Automated Frida Gadget injection tool
Project description
frida-gadget is a tool that can be used to patch APKs in order to utilize the Frida Gadget.
This tool automates the process of downloading the Frida gadget library and injecting the loadlibrary code into the main activity.
Installation
pip install frida-gadget --upgrade
Prerequirement
You should install Apktool and add it to your PATH environment variable.
# Install Apktool on macOS
brew install apktool
# Add Apktool to your PATH environment variable
export PATH=$PATH:$HOME/.brew/bin
For other operating systems, you can refer to the Install Guide.
Docker
The -v flag is used to mount the current directory to the /workspace/mount directory in the container.
The APK file should be located in the current directory ($PWD), or you can replace $PWD with the path to the directory where the APK file is stored.
Ensure to specify the correct path to the your.apk file after mount/ in the command.
docker run -v $PWD/:/workspace/mount ksg97031/frida-gadget mount/your.apk
Usage
$ frida-gadget --help
Usage: cli.py [OPTIONS] APK_PATH
Patch an APK with the Frida gadget library
Options:
--arch TEXT Target architecture of the device.
--use-aapt2 Use aapt2 instead of aapt.
--no-res Do not decode resources.
--skip-decompile Skip decompilation if desired.
--skip-recompile Skip recompilation if desired.
--version Show version and exit.
--help Show this message and exit.
How do I begin?
Simply provide the APK file.
$ frida-gadget handtrackinggpu.apk --arch arm64
[INFO] Auto-detected frida version: 16.1.3
[INFO] APK: '[REDACTED]\demo-apk\handtrackinggpu.apk'
[INFO] Gadget Architecture(--arch): arm64(default)
[DEBUG] Decompiling the target APK using apktool
[DEBUG] Downloading the frida gadget library for arm64
[DEBUG] Checking internet permission and extractNativeLibs settings
[DEBUG] Adding 'android.permission.INTERNET' permission to AndroidManifest.xml
[DEBUG] Searching for the main activity in the smali files
[DEBUG] Found the main activity at '[REDACTED]\frida-gadget\tests\demo-apk\handtrackinggpu\smali\com\google\mediapipe\apps\handtrackinggpu\MainActivity.smali'
[DEBUG] Locating the onCreate method and injecting the loadLibrary code
[DEBUG] Recompiling the new APK using apktool
...
I: Building apk file...
I: Copying unknown files/dir...
I: Built apk into: [REDACTED]\demo-apk\handtrackinggpu\dist\handtrackinggpu.apk
[INFO] Success
$ unzip -l [REDACTED]\demo-apk\handtrackinggpu\dist\handtrackinggpu.apk | grep libfrida-gadget
21133848 09-15-2021 02:28 lib/arm64-v8a/libfrida-gadget-16.1.3-android-arm64.so
How to Identify?
Observe the main activity; the injected loadLibrary code will be visible.
Helpful Hint
Quickly re-sign your application with the uber-apk-signer.
Contributing
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
frida_gadget-1.3.6.tar.gz
(10.4 kB
view hashes)
Built Distribution
Close
Hashes for frida_gadget-1.3.6-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 68079a6d3cdd955944e0518aa972a544d36700a2836441732cd7f7ebd84aa7c4 |
|
MD5 | 4d27b0151b92169980548ef72e497862 |
|
BLAKE2b-256 | eb72ae2fb0d897f7a01266bd9f8bdd27461f656406f9fd5ff90c9ffa291cc0ed |