this script:
Twitter LinkedIn

Comments

Login or Sign up to leave a comment.
Loading comments...